![\"quantum2_title_EN\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2013\/10\/05102019\/quantum2_title_EN.jpg\")
<\/a><\/p>\nWe live in a world of radio waves and electromagnetic signals: Wi-Fi, GSM, satellite TV and GPS, FM-tuner and speed camera are just some examples of electromagnetic wave usage in our daily lives. Of course, computers are an integral part of this ecosystem, be it a mainframe, laptop or a smartphone. A very important feature of electromagnetic signals is measurability. It\u2019s quite easy to read all the parameters of a signal without introducing changes to it, and this is the exact reason why almost every aforementioned technology today is equipped with encryption<\/a>, which protect transmitted information from being read or altered by a third party. Typically, communicating parties don\u2019t have another channel to talk, and cryptosystem developers brilliantly solved a very complicated problem \u2013 how to negotiate a secret encryption key when all communication might be observed by others. The solution to this problem is the foundation for all modern protection systems, and quantum computers might break it. Will quantum cryptography become a next-generation security solution? Let\u2019s find out.<\/p>\n \u00a0<\/p>\n The tagline<\/b><\/p>\n The names \u201cQuantum computing\u201d and \u201cQuantum cryptography\u201d are accurate. These systems are based on quantum effects like superposition and entanglement of micro-particles.<\/p>\n The primary difference between ordinary and quantum computers is a data unit. While an ordinary computer uses bits and bytes, which are strictly 0 or 1, a quantum computer uses qubits (quantum bits), which are able to be in several states simultaneously. It sounds confusing, and it\u2019s even more confusing to implement, but years of research clearly show that it works. A quantum computer is wildly different from an ordinary one and it\u2019s barely possible to use it for Tetris, but it performs much better in probability-related or optimization-related task solving.<\/p>\n The list of tasks, which might be dramatically sped up using quantum computing, is quite long: logistic optimizations, DNA sequencing, stock market predictions and cryptographic keys brute-forcing. It is worth mentioning that everything in the quantum world is complicated and it takes much effort to read an \u201canswer\u201d given by a quantum computer. However, each task runs several times, and it doesn\u2019t take too long. Therefore, it\u2019s possible to obtain a final answer (read: encryption key) by comparing results of these runs.<\/p>\n \u00a0<\/p>\n All quanta are in the white box on the right<\/p>\n Deep<\/i><\/b> <\/i><\/b>dive<\/i><\/b>:<\/i><\/b> <\/i>Modern systems in the core of SSL, HTTPS, <\/i>VPN<\/i><\/a>, etc., are typically encrypted data using a secret key and symmetric algorithm. It\u2019s the same on the sender and receiver sides (hence symmetric), which negotiate a secret key in the beginning of the session using another, asymmetric cryptosystem. Asymmetric algorithm is used just for secret key negotiation because it\u2019s computational-heavy. Security of asymmetrical cryptosystem is based on solving the complexity of some mathematical problem. e.g. integer factorization of very large numbers (RSA algorithm). It takes noticeable time just to multiply or divide such large numbers, to say nothing about trying multiple numbers in order. So the cryptosystem setup assumes that a spy can<\/b> eavesdrop on the connection, but it will take an unreasonable amount of time (from dozens to millions of years depending of key length) to calculate a secret key and decrypt the connection. It turns out that quantum computers might help here. Using Shor\u2019s algorithm, a quantum computer comes to a final state corresponding to solved mathematical problems very quickly, almost as fast, as an ordinary computer multiplying a couple of numbers. Despite some extra issues, like the necessity to run this task several times and complicated results reading with the help of classical computers, a quantum computer might find the required large numbers very quickly, helping an attacker calculate the secret key and decrypting the message.<\/i><\/p>\n By the way, good symmetric algorithms, e.g. AES, don\u2019t have flaws allowing that kind of dramatic bruteforcing speedup. By existing estimates, bruteforcing 256-bit AES key on quantum computer is equal to bruteforcing 128-bit AES on a classic computer, so security levels remain very high.