Summarize this content to 2000 words in 6 paragraphs
Microsoft’s new “Majorana 1” processor is the first quantum chip powered by a topological core based on a new class of materials. (Photo by John Brecher for Microsoft)
With recent announcements of new quantum computing advancements, Microsoft, Amazon and Google have set a new countdown clock ticking on today’s encryption — now an even shorter race than expected.
In one lane: those building quantum computers that can easily break the encryption that makes today’s internet private. In the other lane: those building post-quantum cryptography (PQC), the next generation of encryption that can stand up to quantum computers.
It’s not clear right now who’s going to win this race and what security and privacy on the internet will be (or if it will be at all). But it is clear this is now coming faster than expected.
Effective encryption relies on algorithms that are computationally infeasible to crack. These algorithms are used to encrypt and decrypt data, keeping it private from everyone except those who have the keys.
But all encryption can be cracked with enough computing power. This is why over the past 30 years we’ve seen encryption algorithms retired and replaced; computing power has rendered the old ones ineffective. The old 1024-bit key encryption that was at the heart of the “crypto wars” of the 1990s is long-since retired and quaint now for that very reason. Cracking that encryption today is barely a speedbump.
The recent announcements from AWS, Google, and Microsoft make clear that the computing power that can be directed to break encryption is about increase by an order of magnitude we’ve never seen before.
In December, Google announced “Willow.” In February, Microsoft announced “Majorana 1.” And less than two weeks after Microsoft, Amazon announced “Ocelot.” All three announcements represent major, different innovations around quantum computing, a fundamentally different approach to designing processors that almost literally will put these new computers light years ahead of today’s. Google’s announcement gives good context:
Willow performed a standard benchmark computation in under five minutes that would take one of today’s fastest supercomputers 10 septillion (that is, 1025) years — a number that vastly exceeds the age of the Universe.
Microsoft CEO Satya Nadella wrote on LinkedIn: “We believe this breakthrough will allow us to create a truly meaningful quantum computer not in decades, as some have predicted, but in years.”
These developments represent significant leaps forward in terms of computing power, leaps that are truly unprecedented.
As with all unprecedented leaps forward, we can’t begin to understand all the changes this will bring. But we can see one thing clearly in what Google and Microsoft say: in a few years, there will be computational power available that makes what is computationally infeasible today a problem solved in mere seconds.
That means that tomorrow’s quantum computers will be able to crack today’s encrypted information in mere seconds, or less. All of your encrypted information today will be easily readable when quantum computing becomes readily available.
Fortunately, there has been work underway in anticipation of this eventuality. The National Institute of Standards (NIST) has been working since 2016 on it Post-Quantum Cryptography project. NIST has been in the lead on encryption throughout the history of our industry and it is making progress on this project. In August, NIST released its first three finalized Post-Quantum Encryption Standards.
Microsoft, AWS and Google aren’t only doing work that can break today’s encryption: they’re also actively involved with work on the solution of post-quantum cryptography.
All three have recently provided updates about the work they’re doing in conjunction with NIST and its work to develop and deploy PQC. Google’s announcement was in August; Microsoft’s in September; and AWS’ in December. These predate the new, recent hardware developments but all show the kind of broad, deep commitments that a problem of this size and scope requires. This is a good thing.
But having encryption standards that are being adopted is not broad deployment. There’s a very long road ahead before your online banking app is regularly using PQC invisibly to protect your information. In technology, the devil is in the deployment: it always comes down to the “last mile” problem of getting the newest technology into the hands, homes and offices of regular people. Historically it’s taken years for new encryption to achieve wide adoption.
That is why we’re in a race now. And why everyone in technology needs to get engaged and start thinking about PQC today. Startups need to start making the question of “how are we going to deal with PQC” part of their plans and design decisions now.
Two truisms in the industry apply here. First, it’s easier to break than it is to build. Second, encryption is hard and easy to screw up. These mean effectively defending encryption against quantum computing is going to take a lot of hard work. Work that needs to start now.
These latest developments are showing us that the road ahead for encryption is going to be very fast moving and very bumpy. Today’s encryption is facing an extinction-level event from quantum computing. And companies that don’t move fast will get caught up in that extinction-level event.
