Article Details

Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption. With an off-the-shelf D-Wave machine. Chinese researchers claim they have found a way to use D-Wave's quantum annealing systems to develop a promising attack on classical encryption. Outlined in a paper [PDF] titled "Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage", published in the late September edition of Chinese Journal of Computers, the researchers assert that D-Wave’s machines can optimize problem-solving in ways that make it possible to devise an attack on public key cryptography. The paper opens with an English-language abstract but most of the paper is in Chinese, so we used machine translation and referred to the South China Morning Post report on the paper – their Mandarin may be better than Google's ability to translate deeply technical text. Between the Post, the English summary, and Google, The Reg understands the research team, led by Wang Chao from Shanghai University, used a D-Wave machine to attack Substitution-Permutation Network (SPN) structured algorithms that perform a series of mathematical operations to encrypt info. SPN techniques are at the heart of the Advanced Encryption Standard (AES) – one of the most widely used encryption standards. The tech targeted in the attack include the Present and Rectangle algorithms, and the Gift-64 block cipher, and per the Post produced results that the authors presented as “the first time that a real quantum computer has posed a real and substantial threat to multiple full-scale SPN structured algorithms in use today.” The paper was peer-reviewed. The researchers argue that the approach they developed can be applied to other public-key and symmetric cryptographic systems. The exact method outlined in the report does remain elusive, and the authors declined to speak with the Post due to the implications of their work. But the mere fact that an off-the-shelf one quantum system has been used to develop a viable angle of attack on classical encryption will advance debate about the need to revisit the way we protect data. It’s already widely assumed that quantum computers will one day possess the power to easily decrypt data enciphered with today’s tech, although opinion varies on when it will happen. Adi Shamir – the cryptographer whose surname is the S in RSA – has predicted such events won’t happen for another 30 years despite researchers, including those from China, periodically making great strides. Other entities, like Singapore’s central bank have warned that the risk will materialize in the next ten years. Vendors, meanwhile, are already introducing “quantum safe” encryption that can apparently survive future attacks. That approach may not be effective if, as alleged, China is stealing data now to decrypt it once quantum computers can do the job. Or perhaps no nation needs quantum decryption, given Microsoft’s confession that it exposed a golden cryptographic key in a data dump caused by a software crash, leading a Chinese crew to obtain it and put it to work peering into US government emails.