Tech Titans Adopt Post-Quantum Encryption to Safeguard User Data

 

As stated by experts, quantum computers could break cryptography by 50% by the year 2033. Many cryptographic methods that are being used today are believed to be the result of mathematical problems which are too difficult to solve by brute force. However, if quantum computers can crack those algorithms within a matter of seconds, then they may be able to unlock standard encryption methods in a matter of seconds if they are capable of breaking them. 

It was announced by Zoom last month that a new type of encryption was added to Zoom Workplace, a new form of encryption that would replace the existing type of encryption, called post-quantum cryptography (PQC), in Zoom Workplace product. A few days later, Facebook's owner Meta revealed that most of the company's internal communication systems are encrypted using post-quantum technology. The announcements from the communications giants and the social media giants came several months after Apple announced in February that it would be launching the most advanced version of post-quantum cryptography, PQ3, for its iMessage platform, which will be the first major messaging platform to implement this technology. 

PQC, PQ3, post-quantum cryptography—what do all these terms mean? The following is a brief explanation of what post-quantum encryption is and why it will be crucial to the protection of the most sensitive data in the years to come. Encryption is a term that is familiar to most of the users – it is one of the most common security measures. 

A passcode or PIN-protected encryption key is how people secure their messages, documents, and photos from anyone who might have access to their personal information without the password- or PIN-protected encryption key being used to decrypt the data so that nobody would be able to read the data without that secret encryption key. The current state of encryption can be divided into two types: regular encryption and end-to-end encryption (E2EE). It is important to note that in the case that users' data is simply encrypted. This is the case with TikTok DMs, for example, which are encrypted only as it is sent over the platform. 

Users have the option to unencrypt their messages and read them. The data sent between the sender and receiver will be encrypted end-to-end because the sender and the receiver hold the keys, and not the messaging platform itself, so only they will be able to read the data.  When users lock their digital devices, both laptops and smartphones, their data is usually encrypted and remains encrypted until they unlock their devices based on their biometrics, PINs, or passwords to provide them with access to their data. 

It is also important to note that many major messaging platforms today are end-to-end encrypted. Apple's iMessage, Meta's WhatsApp, and Signal are among the most popular platforms that allow end-to-end encryption for communication. Accessing encrypted data is nearly impossible in the absence of a key that encrypts the data. In a nutshell. A powerful enough computer can theoretically break encryption if it is given enough time since encryption is just a complex equation tying together a series of numbers. 

In the past, anyone has had the chance to use a classical computer at some point in time. Classical computers rely on the principles of classical physics and utilize bits, which can either be a 1 or a 0. In contrast, quantum computers leverage the strangeness of quantum mechanics and employ qubits. Qubits can exist as a 1, a 0, or both simultaneously due to superposition, granting them significantly more processing power. This advancement has the potential to revolutionize fields like healthcare and finance, but it also poses a threat to data security. 

The encryption methods currently safeguarding sensitive information may become vulnerable when quantum computers become more sophisticated. Malicious actors could steal encrypted data today and decrypt it later using these future machines, rendering current encryption techniques ineffective. This vulnerability is known as a "harvest now, decrypt later" (HNDL) attack. To combat this threat, companies are implementing a new type of encryption called post-quantum cryptography (PQC). PQC utilizes complex mathematical algorithms designed to be resistant to decryption by even the most powerful quantum computers. 

By employing PQC today, organizations aim to render HNDL attacks obsolete, as stolen data would remain encrypted even if it fell into the wrong hands. The Signal Foundation was the first major messaging app to incorporate PQC, while Apple followed suit with a more advanced version. However, PQC is a relatively new technology, and potential flaws in its design could leave it susceptible to future exploitation by quantum computers. Additionally, the lack of standardization in PQC implementation creates compatibility issues, but the National Institute of Standards and Technology (NIST) is expected to finalize a universal standard later in 2024.