Mainstream quantum computing may still be years away, but cybersecurity efforts to protect against quantum attacks can’t wait. When quantum computing does make its entrance, it could quickly eviscerate the cryptography that currently protects online communications, such as the digital signatures used in the domain name system (DNS) and the key exchanges used in transport layer security (TLS).
Fortunately, efforts to protect against how quantum computers could be used in cyberattacks have been underway for years. The National Institute of Standards and Technology (NIST) launched its post-quantum cryptography program in 2016, and in July selected the initial group of algorithms eligible for standardization. But the industry needs to prepare now because updating systems for quantum capabilities will have its challenges.
The quantum threat to DNS
DNS manages the flow of traffic on the internet. And the cryptography used in DNS Security Extensions (DNSSEC) is essential to the safe routing of traffic, using digital signatures or symmetric keys to verify that websites and data are what they purport to be. Strong cryptography is the only way to ensure that users can trust the results.
Today’s current level of cryptography works well, rendering data as a random sequence of bytes that are useless to anyone without a key. However, quantum computing will change that with processing power which will make current cryptography obsolete.
The quantum bits, or qubits, used in quantum computing work in a different, much faster way than the binary bits used in traditional computing, enabling quantum machines to not only code information more quickly but also to store information immediately. Attackers would be able to access data, store and decrypt it later — and decrypt it much more easily with the power of quantum computing. Encrypted data will likely not stay encrypted for as long as intended.
Quantum computing also will present challenges to DNS’ capacity to handle traffic, because of...