top of page
Writer's picturemansour ansari

Quantum Threat to RSA: Will the Unhackable Code Finally Meet Its Match?


Did you ever wonder what happens behind the scenes when you use your credit card? In this post, we look at RSA encryption, how it works, and why quantum computers may pose a threat in the near future.


The following process typically occurs when a credit card transaction takes place over the internet using RSA encryption:

  1. Key exchange: The sender and receiver agree on a common public key, typically by downloading the public key from a trusted source such as a certificate authority.

  2. Encryption: The sender uses the agreed-upon public key to encrypt the message. This typically involves converting the message into a number, raising the number to the power of the public encryption exponent, and computing the result modulo n, where n is the product of two large prime numbers and is part of the public key.

  3. Transmission: The encrypted message is transmitted over the internet to the receiver.

  4. Decryption: The receiver uses their private key, which is the private decryption exponent, to decrypt the message. This involves raising the encrypted message to the power of the private decryption exponent and computing the result modulo n.

  5. Verification: The receiver verifies the authenticity of the message using a digital signature or message authentication code.

This process ensures that the message is secure while in transit over the internet, as it is protected by the encryption. Only the receiver, who holds the private key, can decrypt the message, and the message cannot be altered in transit without being detected. This makes RSA encryption a popular choice for secure internet transactions such as online banking, e-commerce, and secure email communications.



What is RSA encryption?


RSA encryption was developed by Ron Rivest, Adi Shamir, and Leonard Adleman, all of whom were researchers at the Massachusetts Institute of Technology (MIT). It was first published in 1977 and remains one of the most widely-used public-key encryption algorithms. The researchers named the algorithm after the first letters of their last names, creating the acronym RSA.


RSA encryption is a widely-used public key cryptography system. It is based on the mathematical properties of large prime numbers and the fact that finding the prime factors of a large composite number is computationally difficult.

In RSA encryption, the sender generates two large prime numbers, called p and q, and computes their product n = pq. The sender also selects a public encryption exponent, usually 65537, and computes a private decryption exponent using the Euclidean algorithm. I have explained the Euclidean algorithm at the bottom of the post.


The sender then publishes the public key, which consists of n and the encryption exponent.

To encrypt a message, the sender first converts the message into a number using a reversible encoding scheme such as a binary or hexadecimal representation. The sender then raises the message to the power of the encryption exponent, modulo n. The result is the encrypted message, also known as the ciphertext.

To decrypt the message, the recipient raises the ciphertext to the power of the private decryption exponent, modulo n. The result is the original message, but only if the recipient knows the private decryption exponent.

Breaking RSA encryption involves finding the prime factors of n, which is computationally difficult for large values of n. In practice, RSA encryption keys are typically 1024 bits or longer, and even the largest and fastest computers would take an infeasible amount of time to break the encryption by brute force. This is why RSA encryption is considered secure for many applications. There is, however, one clear threat to RSA, and that is quantum computing.



Have you ever wondered how many qubits it takes to break the RSA encryption?


In order to break the code and threaten the financial market, the bad guy needs a quantum computer equipped with a high number of perfect qubits and that is not possible today. 100 is the most count I have found. Even if there is a high-count perfect qubit system out there, we may not know about it, but hiding it is not easy. But, the exact number of qubits required to break the RSA encryption system is not currently known, as this will depend on various factors such as the specific implementation of RSA being used and the capabilities of the quantum computer being used to break it. However, it is widely believed that a quantum computer with a large number of high-quality qubits will be able to break RSA encryption more efficiently than classical computers.



Estimates suggest that a quantum computer with around 2,000 qubits could be powerful enough to break RSA encryption, but this is based on current understanding of quantum computing and could change as the field continues to evolve and new advancements are made.

It's important to note that the development of a quantum computer with this level of power is still a long way off, and significant technical and engineering challenges must be overcome to make it a reality. However, the threat of quantum computers breaking RSA encryption is seen as a significant risk, and efforts are underway to develop new, quantum-resistant encryption methods to ensure the security of data in the future.


So what is Quantum resistant encryption?


In addition to RSA and Elliptic Curve Cryptography (ECC), which are widely used for internet transactions and other forms of digital communication, quantum computers have the potential to break many of the encryption systems currently in use. However, researchers are actively working to develop new encryption methods that are quantum-resistant, meaning they cannot be broken by quantum computers.


