Meta warns of looming ‘quantum apocalypse’ for modern encryption, cryptography standards



Tech giant Meta is making efforts to prevent a “quantum apocalypse” that poses an impending threat to modern cybersecurity and encryption standards across industries — including the cryptography model used in blockchain technology.

Meta engineers highlighted during the firm’s latest Metatech Podcast that the risks posed by quantum computing are significant enough to warrant immediate and pressing attention, as finding solutions could take a vast amount of time due to current technological limitations.

They added that ensuring the protection of asymmetric cryptography used by blockchain technology has become a top priority for the firm in recent months.

Looming threat

Sheran Lin, software engineering manager at Meta, said the tech firm is in close collaboration with standardization bodies like NIST, ISO, and IETF to ensure that the post-quantum cryptography (PQC) algorithms are rigorously vetted and standardized.

Lin added that Meta is combining traditional algorithms — namely X25519 and Kyber — to create its post-quantum cryptography (PQC). This results in a hybrid method that ensures Meta’s systems remain secure against both current and future threats.

This would be beneficial for blockchains as well since they are based on the asymmetric cryptography model, which relies on pairs of public and private keys.

Rafael Misoczki, cryptographer at Meta, explained that this model is specifically vulnerable because quantum algorithms can efficiently solve the complex mathematical problems on which they are based. He added that protecting these systems has become a “top priority” for the company.

Quantum computing is a field that uses quantum mechanics to solve problems faster than traditional computers, including the mathematical net that backs cryptography infrastructures. As a result, they pose a threat to blockchain-based ecosystems.

Although fully functional quantum computers capable of breaking encryption algorithms do not yet exist, Misoczki warns that the need to address the threat is immediate.

Meta’s cryptographer pointed out that one key reason is the “store now, decrypt later” attack. This scenario involves agents storing encrypted data today, with the intent to decrypt it in the future once quantum computers become powerful enough.

Moreover, despite Meta’s efforts to become quantum-ready, transitioning from current cryptographic algorithms to quantum-resistant ones is a time-consuming process that could take years or even decades.

Security vs. Efficiency

The Kyber 768 public key share being tested by Meta, for instance, is significantly larger than the traditional keys, leading to issues with packet sizes and increased latency in certain scenarios. To address this, Meta opted for the smaller Kyber 512 parameter, which offers a balance between security and efficiency.

Additionally, the rollout of hybrid key exchanges revealed unforeseen issues, such as race conditions in multi-threaded environments. Although Meta’s engineers solved these issues, there’s no guarantee that further issues will not surface.

Misoczki and Lin explained that Meta’s next step is to protect external public traffic with its PQC.
This will involve overcoming additional challenges, such as ensuring browser support for specific implementations and managing the increased communication bandwidth due to larger data payloads.

The members of Meta’s tech team concluded by saying that the journey to quantum-resistant cryptography is complex, but with careful planning and collaboration, it is a challenge that can be met head-on.

Mentioned in this article



Source link

Leave a Reply