Skip to main content

2 - What's the problem? – The (Quantum) Computing Threat

Elliptic-Curve Diffie-Hellman Key Exchange (ECDHE) and RSA are prominent examples of public key cryptography. This name stems from the fact that two keys are created, one private and one public. The public key is shared with your communication partner which allows them to encrypt messages that only you, the holder of the private key, can decrypt.

image.png
Quantum Computer: Sebastian Krinner, ETH Zürich

Public key cryptography is based on the assumption that a (quantum) computer with sufficient computational power will not be available within the period during which the secrets must remain secure. In other words, the security of public key cryptography depends on assumed computational complexity.

ECDHE and RSA fall under the computational complexity category. The problem is that future quantum computers are predicted to have exactly that computational power, thereby invalidating the security assumption and effectively making these algorithms insecure to use, likely already today.

National security agencies have recognized this threat and suggest transitioning to quantum-safe alternatives. Australia has announced a ban on these algorithms by 2030 while the USA plan to phase them out by 2035. Germany's Federal Office for Information Security (BSI) has released a guideline on the subject as well.

Put bluntly, the cryptographic stack that was discussed in the previous section is falling apart. The next question to ask is: which part of your network is affected?