NSA aims to build quantum computer to undercut encryption, leaks reveal

Share this article:
A physics expert believes the agency isn't any further along in its efforts.
A physics expert believes the agency isn't any further along in its efforts.

Newly publicized Snowden leaks detail well-funded efforts by the National Security Agency (NSA) to build a quantum computer capable of cracking “nearly every kind of encryption” used to secure data by critical industries, but experts are reticent to speak to any immediate impact springing from the research.

On Thursday, The Washington Post revealed that the NSA's mission to build the breakthrough computer was supported as part of a $79.7 million research program, dubbed “Penetrating Hard Targets.”

According to the article, sensitive data from banking, medical and other sectors, including government agencies, that is stored or shared online would be vulnerable to being cracked if the quantum computer was successfully built.

The Post also revealed that the Laboratory for Physical Sciences, located adjacent to the University of Maryland's College Park campus, hosts much of the work on quantum computing, which is done under “classified contracts” at the lab.

“The development of a quantum computer has long been a goal of many in the scientific community, with revolutionary implications for fields such as medicine as well as for the NSA's code-breaking mission,” the article said. “With such technology, all current forms of public key encryption would be broken, including those used on many secure websites as well as the type used to protect state secrets.”

The leaks also appeared to reaffirm long-held speculation in the research community that the NSA wasn't any further along in its quantum code-breaking efforts than others in the field.

"Experts think that one of the largest hurdles to breaking encryption with a quantum computer is building a computer with enough qubits [a unit of quantum information], which is difficult given the very fragile state of quantum computers," the article said. "By the end of September, the NSA expected to be able to have some building blocks, which it described in a document as 'dynamical decoupling and complete quantum ­control on two semiconductor qubits'... A quantum computer capable of breaking cryptography would need hundreds or thousands more qubits than that."

On Friday, Christopher Monroe, a professor at the University of Maryland's department of physics, told SCMagazine.com it was his belief that the NSA's quantum computer efforts do not outpace that of others in the field – especially since the NSA openly funds and collaborates with academic entities in this line of research.

Monroe is also a fellow at the Joint Quantum Institute (JQI), which was created jointly in 2006 by the University of Maryland, The National Institute of Standards and Technology (NIST) and the NSA.

“It's all in the open,” Monroe said. “As far as I know, they aren't ahead of anybody. But they have funded other research groups and academic institutions to develop [the quantum computer]."

Despite the muscle a quantum computer would carry in breaking data encryption methods, it remains to be seen when the tool could successfully be leveraged by the government for intelligence gathering.

On Friday, Elad Yoran, CEO of Vaultive, a New York-based provider of cloud data encryption solutions, told SCMagazine.com that as long as the government can coerce service providers into handing over their encryption keys in order to sift through customer communications, the more “conventional attack vectors” will continue to be most useful for spying purposes.

Last August, Ladar Levinson, founder of Lavabit, shut down his encrypted email service in an effort to keep the government from obtaining the company's master encryption key, which would have unlocked the data of Lavabit's 400,000-strong customer base.

“If they can get the data using more conventional attack vectors, then that's what they are going to do – and we know that's what they are going to do,” Yoran said. “Why use brute computing power to decrypt something when you can use other techniques to just get access to the encryption keys?”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.