Intelligence agencies may be intercepting encrypted messages and storing
them in the hope that they can eventually develop a practical quantum
computer to crack them, a security researcher who has worked with the UK
government has warned.
Although dozens of research groups are currently trying to build a practical
quantum computer, none has yet publicly succeeded. Such a machine could
quickly find the prime factors that serve as the multiplicative building
blocks of a number – for example, 3 and 7 are the prime factors of 21.
This seemingly innocuous ability would fundamentally break encryption based
on the difficulty of finding prime factors of large numbers, putting email,
banking and cryptocurrencies at risk.
Researchers are already working on algorithms designed to keep data secure
if this happens. But Andersen Cheng at cybersecurity firm Post-Quantum, who
was a director at L3 TRL, a company supplying high-level encryption
technology to the UK government, says that it could already be too late, as
“harvest now, decrypt later” attacks are under way. This involves
intercepting encrypted data and storing it ready for decryption once a
quantum computer is developed.
Cheng points to instances when internet traffic has been routed on unusual
global paths for no apparent reason before returning to normal, which are
indicative of such attacks occurring. Often these errors have caused traffic
within Europe and the US to be
routed circuitously via Russia or China, at times through state-controlled telecommunications providers such as
Rostelecom.
These relatively frequent errors could be accidental, but would also be the
ideal way to select certain traffic and route it to a storage centre. Many
key internet connections pass through Europe and the US, so similar attacks
could occur there, says Cheng.
He believes these incidents were deliberate and that “the intelligence world
has been collecting information, even though they cannot decrypt it today”.
State secrets could still be invaluable years later, he says.
Exactly when quantum computers will threaten encryption isn’t clear, but
Cheng says secret efforts may be ahead of public ones. “If you ask people in
the public domain, they always say 10 to 20 years,” says Cheng. “If you ask
the intelligence world… people are worried it will be below five years.”
A leak by Edward Snowden in 2014 revealed the US National Security Agency
had
spent nearly $80 million pursuing a code-cracking quantum computer.
Daniel Dresner at the University of Manchester, UK, says that intelligence
agencies have long held encrypted data while waiting for ordinary computers
to advance enough to crack it. For example, the UK gathered encrypted German
messages well before it had developed the means to
decode them during the second world war.
There is no reason to believe the same isn’t being done today with an eye to
quantum cracking, says Dresner. “They’re collecting stuff all the time, some
of which will be decrypted and will be useful.”
A spokesperson for the UK’s National Cyber Security Centre says work is
under way to design algorithms that are safe from quantum computers.
“Certain sensitive information may still be of interest to adversaries in
two or three decades,” says the spokesperson, meaning this work needs to be
done now.