Computação quântica: como isso afetará a segurança cibernética

Quantum Computing: How It Will Affect Cybersecurity

As quantum computing continues to become a reality, many companies will be interested in what impact (if any) it will have on cybersecurity.

Imagem em destaque

Quantum computing was once nothing more than a dream for computer scientists striving to create a computer that could outperform any hardware on the market. At first, it appeared that such a device would have limited applications. However, in today's cloud-centric, containerized, AI-obsessed, big data-driven world, the idea of ​​quantum computing could have huge ramifications across the entire IT industry.

With more and more companies pushing performance to the limit, something will have to arrive soon to deliver the computing power demanded by modern workloads. And given how limited current architectures are (especially under the threat of malicious code that causes companies like Intel to throttle their CPUs), without a new kind of technology, these workloads will soon hit a performance ceiling. .

Hence, quantum computing.

What is quantum computing?

First, let's address exactly what quantum computing is. You've probably heard of quantum mechanics, which is (essentially) a theory in physics that describes the behavior of everything (like atoms, electrons, and photons) in the molecular and submolecular domains. In other words, it's a branch of physics that focuses on the very, very, very small.

We could say that quantum mechanics makes the small things work.

As far as technology is concerned, quantum computers explore the quantum level by taking advantage of the behavior of particles and waves through the use of specialized hardware. This hardware is capable of performing calculations exponentially faster than traditional hardware.

How does this work?

First, let's consider the basic unit of quantum information, which is the qubit. Unlike the traditional bit, a qubit can exist in two states simultaneously. Because of this, a quantum computer processes data very differently.

Consider the scenario of a mouse in a maze. A traditional computer solves this problem by running all possible paths (one at a time) until it finds the solution. A quantum computer solves this problem by running all possible scenarios simultaneously. So instead of running scenario A, then scenario B, then scenario C (etc.) until it finds the solution, a quantum computer runs A, B, C, etc. all at once to get to the very solution. , much, much faster.

The implications of quantum computing

The implications of this are staggering, especially when applied to cybersecurity.

Let's prepare the ground for danger.

Let's say you have a password with 8 characters and all in lowercase letters. A traditional computer can crack this password instantly. However, if you mix cases for this 8 character password, it will take the same computer 22 minutes to crack it. Increase the length of this password to 12 tiny characters and the time will drastically increase to 3 weeks. This same traditional computer would take 34,000 years to crack a password that was 12 characters long and consisted of at least one uppercase character, one number, and one symbol.

Resuming:

  • password – cracked instantly
  • PassWorD – cracked in 22 minutes
  • passwordcats – broken in 3 weeks
  • P@ssw0rdcats – 34,000 years

The reason a traditional computer can take so long to crack the final password is because it has to test every conceivable option one at a time.

Now, imagine you had a quantum computer that could test every conceivable option at once? Suddenly, those 34,000 years can be enormously shortened.

However, this is not just “in theory” but also problematic. For example, qubits cannot be transmitted over the Internet, so it is not possible to send quantum superpositions of passwords to a server. What would be required for this is to first hack into a remote computer, find the salted password hash, and then do a salt/hash/compare function against what you found. Remember, with a traditional computer, salt/hash/compare is executed one word at a time, which can take a long time. With quantum computing, you can apply Grover's algorithm to use quantum superposition. Follow this with Grover Iteration to perform password testing until it is cracked.

When you combine all of this, it becomes incredibly challenging to accomplish. Furthermore, the hacker would have to have access to a quantum computer to make it work.

But let's say the hacker has access to a quantum computer and understands all the technology needed to pull it off. All things being equal, what would take years to accomplish now takes just a few days.

Think about it. Instead of a very complicated password that took thousands of years to crack, it could now be done in days.

To add some fuel to this fire, imagine that a collective of hackers gained access to (or built) a quantum computer. With this level of power, they could not only crack passwords faster, but also create more powerful means of hacking. Instead of breaking into one system at a time, hackers could break into thousands (or hundreds of thousands) of systems simultaneously.

This means that traditional security methods are useless against the power of a quantum computer. And if a group of hackers stumbles upon a quantum computer, all bets are off. Once these hackers unleashed the power of one quantum computer, another quantum computer (or a group of them) would be needed to combat the bad actors.

Companies (especially small and medium-sized ones) wouldn't stand a chance. The only defense they could have would be to employ their own quantum computer to serve as a means of preventing other quantum computers from hacking their systems or to employ isolated computers to somehow store sensitive information. The last option, of course, wouldn't work because most server login systems require this information to be constantly accessible.

Other options would be to employ things like quantum random number generators, secure quantum communication (like quantum key distribution), and machine learning to quickly detect and prevent intrusions. These possibilities not only serve to mitigate the threat of attacks on quantum computers, but also to take cybersecurity to a level that would become considerably more difficult to crack.

The good news is that (at least for now) the possibility of hackers gaining access to quantum computers is low. Why? Firstly, quantum computers are not readily available. Yes, the first commercially available quantum computer went on the market in 2011. But it's not like hackers can go to Best Buy and buy one. They are not only difficult to obtain but also expensive. A Chinese company called SpinQ started selling quantum desktop computers for $50,000 in 2020. This machine weighed more than 100 pounds, so it wouldn't be very practical. But soon, they are rumored to launch another device for around $5,000. So, although the cost has decreased significantly, these machines are still considerably more expensive than traditional computers. The caveat to the $5,000 quantum desktop computer is that it is only capable of processing 2 qubits, which is much less powerful than the $50,000 option.

Of course, to get serious power (we're talking 50 qubits), the price skyrockets to nearly 10 million dollars. In other words, to get the true power of quantum computing, you'd have to shell out considerable money, the likes of which most hackers don't have. On the other hand, a large corporation could find the budget for such a machine.

Another problem with quantum computers (at least at the moment) is the lack of available applications. It's not like you can buy a quantum computer and run a traditional browser or software stack on it. Any company (collective or individual) would have to have a dedicated team of developers to build applications for the architecture or wait until third parties start making such applications available.

Conclusion

At the moment, quantum computing isn't exactly ready for prime time. Not only is the cost prohibitive, but also their range of applications makes them not very viable. But as the industry continues to grow and companies start using these powerful machines, everything will change. But as long as quantum computers remain out of reach of hackers, companies should be able to gain an advantage and stay a few steps ahead of the hackers – which is exactly the opposite of how the scenario is now (with hackers always ahead of the hackers). companies).

Source: BairesDev

Back to blog

Leave a comment

Please note, comments need to be approved before they are published.