Active Cypher built a mini-quantum computer (repurposed hardware running quantum algorithms) to prove that conventional encryption (RSA + AES) is nearing the end. This is designed to be a wake-up call for businesses and government that new forms of encryption are required.
The company has presented its creation (named QUBY) at Microsoft’s internal Ready conference. To understand more about the creation and the implications of the work in relation to data encryption, Digital Journal spoke with the brains behind both QUBY and Active Cypher, Dan Gleason, and the company’s Chief Strategy Officer, Mike Quinn (former Enterprise Cybersecurity lead for Microsoft).
Digital Journal: What are the future possibilities of quantum computing?
Michael Quinn: The benefits of quantum computing will undoubtedly be numerous – advances in science, medicine, AI, and our understanding of the universe. With all the altruistic ideas around quantum computing we also have to look at the dangers of the technology being easily and widely available to all people, those with good intentions and those without.
For over a decade, cybersecurity experts have begun to fear that the rapid development of quantum computers will lead to the sunset of AES-256 & RSA (the current encryption standards), meaning all encrypted files could one day be decrypted. The disruption that will come about from that will be on an unprecedented global scale. Whether it’s within this decade or the next few we don’t entirely know.
But the future is here today with quantum software running on computers anyone can create today using a modified platform with massive parallel processors (ganged Nvidia cards). While less efficient than what will be assured in a quantum hardware-based computer, today it is still much more effective and improving rapidly.
DJ: At what stage in the development cycle is quantum computing, in general?
Quinn: That’s hard to pinpoint but quantum computing theoretically stretches back to the early 1980s, but only gained more widespread attention after the startup D-Wave showcased a 28-cubit quantum computer in 2007. Since then, it is almost every month that another research center releases a new quantum computer that built that is bigger, faster, and better. Infancy of both software and hardware is limiting what we can do today but we can’t become complacent that today’s security will hold up against future unknown computing power.
DJ: What will be the dangers of ‘quantum hacking’?
Dan Gleason: Current encryption standards are holding up – some estimate it would take 1,500 qubits to crack Bitcoin’s cryptography. Yet, the largest quantum computer today is only 72 qubits. While it may seem safe today given the estimates for breaking RSA 2048 with today’s technology would require a quantum computer the size of the Earth’s surface, we all see how quickly technology has leapfrogged in the past few decades and we can only imagine what it will be in 2040.
The concern is that data stolen today that is uncrackable can be stored, sold, and traded until it is cracked. Is that a decade from now or are current quantum emulators already working on it? We don’t know – bad guys don’t advertise.
DJ: How did you go about designing and building your mini-quantum computer (QUBY)?
Gleason: QUBY was brought into being during a conversation around compute power and density. I had commented that the threat of a quantum device being powerful enough to crack current encryption is not even a threat on my long-range radar. I’m terrified of the monetarily inspired hacker who builds the equivalent of a big bitcoin mining rig, loaded with a half dozen high-speed video cards, ganged into one cluster, task focused on supercomputing sized computational problems such as Prime and Log factorization
QUBY was designed to run quantum-optimized algorithms, on quantum-emulating software designed to execute problem solving routines at 100X performance of a regular PC yet, it’s small enough to fit into a backpack, and can demonstrate what the threat of quantum hacking will be when scaled.
DJ: What have you been able to demonstrate with your machine?
Gleason: With just $600 in hardware QUBY has been able to demonstrate calculations that take years on conventional computers can be solved substantially quicker. It also shows what could be created by nefarious actors with the wrong intentions. Technology is neither inherently good nor bad – it’s how people use it.
Between quantum-optimized algorithms and artificial intelligence, cracking mathematically based cryptographic algorithms such as AES will become much easier. While executing a massive superposition of possible outcomes to these algorithms requires a quantum device in the millions of qubits—remember the largest quantum computer today has a mere 72 qubits—similar results can be derived with quantum-optimized algorithms executing within a computer emulator running on consumer gaming video cards.
QUBY is the beginning of what will become more available – a quantum emulator that can run highly optimized cracking algorithms against current encryption standards.
DJ: With conventional encryption vulnerable, what are the alternatives?
Gleason: Quantum-resilient encryption is the answer to vulnerabilities today and tomorrow. Active Cypher’s proprietary encryption algorithms were developed from the start to be impervious to brute force attacks based on integer-based Prime Factorization techniques which have been documented in the quantum computer-information security world. Our encryption algorithm is a bit-shifting, bit-stream cipher, that is not based on Prime Factorization, and is therefore not solvable using any integer-based mathematical functions.
We are not the first to point out that quantum computers will disrupt conventional encryption. In fact, since 2016, the US National Institute of Standards and Technology (NIST) has been searching for and evaluating what it calls post-quantum cryptography. However, with such a long evaluation process we wonder if the eventual algorithms chosen will not be already obsolete. For instance, Active Cypher’s Quantum Encryption Standard (QES) didn’t even exist at the time that NIST closed its search for new algorithms in 2017.
DJ: How has the tech industry reacted to your tests?
Quinn: We started the QUBY project as an awareness campaign and are thrilled with the discussions that we have started with quantum experts, IT professionals, Compliance & Risk Officers, and individuals. This reaction has encouraged us to pursue further iterations of QUBY, exploring the fringes of computational sciences.
DJ: What other projects is Active Cypher working on?
Quinn: As a company, we are focused on data protection today and tomorrow. Our core product, Active Cypher File Fortress, ties together our quantum-resilient encryption with a powerful data protection software that is deeply imbedded with Microsoft Active Directory, the core of every Microsoft-based business. We are continuously building new algorithms to enhance the effectiveness of quantum-resilient encryption and stay ahead of the development curve. We are also finding new places to implement our solutions like the widely popular Microsoft Teams app. Additionally, we have been developing the ability to create an immutable blockchain-based record of a file’s history on Ethereum…so you could say we have our plate full.