- New research estimates that it could be 20 times easier for quantum computers to break the current encryption
- Experts encourage software developers to promote their work in developing next generation cryptography
- Recommendations include that vulnerable systems are printed after 2030 and rejected after 2035
Experts have long warned that the computer machines’ calculation power is ready to make the current encryption methods outdated. New research now estimates that it could be 20 times easier for quantum computers to break RSA encryption.
This is why researchers at Google Quantum AI are calling on software developers and encryption experts to start implementing next generation cryptography. They also recommend that all vulnerable systems be printed after 2030 and rejected after 2035.
However, many across the industry have already begun their transitions after quantity. These include Big Tech Giants like Microsoft, who recently made its latest Windows 11 quantum-proof as well as popular encrypted services such as the best VPN and Secure E-mail apps.
Breaking encryption can be 20 times lighter
Encryption is a technology that software uses to spice up information into an ulcerous form to prevent unauthorized access. Developed in the late 1970s, RSA-based key exchange is the most common technique that involves generating two public keys-a encryption key and a decryptation key.
However, quantum computers are set to break RSA-based techniques as these machines can run calculations that today’s computers cannot handle within minutes.
As chief scientists, Craig gidney noticed in paper, the new research significantly lowers his previous estimates of the resources that a quantum computer may need to break RSA encryption. From 20 million quibits (equivalent to a little in classic computing) to only 1 million quibits.
“My hope is that this gives a signage to the current technique of quantum factoring and informs how fast quantum -proof crypto systems should be inserted,” wrote Gidney.
Gidney also repeated the proposal from the National Institute of Standards and Technology (NIST) that vulnerable systems should all be printed in five years.
“Not because I expect that sufficiently large quantum computers will exist in 2030, but because I prefer security is not conditional on progress being slow,” he wrote.
However, Gidney’s revelations do not come as a cold shower for the industry.
For example, the team behind encrypted e-mail and cloud drive tuta began working with quantum-resistant encryption in 2020 and became the first quantum-resistant e-mail service with a hybrid protocol in 2024.
“Google’s breakthrough in Quantum Computing proves what we have believed in Tuta Mail for years: the time frame, where our currently encrypted data can still be considered safe, can be much shorter than what we expect,” Tuta CEO Matthias Pfau told Techradar.
For NordVPN, which recently expanded Post-Quantum encryption (PQE) to all applications, it’s a no-brainer. “Transition from classic cryptography to PQC is not a matter of ‘if’ but ‘when’ – and that planning should begin now,” said Marijus Biedis, CTO at Nordvpn.
Surfshark’s main system engineer, Karolis Kaciulis, also agrees that quantum time could come faster than the expected world. “However, I don’t think it would be right to try to predict the exact time,” he said, adding that the team is taking the time to fully evaluate PQE across their platforms before implementing it.
According to ExpressVPN, this latest research is further confirmation that there is “no fixed consensus” across the industry when it comes to quantum calculation. Nevertheless, the team first added PQE protection to its lightway protocol in 2023 and then upgraded to the NIST standards last January.
“The core prerequisite for research is certainly interesting, but does not change anything practical. Given the potential of ‘store now, decrypt later’ attacks, we need to have protection against these threats today as Quantum Computers will work perfectly well retrospectively on data caught years – or even decades – before,” said Pete Membrey, Chief Research Officer at Expressvpn.
Also for the proton, the provider behind Proton VPN and Proton Mail, these new revelations should not be a reason to panic, but rather a “call to remain on the road to develop and roll out quantum -resistant encryption,” Protons CTO, Bart Butler, told Techradar.
