Red Teaming
KimCrawley,
Jul 23
2021
You may have heard the phrase “quantum cryptography.” It sounds like something from science fiction, but it’s actually science fact. The simplest definition of the term is cryptography that’s produced by quantum computers. And we all know that cryptography is the practice of using mathematics to scramble data into unreadable code, which can be unscrambled with the correct key. Cryptography is essential to keeping data confidential. We use it constantly on our computers and on the internet, even if we’re unaware of it. Quantum cryptography is a technology that we’ll absolutely need for our everyday cybersecurity once quantum computers start being used. And the age of quantum computing is close upon us! To understand quantum cryptography, we must first understand quantum computing.
From the very beginning of the electronic computing era with ENIAC, to the computers we use today, everything we do is with binary computing. Our computers these days are way more sophisticated and complex than they were in the 1950s, but the principles of binary data are all the same. All of our computer data is eventually broken down into bits as they’re processed through our CPUs. A bit can be only 1 or 0. So all of our data is processed as 1s and 0s. On and off.
Quantum computing would be the very first deviation from this paradigm. Quantum computing is based on qubits, not bits. I’m not a mathematician or a physicist. So this is the best way I can explain it-- due to the wacky properties of quantum physics, a qubit can be 1, 0, or both 1 and 0.
Computer scientists have been developing quantum computers for decades now. Quantum computing research formally began in 1980 when physicist Paul Benioff proposed a quantum mechanical model of the Turing machine. Without getting into too much detail, the Turing machine was a very important idea in the development of computer technology.
Scientists have made a lot of progress in the development of quantum computing in the years since. The scientific consensus is that quantum computers will be put into production sometime between the late 2020s to the 2050s. We will probably see quantum computers in our lifetimes, and sooner than we may think. Of course, the first properly working quantum computers will probably cost millions of dollars each and will only be suitable for large institutions. But eventually, quantum computing will be affordable enough to be implemented in consumer products. I highly recommend reading “When Will Quantum Computers Be Consumer Products?” by Christianna Reedy in Futurist to explore the topic more.
If your business is going to thrive through the next few decades, quantum computing will inevitably have some effect on it.
Cryptography is always more difficult to crack the more mathematically complex it gets. There is only a certain amount of complexity that we can get from binary 1s and 0s. But if we have qubits that can be both 1 and 0, the mathematics get way more complex. So quantum cryptography will be tougher to crack than binary cryptography, by its very nature.
And it works the other way around. Quantum computers will be able to crack our binary cryptography much faster than binary computers can crack binary cryptography. In fact, the advent of quantum computers will render all of our common encryption technology obsolete and insecure. A cipher that would take a powerful binary computer a year to crack could take a quantum computer mere seconds to crack. It’s something to do with how a qubit can be both 1 and 0. It’s wild math stuff that I will only think of in a very abstract way! I’m a woman of words, not numbers.
Major tech firms and institutions are well aware of the cyber threat quantum computing poses to our current common cryptographic standards. They’ve been hard at work developing quantum-safe cryptography. Don’t confuse quantum cryptography with quantum-safe cryptography. The former is a technology that can only be produced by quantum computers, and the latter is a technology that we can produce with our current binary computers to resist being cracked by quantum computers. Sometimes quantum-safe cryptography is referred to as post-quantum cryptography.
Some of the most important work in quantum-safe cryptography is being done as a joint effort between IBM and the National Institute of Standards and Technology (NIST). The NIST is setting the official standards for classifying quantum-safe cryptography. And IBM has a research group that’s dedicated to the development of quantum-safe cryptography. Hopefully in the next few years, quantum-safe cryptography (implemented by binary computers) will be used in some of the most critical cryptographic functions-- banking and government.
Hack The Box can teach your business how to use cryptography in ways that can improve your organization’s cybersecurity. Please contact us for more information.
We also have some great material for hackers everywhere. Hack The Box features a lot of fun crypto challenges in our Hacking Labs! Some of them are very easy, some are a little more challenging. Give them a try!
Hashing is an algorithm performed on data such as a file or message to produce a number called a hash. The hash is used to verify that data is not modified, tampered with, or corrupted. With hacking, you can verify the data have maintained their integrity. Our HTB Academy course Cracking Passwords with Hashcat is for medium-level hackers that will show how to crack password hashing.
While you’re here, check out some of our crypto challenges from our Cyber Apocalypse 2021 CTF: