Encrypting files is and has always been an effective way to protect sensitive or confidential data. The earliest known use of encryption was found in hieroglyphs carved into the wall of a tomb in Egypt (ca. 1900 BC). Today, encryption is achieved by using complex mathematical algorithms to encrypt and decrypt information between two people, enabling them to communicate securely.

Assuming these algorithms are safe, the remaining challenge becomes informing the message recipient as to how to decipher the encrypted message. Previous generations tried several methods, such as sending a trusted envoy with a memorized secret key-cipher or carrier pigeons. However, none of these options were very secure.

The internet addressed the issue using an RSA and Diffie-Hellman key exchange by which the sender and recipient of a secret message can exchange data openly in public and derive a shared understanding of how to decrypt the message. Nearly all web-based communication is now based on such public key-exchange methods (TLS, https). What would happen to security on the internet if someone were able to break this encryption with ease?

In 1994, the American Mathematician Peter Shor invented an algorithm that is almost exponentially faster in factoring large numbers (the mechanism needed to crack both RSA and Diffie-Hellman) than all previously known broadly adopted algorithms.[1] Quantum computers slowly started to arrive in 2001 and an impressive number of improvements have been made since then. At present, quantum computers are not powerful enough to break Diffie-Hellman, but if in the future quantum computers will have sufficient scale to do so quickly, the whole encryption of the internet could be at stake.

Billions of dollars have already been spent by governments and private companies in the quest for quantum advantage by demonstrating that a programmable quantum device can solve a problem that no traditional computer can solve in a feasible amount of time.[2] While these investments have yet to yield the ability to crack these keys, it’s only a matter of time. Over time, backdoors in cryptographic implementations have been discovered. In addition, proponents of quantum computing reckon that quantum computing devices will be able to factor large integer numbers needed to crack asymmetric crypto in a few years from now. And then we’d need to find ways to inform the recipient of our messages about the updated decryption key – perhaps once again with pigeons.

Luckily, “The future is already here – it’s just not evenly distributed,” according to science fiction author, William Gibson. There are two ways to address the challenge that Quantum Computers pose to cryptography:

- Post-quantum cryptography
- Quantum cryptography

**What is Post-quantum Cryptography?**

Post-quantum cryptographic algorithms are mathematical problems that even quantum computers would find hard to crack, based on today’s knowledge. Post-quantum cryptographic algorithms rely on experts to imagine the computational capabilities of classical and quantum computers in, say, 30 years from now, and try to find mathematical problems that those cannot perform in a reasonable time.

Next, algorithms must be standardized so post-quantum cryptography can be applied everywhere. The difficulty of standardizing a suitable post-quantum algorithm is demonstrated by the fact that in 2016, the National Institute of Standards and Technology (NIST)[3] announced a call for proposals of algorithms that are believed to be quantum resilient with a deadline in November 2017. NIST planned to perform 3 to 5 years of analysis after which it planned to report the findings and prepare a draft of standards.^{1} Then in 2020, NIST announced plans to select among seven proposals and expects a few others to come later. In other words, new standard post-quantum algorithms will arrive many years after early quantum computers became available and quantum cryptography products are already in use. However post-quantum cryptography promises a continuation of the way the internet is securing traffic in a cheap and scalable manner.

**What is Quantum Cryptography?**

The second alternative uses physical problems to transfer information and started in 1984 with the invention of the BB84 Algorithm.[4] Quantum Key Distribution (QKD) belongs to the symmetric key-based private cryptography and its security relies on how to distribute the keys, rather than how to generate them. QKD has gained its importance due to theoretically confirmed unconditional security based on Heisenberg’s uncertainty principle in quantum mechanics. In 2004, the first bank transfer via quantum cryptography was performed and quantum cryptography devices have been commercially available for a few years now. Implementations can vary but in general, they work like this: a laser in the transmitter station produces a pair of entangled photons in a crystal. One of the two photons is sent via a dedicated fiber to the receiver, the other one remains at the transmitter station. Both the receiver and the transmitter then measure the properties of their particles. The measuring results are subsequently converted into a string of 0s and 1s – the cryptographic key. The sequence of the numbers 0 and 1 is, due to the laws of quantum physics, completely random but identical strings of random numbers are produced both in the transmitter and the receiver station.[5]

Now we have another tool with Quantum encryption based on quantum-mechanics that is information-theoretically secure and can be used to augment classical encryption. Since photons are entangled, quantum-mechanic rules apply. These rules stipulate that such photons cannot be copied and detecting the entanglement means destroying the photon. In other words, an eavesdropper would either destroy the message or let it pass and not know anything. The advantage of quantum encryption is that it is theoretically unconditionally secure. The not-so-nice, impractical consideration is that it is bound to photons and specialized devices which makes it expensive and difficult to scale.

In summary, we know that the current security architecture of the internet is under threat and the industry needs to address it. Two emerging technologies, quantum cryptography based on physics and post-quantum cryptography based on mathematics, complement each other and can offer a solution. By combining both approaches, a hybrid solution will likely become the new standard for highly secure networking.

*[1] https://arxiv.org/pdf/1804.00200.pdf*

*[2] https://www.armytimes.com/it-networks/2021/01/06/defense-department-must-assess-threats-posed-by-quantum-computers/*

*[4] C. H. Bennett and G. Brassard. “Quantum cryptography: Public key distribution and coin tossing”. In Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, volume 175, page 8. New York, 1984. researcher.watson.ibm.com/researcher/files/us-bennetc/BB84highest.pdf*

*[5] web.archive.org/web/2013030909543/http://www.secoqc.net/downloads/pressrelease/Banktransfer_english.pdf*