NSA Quantum Computer Likely to Be Its Least Practical Threat

NSA papers claim wide success building backdoors into commercial IT.

The National Security Agency (NSA) is reportedly trying to develop a quantum computer capable of breaking every code ever made. But even if the facts are all correct, the surprise and anxiety over this particular revelation doesn’t appear to be justified.

Documents released by whistleblower and former NSA contractor Edward Snowden describe a $79.7 million project titled “Penetrating Hard Targets” that includes an effort to develop “a cryptologically useful quantum computer.”

The quantum computer the NSA is after would be so much more powerful than standard hardware that it would be able to decrypt even the most complex encryption schemes with hours or days of calculation rather than months or years.

That sounds as if it should be alarming, because it actually would undermine the basis for all modern cryptography – slow computers and human impatience.

Encryption – like bank vaults, guard dogs or hiding cash somewhere more clever than under the mattress – protects things by making it so inconvenient for bad guys to get at them that doing so without permission is simply impractical.

Given enough time, a determined thief could penetrate any bank vault ever built. But then, if the Grand Canyon is anything to judge by, so could a steady stream of water.

Time and opportunity are what make a secured object vulnerable.

If NSA operatives were willing to wait a century or so, they could crack the hardest encryption with a half-decent load-balancing mechanism and a pile of old Altairs.

A quantum computer would undermine all the assumptions we use to judge encryption schemes as secure, but only if there were only one quantum computer and the NSA had it.

It doesn’t.

Since 2011, in fact, D-Wave Systems, Inc. has been offering quantum computers on the commercial market. In comparison tests, D-Wave hardware left standard computers in the (nano-scale, probabilistic) dust.

It wasn’t until mid-2013, however, that other researchers could even confirm that what D-Wave hardware did was actually quantum computing rather than a higher-performance version of classical computing.

It wasn’t until September that tests proved the D-Wave systems were both computing quantumly and producing answers that were accurate. Every computer design has to be tested for accuracy, but verifying answers given by one system requires a second one whose design has been proven to run calculations accurately, and there was some difficulty in finding one powerful enough to proctor a test.

(Good background and updates are available here from D-Wave, including explanations of quantum computing in general D-Wave’s approach in particular.)

The NSA considers its quantum-systems development research to be on a par with current leaders of the pack – research teams sponsored by the EU and, separately, by Switzerland, according to analysis of the Snowden documents by The Washington Post, whose story explained all the reasons an NSA quantum-computing project shouldn’t be considered an immediate threat to encryption standards without contradicting the implication that it is.

The Post quotes one MIT quantum mechanic verifying that the EU and Switzerland are the leaders, and another doubting that the NSA could be drastically far ahead of everyone else in research without anyone knowing.

Quantum computing depends on the probabilistic behavior of particles so small their actions can be “observed” without the influence of so many other particles that most of the probabilities are averaged out into just a few high-probability options. Uncertainty about their location and velocity and their tendency toward behavior so unlikely as to seem impossible makes knowing anything about them nearly impossible.

“If you think you understand quantum mechanics, you don’t understand quantum mechanics,” according to Nobel laureate Richard Feynman, whose pioneering work in quantum physics is considered brilliant by physicists and entertainingly accessible by humans (another “impossible” achievement attributable to quantum studies).

Even if all the advances described in the NSA documents are correct and on schedule, the result is still “a pretty small step on the road to building a large-scale quantum computer,” the according to quotes in the Post from Seth Lloyd an MIT professor of quantum mechanical engineering.

The road to practical large-scale quantum computing is under construction by a horde of researchers working on everything from how to use the supernatural-seeming process of quantum tunneling to move electrons and eliminate the need for semiconductors to the capture and control of individual photons in microprocessors based on light rather than electricity.

Even Google – normally focused on high-performing but mainstream computing systems – is among the hordes trying to figure out how to build a practical quantum computer.

Even if the NSA beats all other systems-makers to the punch, cryptographers might simply be able to make the problems underlying commercial encryption systems complex enough to keep pace.

Cryptographic problems created by existing quantum computers pose the same level of difficulty conventional encryption poses for conventional computers, but quantum encryption can be used on non-quantum hardware as far down the performance scale as Android smartphones, according to a study published Aug. 15 in the journal Quantum Physics.

Rather than worry about whether the NSA will be first to develop a practical quantum computer, it may be faster and easier to raise encryption standards to the point that a quantum code-cracker wouldn’t give the NSA a skeleton key to every lock on digital data.

Then the only thing to worry about would be the backdoors, malware, Trojan horses, wiretaps, datacenter-datafeed-siphons and covert data-sharing deals other Snowden documents show the NSA has been using to try to turn every piece of commercial IT equipment it can touch into an easy-access point for covert surveillance.

That is, unless there is a greater risk to data security from the potential of a system that does not yet exist, rather than from the subversion of hundreds of tech products already in use in datacenters, homes, offices and phone-company switching centers all over the world.

 

Image: Shutterstock.com/Maksim Kabakou