Quantum computers RSA cryptography: how to secure your data
Quantum computers can break RSA encryption, which secures our online data. But there are solutions that are resistant to quantum attacks. One of them is Freemindtronic, an Andorran company that notably uses NFC HSM technology to share AES-256 keys using RSA-4096 encryption, which quantum computers cannot decipher.
Quantum computing RSA encryption: a challenge and a solution
Quantum computing RSA encryption is a challenge for online security. Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. One of these things is breaking RSA encryption, which secures data online. RSA encryption is based on the difficulty of factoring large numbers. Quantum computers can factor large numbers faster than classical computers. They use algorithms like Shor’s algorithm, which exploits quantum properties.
However, this threat is not imminent. Building and using quantum computers is still challenging and uncertain. Two recent announcements claimed to have cracked RSA encryption with quantum systems. But they have not been verified. The experts are skeptical and doubtful. They have not provided any evidence or details. They have made unrealistic or too good to be true claims. They have not been peer-reviewed or reproduced.
What is RSA encryption?
RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.
How does RSA encryption work?
RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.
RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.
What is quantum computing and how does it work?
Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. Here is how it works:
- Qubits: Quantum computers use quantum bits, or qubits. They can be 0 or 1, or both at the same time. This is called superposition. When we measure a qubit, it becomes either 0 or 1. This gives us more information than a classical bit, which is always 0 or 1.
- Entanglement: Quantum computers can also use entanglement. This is when two qubits share a quantum state and affect each other, even if they are far apart. This allows us to manipulate multiple qubits at once and create complex quantum states.
- Parallelism: Quantum computers can use these properties to perform parallel computations. This means they can do many calculations at the same time, using fewer qubits than classical bits. This can speed up some tasks that are hard for classical computers.
One of these tasks is breaking RSA encryption, which is based on factoring large numbers. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. This can break RSA encryption by finding the private key from the public key. However, this requires a quantum computer with many qubits and low errors, which we do not have yet.
Quantum computing RSA encryption: a challenge and a solution
The ability to find an RSA private key from its public key by a quantum computer poses a serious threat to online security. However, this threat is not imminent, as there are still many challenges and uncertainties in building and using quantum computers. Two recent announcements have claimed to have cracked RSA encryption with quantum systems, but they have not been verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.
How quantum computers can break RSA encryption
RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.
RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.
RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.
Quantum computers can break RSA encryption by finding the prime factors of the composite number that is used to generate the public and private keys. Once the prime factors are known, the private key can be easily calculated from the public key, and the encrypted messages can be decrypted. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. Shor’s algorithm can factor a large number in polynomial time, which means that the time it takes to factor a number grows relatively slowly as the number gets larger. In contrast, the best classical algorithms for factoring are exponential, which means that the time it takes to factor a number grows very fast as the number gets larger.
Two claims of breaking RSA encryption with quantum systems
Two recent announcements have raised concerns about quantum computing RSA encryption. One is from a team of Chinese researchers, who published a paper on arXiv in December 2022. They claim to have found a faster way to break RSA encryption with a quantum computer of 372 qubits. They combine a classical algorithm, called Schnorr’s algorithm, with a quantum algorithm, called QAOA (Quantum Approximate Optimization Algorithm). Schnorr’s algorithm is a method of factoring large numbers that uses a probabilistic approach and a lattice reduction technique. QAOA is a method of finding approximate solutions to optimization problems using a quantum computer.
The researchers say that by applying QAOA to the most computationally intensive step of Schnorr’s algorithm, they can reduce the number of qubits and the number of operations needed to factor a large number. They also say that they tested their method on a 10-qubit quantum computer and succeeded in factoring a 48-bit number. They extrapolate that their method can scale to factor a 2048-bit number, which is the standard for RSA encryption.
The other announcement is from a researcher named Ed Gerck, who posted on LinkedIn in November 2023. He claims to have decrypted RSA-2048 encryption, the most used public-key algorithm, with a quantum system implementable on a smartphone or a PC running Linux. He says that he developed a quantum algorithm that can calculate prime numbers faster than Shor’s algorithm and that he proved several mathematical conjectures, such as Goldbach’s conjecture. He published an excerpt of his work, but has not provided any proof or detail of his method.
Both announcements are not verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.
Quantum computing RSA encryption: possible solutions
How to protect RSA encryption from quantum attacks?
However, this announcement is not yet verified, and it raises many questions in the scientific community. It is therefore premature to draw hasty conclusions, and we must wait for the publication of the evidence of his work. It is also possible that RSA encryption can be adapted to resist quantum attacks, for example by increasing the length of the keys, or by using masking techniques. In addition, there are alternatives to RSA encryption, supposed to be more robust against quantum computing. These are post-quantum cryptography algorithms, based on other mathematical problems that are difficult to solve for quantum computers. Post-quantum cryptography is a very active field of research, which aims to anticipate the threats that quantum computers would pose to the security of communications. There are several potential candidates to replace RSA encryption, but they must be evaluated and compared in order to choose the most suitable ones for different needs and constraints. The NIST has launched an international competition to select and standardize the best post-quantum encryption algorithms, which should be ready by 2024.
What are the alternatives to RSA encryption?
