As we approach the advent of general-purpose quantum computers, the countdown to cryptanalytically-relevant quantum computers (CRQCs) shortens, raising concerns of an impending cryptopocalypse within the next decade. This eventuality will expose our PKI-encrypted data, rendering current security measures obsolete. In this exploration, we examine the reasons, consequences, and strategies for fortifying against the looming cryptopocalypse, all while acknowledging the need for shared definitions.

Key Definitions:

• CRQC: Quantum computers capable of executing Shor’s algorithm to break current PKI encryption.
• Cryptopocalypse: The moment when CRQCs transform encrypted data into plaintext.
• Quantum safe: Cryptography presumed resistant to CRQCs but lacking definitive proof.
• Quantum secure: Cryptography proven impervious to CRQCs.
• Post Quantum Cryptography (PQC): Cryptography designed for the post-CRQC era.

The Cryptopocalypse:

The cryptopocalypse signifies the juncture when quantum computing achieves the potency to employ Shor’s algorithm, breaching PKI encryption. Since public key encryption forms the bedrock of data security in transit, encompassing communication between disparate IT infrastructures and even within individual infrastructures, this data will be open to anyone wielding a quantum computer of sufficient might.

Bryan Ware, CEO at LookingGlass, emphasizes the comprehensive jeopardy: “All secrets are at risk—nuclear weapons, banks, business IP, intelligence agencies, among other things, are at risk of losing their confidentiality and integrity.”

This is not a future menace; it is a present peril. Adversaries are actively pilfering and archiving encrypted data, anticipating the day when they can unravel its contents. This ‘harvest now, decrypt later’ tactic ensures that intellectual property, commercial strategies, and even military secrets remain lucrative targets for adversaries when the cryptopocalypse materializes.

“Even if a cryptographically relevant quantum computer is still years away, the time to start preparing is now,” cautions Rebecca Krauthamer, co-founder and CPO at QuSecure.

While certainty eludes us, it’s safe to assume that 2023 is unlikely to witness the cryptopocalypse, probably. The uncertainty arises from our lack of precise knowledge regarding the quantum computing progress made by foreign nations or their intelligence agencies—information they are unlikely to disclose. Nonetheless, it is conjectured that no entity currently possesses a quantum computer potent enough to execute Shor’s algorithm and breach PKI encryption within a practical timeframe.

Predictions point to a window of three to five years, with most estimates settling around ten years. Notably, a quantum computer designed specifically for Shor need not match the potency of a general-purpose quantum computer, a development potentially two to three decades away.

Pinpointing an exact timeline is intricate due to the power of a quantum computer being contingent on the number of qubits employed. The instability of qubits, requiring additional qubits for error correction, further complicates matters. Consequently, the logical qubits available for use are significantly fewer than the total physical qubits required.

Speculation posits a demand for as many as 1,000 physical qubits per logical qubit, contingent on the quality of error correction—an actively researched domain. As the number of physical qubits escalates in the coming years, and the requisite physical qubits per logical qubit diminishes, quantum developers will possess the means to crack PKI. Estimates hover between 1,000 and 2,000 logical qubits for this purpose.

An illustrative example is IBM’s announcement on November 9, 2022: the unveiling of a 433 qubit Osprey processor, accompanied by a roadmap charting progress toward a 4,000+ qubit quantum computer, codenamed Kookaburra, slated for 2025.

IBM’s Qskit Runtime software introduces an innovative approach to error correction, allowing users to trade speed for reduced errors through a simple API option. A modular IBM Quantum System Two, slated to go live in 2023, will enable the integration of multiple processors into a unified system with communication links. This aligns with IBM’s vision of quantum-centric supercomputing—an architecture seamlessly blending quantum and classical workflows.

Quantum Advantage and AI Threats:

Quantum computing’s advancement poses a dual threat when coupled with artificial intelligence (AI). Skip Sanzeri, COO at QuSecure, emphasizes that the risk to current encryption extends beyond quantum decryption. He warns of evolving approaches that mimic post-quantum cybersecurity threats, potentially materializing sooner than cryptographically relevant quantum computers. AI’s role may involve weakening encryption by identifying superior seeds for classical algorithms or enhancing their efficiency, opening avenues for successful attacks.

Steve Weston, CTO at Incrypteon, provokes consideration: “Where is the threat in 2023 and beyond? Is it the threat from quantum computers, or is the bigger threat from AI?” He underscores the historical use of AI in cryptoanalysis and anticipates its heightened role in the future.