IN THIS COLUMN, EVIDEN’S CRYPTOEXPERT
KLAUS SCHMEH COMMENTS ON CRYPTO STUFF
It’s no secret that quantum computers have the potential to break cryptographic algorithms such as RSA or Diffie-Hellman. However, the practical application of quantum computing is still far behind the theoretical capabilities. In order to pose a genuine threat to today’s cryptographic standards, a quantum computer would need to be able to factor prime products of 2048-bit length. Currently, quantum devices can handle no more than 5 bits.
Nevertheless, quantum computing technology is advancing. It’s not out of the question that one day, these machines will become powerful enough to compromise the cryptographic methods we rely on today. This moment, often referred to as Q-Day, will mark the arrival of practical quantum computers. But the critical question remains: when will Q-Day arrive?
No one can answer this question definitively. In fact, it’s still uncertain whether Q-Day will ever come to pass. However, key institutions such as the BSI (Germany), ANSSI (France), and NSA (USA) can’t afford to take risks. These organizations are already operating under the assumption that Q-Day might occur in about ten years.
Nevertheless, quantum computing technology is advancing. It’s not out of the question that one day, these machines will become powerful enough to compromise the cryptographic methods we rely on today. This moment, often referred to as Q-Day, will mark the arrival of practical quantum computers. But the critical question remains: when will Q-Day arrive?
No one can answer this question definitively. In fact, it’s still uncertain whether Q-Day will ever come to pass. However, key institutions such as the BSI (Germany), ANSSI (France), and NSA (USA) can’t afford to take risks. These organizations are already operating under the assumption that Q-Day might occur in about ten years.
This pessimistic working hypothesis will likely influence many laws and regulations in the coming years. Critical and sensitive IT systems will need to transition to quantum-resistant protocols within the next decade. For those interested in the current state of quantum computing, I highly recommend reading the BSI’s study on the topic
Fortunately, quantum-safe cryptographic methods—collectively known as Post-Quantum Cryptography (PQC)—already exist. The first PQC algorithms have been standardized, and more are expected in the near future. The next step involves integrating these new algorithms into existing protocols and formats—a process currently underway at full speed.
© www.bsi.bund.de
Cryptographic product manufacturers have also begun to respond, incorporating PQC algorithms into their offerings. But now, it’s up to businesses and government agencies operating security-critical IT systems to prepare for the transition to PQC. This means inventorying their cryptographic solutions and prioritizing necessary migration steps, with risk management playing a key role.
In my opinion, it’s crucial that businesses and public authorities begin planning for the post-quantum migration now. Delaying this effort will make it incredibly difficult to migrate essential IT systems within the next decade.
Klaus Schmeh | Eviden Digital ID
“It’s crucial that businesses and public authorities begin planning for the post-quantum migration now. Critical and sensitive IT systems will need to transition to quantum-resistant protocols within the next decade.”
Eviden Digital Identity
is an ideal partner in this transition. Our products already support some post-quantum algorithms, and we offer expert consulting services to guide you through the post-quantum migration.
In conclusion,
no one knows exactly what the quantum future holds. Quantum computers might still be far away, or they could become a reality within a decade. We can’t afford to adopt a “wait and see” attitude. Institutions like the BSI are already ensuring that laws will be adapted accordingly. Post-Quantum Cryptography is much more than a buzzword; it will become, and must become, the cornerstone of our IT security in the years to come.
