Valsorda's exposé builds on other contemporary reports about the situation, including a days-old report in which Google's engineers point out that all cryptocurrency will suffer a quick explosion . For months, the Go developer was readying a post about deploying post-quantum (PQ, or quantum-computer-proof) cryptographic key exchanges at a relatively leisurely pace to give the software and hardware system time to adapt. However, in his own words: "that other article is now wrong […] we don't have the time if we need to be finished by 2029 instead of 2035." Valsorda goes on to state that "it makes no more sense to deploy new schemes that are not post-quantum", while simultaneously acknowledging that adding PQ to extant infrastructure is hard and frustrating, particularly as the move to the currently used ECC (Elliptic Curve Cryptography) itself took long enough. Valsorda states the computing world must be ready for a fast "hard cut," rather than relying on extended-schedule transitional solutions. The engineer doesn't mince words, saying that "any non-PQ key exchange should now be considered a potential active compromise," and adding that "hybrid classic+post-quantum authentication makes no sense […] and will only slow us down." These hybrid "band-aids" are suggested as stopgaps due to the fact that PQ key exchanges take up a ton more space than conventional ECC methods. One such example is your bog-standard secure website connection using a digital certificate (X.509 format), whose key exchange requires only some tens of bytes for transmitting signatures with ECC. When switching to PQ, that figure easily grows to multiple kilobytes, increasing bandwidth, and, perhaps most importantly, latency — particularly when accessing a certificate chain containing multiple signatures. There are workarounds for this, such as Merkle Tree Certificates , but those will take a while to implement worldwide. Although X.509 certificates are a worst-case scenario, the problem extends to just about any area of computing you can think of: secure shell connections (OpenSSH already alerts users if they're not using PQ key exchange), code signing, secure DNS, email signatures, and the blockchain. Many IoT devices, for example, tend to run with very limited memory and storage, so they might not be able to even use PQ effectively at all. Valsorda calls out some particularly troublesome examples. Intel's SGX and AMD SEV-SNP trusted execution environments will be fully broken, and encrypted files are a prime target, as data using today's encryption methods will potentially be easily broken tomorrow. You can read the entire article here for all the technical details.
Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds.
Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals. ","collapsible":{"enabled":true,"maxHeight":250,"readMoreText":"Read more","readLessText":"Read less"}}), "https://slice.vanilla.futurecdn.net/13-4-20/js/authorBio.js"); } else { console.error('%c FTE ','background: #9306F9; color: #ffffff','no lazy slice hydration function available'); } Bruno Ferreira Social Links Navigation Contributor Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals.
jabliese So, exactly how many quantum computers are going to be available in 2029? Reply
usertests jabliese said: So, exactly how many quantum computers are going to be available in 2029? Deadlines have to be set before wide availability, so people have more time to prepare. But quantum computers already exist. It's a question of when optimizations and improvements will allow them to break vulnerable encryption schemes. Reply
loosik jabliese said: So, exactly how many quantum computers are going to be available in 2029? The plan/hope/wishful thinking is to have last 10 years of communication in quantum resistant encryption when quantum computers are available (beyond few prototypes). Recording all communication and breaking it in the future is realistic threat. Same goes with classical encryption methods: you have to increase key length and drop support for even slightly broken ciphers as computing power keeps increasing, even if you don't think quantum computers are "real". Reply
Sluggotg For decades they have said, "Quantum computers will be able to break high level encryption". Can anyone show me an article where a Quantum computer has broken any encryption? I don't believe we have seen hardly any practical programs running on Quantum computers. I have a hard time believing that in 2029 people will be using Quantum computers to hack all encryption on the internet. Reply
usertests Sluggotg said: I have a hard time believing that in 2029 people will be using Quantum computers to hack all encryption on the internet. They want the transition to post-quantum encryption to happen by 2029. They are not saying all encryption will be broken by 2029. Although the dates are subject to change if progress speeds up. Reply
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/go-maintainer-joins-collective-klaxon-about-encryption-breaking-quantum-computers-developer-urges-immediate-switch-to-post-quantum-methods-to-prevent-worldwide-disaster#main
- https://www.tomshardware.com
- Build a $5,000 AM5 gaming PC for just $2,771 with this Newegg combo deal — 9800X3D and RTX 5070 also come with 128GB of DDR5 RAM, 4TB SSD, X870E motherboard, an
- NVIDIA, Telecom Leaders Build AI Grids to Optimize Inference on Distributed Networks
- Snap up 32GB of Corsair Vengeance RAM for just $192 when you pair it with AMD's 9800X3D processor and Asus X870E motherboard for $1,054 — bundle also includes a
- Broadcom to supply Anthropic with 3.5 gigawatts of Google TPU capacity from 2027 — Claude pioneer says its annual revenue run rate has passed $30 billion
- Taiwanese chip makers call on government to stockpile helium, liquid natural gas — TSIA pleads for strategic supplies as US and Iran sign ceasefire in Middle Ea
Informational only. No financial advice. Do your own research.