Google has published a new, significantly faster - and more worrysome - timeline for the so-called encryption apocalypse. According to the company, current forms of encryption technologies will become insecure as early as 2029.
This is the so-called Q-Day (quantum day), described as the moment when the computational power of quantum computers reaches a level where public-key encryption algorithms (such as RSA) and elliptic curve-based encryption algorithms can be broken.
Previously, encryption professionals estimated that the moment would not arrive until the 2040s, but now Google estimates that this moment will arrive in just a few years. According to Google, the faster timeline is due to the rapid development of quantum computing hardware recently, and also the swift progress in solving quantum computing-related problems, such as error correction.
The situation is serious, as hostile states and criminals have very likely been collecting encrypted communications, messages, emails, and encrypted documents for years. They are just waiting in some corner of a hard drive for the moment when quantum computing reaches that dreaded "encryption apocalypse" - and then all previously collected secrets can be opened quite easily. This practice is called the Harvest now, Decrypt later method in cybersecurity circles.
This issue has, of course, already been recognized: the messaging app Signal has already began encrypting its users' messages with so-called quantum-safe encryption, which quantum computers cannot break.
The topic also has implications for everyday matters: in Finland some governmental organizations oppose the idea of issuing new 10-year passports (article in Finnish), because the encryption of European Union passports is implemented with technology that can be broken by quantum computing. In other words: why issue passports with long expiration date, if there's a risk they become unsecure documents within couple of years (and EU is already planning to switch using quantum-safe encryption technology).
Previously, encryption professionals estimated that the moment would not arrive until the 2040s, but now Google estimates that this moment will arrive in just a few years. According to Google, the faster timeline is due to the rapid development of quantum computing hardware recently, and also the swift progress in solving quantum computing-related problems, such as error correction.
The situation is serious, as hostile states and criminals have very likely been collecting encrypted communications, messages, emails, and encrypted documents for years. They are just waiting in some corner of a hard drive for the moment when quantum computing reaches that dreaded "encryption apocalypse" - and then all previously collected secrets can be opened quite easily. This practice is called the Harvest now, Decrypt later method in cybersecurity circles.
This issue has, of course, already been recognized: the messaging app Signal has already began encrypting its users' messages with so-called quantum-safe encryption, which quantum computers cannot break.
The topic also has implications for everyday matters: in Finland some governmental organizations oppose the idea of issuing new 10-year passports (article in Finnish), because the encryption of European Union passports is implemented with technology that can be broken by quantum computing. In other words: why issue passports with long expiration date, if there's a risk they become unsecure documents within couple of years (and EU is already planning to switch using quantum-safe encryption technology).