<\/i><\/p>\n \u00a0<\/p>\n Where the shoe pinches<\/b><\/p>\n Quantum computers don\u2019t reside on the desktop of every other teenage hacker wishing to eavesdrop on his classmates\u2019 Facebook sessions for good reason. Creation of a full-scale quantum computer involves many engineering challenges that some specialists consider to be impossible to accomplish. The main challenge is making sure qubits are entangled, because each quantum system tends to collapse into a classical state, lacking valuable undetermined properties. We can\u2019t avoid mentioning the long-suffering Schr\u00f6dinger\u2019s cat<\/a> here, which eventually can\u2019t stay both dead and alive simultaneously \u2013 a quantum computer, however, must maintain this miraculous state for a long enough time to perform calculation and measure results. Modern prototypes can keep this state for milliseconds, and in some cases, a couple of seconds. The task becomes more and more complicated when the qubit count rises too. To break cryptosystems, computers must have 500-2000 qubits (depending on the algorithm and key length), but existing quantum computers operate with 14 qubits at maximum. That is why today\u2019s quantum computers are not usable for breaking your SSL certificate, but the situation may change in 5 years.<\/p>\n \u00a0<\/p>\n Main expositors of science in general and specifically Schr\u00f6dinger\u2019s cat \u2013 Penny and Sheldon of \u201cThe Big Bang Theory\u201d<\/p>\n Steps toward quantum goal<\/b><\/p>\n Against this background, Canadian company D-Wave brassily claims that it produces 512-qubit quantum computers. Moreover, these devices are available for sale. Many experts say that the D-Wave computer is not \u201creal,\u201d because it utilizes a quantum annealing effect and can\u2019t demonstrate full properties of a quantum computer. However, it\u2019s complicated to argue with piles of cash, and D-Wave has customers willing to pay $10 million for the device, such as the military contractor Lockheed Martin and search giant Google to name a few. In spite of existing controversy, the computer solves a specific subset of optimization tasks using methods, which are quantum in nature and bring real value to customers.\u00a0 Google plans to experiment with machine learning and Lockheed Martin believes that a quantum computer is able to find mistakes in the source code of software<\/a> used in F-35 jet fighters. D-Wave scientists admit that their computer is unable to solve some other \u201cquantum\u201d tasks, e.g. aforementioned integer factorization, so it poses no threat for modern cryptoalgorithms. However, there is another threat: real and functional quantum computers inspire big companies and governments to invest more in quantum development, speeding up the creation of other, cryptography-capable computers.<\/p>\n \u00a0 D-Wave Two \u2014 quantum computer-annealer<\/p>\n Quantum cryptography<\/b><\/p>\n Quite amusingly, quantum physics might offer the remedy to threats it poses. Theoretically speaking, it\u2019s impossible to eavesdrop on a connection if it\u2019s based on a single micro-particles transmission \u2013 quantum physics laws say that to try to measure one parameter of a micro-particle will alter another parameter. This phenomenon, known as the observer effect (and often confused with the uncertainty principle), should resolve the main issue of \u201cclassical\u201d communications \u2013 the possibility of eavesdropping. Each attempt to spy on a communication will alter the transmitted message.<\/p>\n In quantum communications, significant interference means that an unwanted third party monitors the connection. Of course, you want to prevent information leaks, as well as know that it happens. That is one of the reasons why modern quantum cryptosystems only use \u201cquantum\u201d communication channels to negotiate session encryption keys, which are used to encrypt information transmitted via traditional channels. So a potentially intercepted key is rejected and parties negotiate a new key until transmission comes unaltered. We see that quantum key distribution (QKD) system is being used exactly in the same role, as asymmetric cryptoalgorithms, which may fall to quantum attacks soon.<\/p>\n Meet Cerberis, commercially available quantum key distribution system<\/p>\n Unlike quantum computers, quantum cryptosystems have been available commercially for quite a long time. First scientific research emerged circa 1980, but practical implementation appeared swiftly. The first lab tests were conducted in 1989, and at the end of the century there were commercially available systems able to transmit an encryption key over a 30-mile long fiber optic. Companies like id Quantique and MagiQ Technologies sell ready out of the box QKD systems, which are simple enough to be installed by a network technician. In addition to government and military institutions, QKD users are multinational corporations, banks and even FIFA.<\/p>\n Perfect protection?<\/b><\/p>\n In theory, quantum communication systems do not allow stealthy eavesdropping, but current implementations were demonstrated to have some flaws. First, to avoid interference and allow long-distance transmission, the system transmits multiple photons. Of course, developers try to keep that at minimum, but there is a theoretical possibility to intercept one photon and analyze its state without touching others. Second, there is a distance limit (about 100 miles) for current systems, which makes their use much more limited.\u00a0 Geographically distant branches would not be able to communicate without some \u201crepeater\u201d, which becomes an obvious point for man-in-the-middle attacks<\/a>.<\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n