One possible solution is to use post-quantum cryptography, which involves using encryption methods that are believed to be secure against quantum computers.


These methods are based on mathematical problems that are believed to be hard for quantum computers to solve, such as the learning with errors (LWE) problem and the shortest vector problem (SVP).


While there is currently no guarantee that these methods will be completely secure against future quantum computers, they offer a promising path towards developing encryption systems that can resist quantum attacks. It's important to note, however, that the development of such systems is an ongoing process, and it will be important to continue to evaluate and improve these methods as quantum computing continues to evolve and new advancements are made.


So, who is working on building quantum-proof next generation encryption?


This year in 2023, I'm not sure who is doing what. The data on the internet is vague, but several companies and research groups are working on quantum-proof encryption systems as of early 2022, including:

  1. Google: Google is researching ways to develop quantum-resistant algorithms and has published several papers on the subject.

  2. Microsoft: Microsoft is actively exploring the field of quantum-resistant cryptography and is developing new algorithms to protect data in a quantum world.

  3. Post-Quantum Cryptography Standardization (PQCrypto): A group of academic and industry researchers who are working to standardize post-quantum cryptography and develop new quantum-resistant encryption methods.

  4. IQM: A Finnish company that specializes in developing quantum-resistant cryptography solutions for the commercial market.

  5. ISARA Corporation: A Canadian company that provides quantum-safe security solutions for the Internet of Things (IoT) and other connected devices.

  6. PQShield: A UK-based company that provides quantum-safe cryptography solutions for the commercial and government sectors.

These are just a few of the many organizations working on quantum-proof encryption systems. The field is rapidly evolving, and many more companies and research groups are likely to become involved in the near future.


 

The Euclidean algorithm is a method for finding the greatest common divisor (GCD) of two numbers. It is based on the principle that the GCD of two numbers is the same as the GCD of the smaller number and the remainder of the division of the larger number by the smaller number. The algorithm repeatedly divides the larger number by the smaller number and replaces the larger number with the remainder, until the remainder is zero. At this point, the smaller number is the GCD of the two original numbers. The Euclidean algorithm is simple, efficient, and widely used in many branches of mathematics and computer science.


The Shortest Vector Problem (SVP) is a mathematical problem that is believed to be hard for quantum computers to solve. It is a type of lattice problem, where the goal is to find the shortest non-zero vector in a high-dimensional lattice. SVP is important in cryptography because it forms the basis of several post-quantum cryptographic systems, such as Lattice-based cryptography.

The Learning with Errors (LWE) problem is another mathematical problem that is believed to be hard for quantum computers to solve. In LWE, a secret key is used to generate a set of random "noisy" linear equations, and the goal is to reconstruct the secret key from these equations. LWE is used in a variety of post-quantum cryptographic systems, including encrypted search and fully homomorphic encryption.

Both SVP and LWE are important in post-quantum cryptography because they are believed to be resistant to quantum attacks. This means that, even if quantum computers become more powerful in the future, these problems may still be difficult for them to solve. By building cryptographic systems based on these problems, it may be possible to develop encryption methods that can resist quantum attacks and keep communication secure. However, it's important to note that the field of quantum computing is rapidly evolving, and it's possible that new quantum algorithms or hardware advances may eventually make these problems solvable. As a result, ongoing research and development will be important to ensure the continued security of post-quantum cryptographic systems.


The Shortest Vector Problem (SVP) and the Learning with Errors (LWE) problem were both independently discovered by different groups of researchers in the field of cryptography and mathematics.

SVP has a long history and has been studied in the context of lattice problems for many years. The problem was first formalized as a mathematical problem in the 1980s and 1990s, and since then, numerous researchers have worked on developing algorithms and solutions for SVP.

Similarly, the LWE problem was independently discovered by multiple researchers in the field of cryptography and mathematics. The first published paper on the problem appeared in 2005, and since then, numerous researchers have worked on developing cryptographic systems based on the LWE problem, as well as on improving the security and efficiency of these systems.

It's important to note that both SVP and LWE are active areas of research, and ongoing work is being done to further our understanding of these problems and to improve their use in cryptography.


Image Credits: https://lexica.art/

What is the process for creating these images?

Describe your image on Lexica.art in a few words and the AI will build and render it for you. It's that simple!

As an example, I asked AI to build my image with 2000 atoms.


11 views

Comments


bottom of page