Some of the alternatives to RSA encryption that are considered to be more resistant to quantum attacks are:
- Lattice-based cryptography: This is based on the hardness of finding the shortest vector in a high-dimensional lattice, or the closest vector to a given point. Lattice-based cryptography has the advantage of being fast, versatile, and allowing for advanced features such as homomorphic encryption and digital signatures. Some examples of lattice-based algorithms are NTRU, BLISS, and NewHope.
- Code-based cryptography: This is based on the hardness of decoding a general linear code, or finding the error vector in a noisy transmission. Code-based cryptography has the advantage of being simple, efficient, and having a long history of security analysis. Some examples of code-based algorithms are McEliece, Niederreiter, and BIKE.
- Multivariate cryptography: This is based on the hardness of solving a system of multivariate polynomial equations over a finite field. Multivariate cryptography has the advantage of being compact, flexible, and allowing for various applications such as encryption, signatures, and identification. Some examples of multivariate algorithms are Rainbow, HFE, and GeMSS.
- Hash-based cryptography: This is based on the hardness of finding collisions or preimages for a cryptographic hash function. Hash-based cryptography has the advantage of being simple, provably secure, and relying on minimal assumptions. Some examples of hash-based algorithms are XMSS, SPHINCS, and LMS.
How Freemindtronic protects data with RSA-4096 and NFC technology
Freemindtronic is an Andorran company that specializes in security and cybersecurity of information and computer systems. It designs and develops products and services based on NFC (Near Field Communication) technology, which allows wireless communication at short distance.
The HSM of Freemindtronic: devices that store and protect cryptographic keys
One of the products of Freemindtronic is the HSM (Hardware Security Module), which is a device that stores and protects cryptographic keys. The HSM of Freemindtronic uses two technologies: EviCore HSM OpenPGP and EviCore NFC HSM.
- EviCore HSM OpenPGP is an implementation of the OpenPGP standard, an open standard for encryption and signature of data. It can manage symmetric and asymmetric encryption keys, both standard and OpenPGP. It can also create HSM on any type of storage device, such as key store, key chain, SD card, SSD, USB drive, NAS, cloud, etc. It can work in fixed, offline, or online mode (LAN/WAN).
- EviCore NFC HSM is a technology that allows to share AES-256 standard keys using RSA-4096 standard encryption. It works without contact with NFC HSM, which use a pair of RSA-4096 keys for secret sharing (AES-256 encryption keys).
The AES-256 standard: a type of symmetric encryption with high level of security
The AES-256 standard is a type of symmetric encryption, which means that it uses the same key to encrypt and decrypt messages. The AES-256 standard offers a high level of security, as it uses keys that are 256 bits long, which are very hard to crack by brute force. The AES-256 standard is widely used for encrypting data and communications, such as files, emails, or messages.
The RSA-4096 encryption: a type of asymmetric encryption that protects the AES-256 keys from quantum attacks
However, the AES-256 standard requires that the key be securely transmitted between the sender and the receiver, without being intercepted, modified, or forged by an attacker. This is where the RSA-4096 encryption comes in, as it provides a way to protect the AES-256 keys from quantum attacks.
The RSA-4096 encryption is a type of asymmetric encryption, which means that it uses two different keys to encrypt and decrypt messages: a public key and a private key. The public key can be shared with anyone, while the private key must be kept secret. The RSA-4096 encryption uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers. The RSA-4096 encryption can encrypt the AES-256 keys with the public key of the receiver, and decrypt them with the private key of the receiver. Thus, only the receiver can access the AES-256 keys, and use them to encrypt or decrypt the messages. The RSA-4096 encryption can also sign the AES-256 keys with the private key of the sender, and verify them with the public key of the sender. Thus, the receiver can ensure the identity of the sender, and the integrity of the AES-256 keys.
The RSA-4096 encryption is therefore an effective way to protect the AES-256 keys from quantum attacks, as it uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers.
The RSA-4096 encryption is also a practical way to share the AES-256 keys between the HSM, as it uses the NFC technology, which allows wireless communication at short distance. The RSA-4096 encryption is therefore a major asset for the technologies of Freemindtronic, which offer an optimal security for the encryption of data.
Conclusion
Quantum computing is a new paradigm of computing that could break RSA encryption, the most common encryption method on the internet. With only 372 qubits, a quantum computer could break RSA encryption, exposing our online data and communications. However, there are solutions and alternatives that can resist quantum attacks. One of them is Freemindtronic, an Andorran company that uses NFC technology to share AES-256 standard keys using RSA-4096 standard encryption, which is beyond the reach of quantum computers. Freemindtronic’s technologies are based on the EviCore HSM OpenPGP and the EviCore NFC HSM, which are hardware devices that store and protect cryptographic keys. EviCore HSM OpenPGP transforms your smartphone, tablet or computer into a hardware security module compatible with the OpenPGP standard. EviCore NFC HSM allows you to store and use your crypto keys and secrets in a contactless NFC device, such as a card, a sticker, or a keychain. Both technologies offer features such as offline isolation, seamless integration, enhanced user experience, and multi-factor authentication. Therefore, Freemindtronic’s technologies are innovative and secure solutions for data and communication encryption, which can withstand quantum attacks and ensure the privacy and integrity of online activities.