The Looming Threat of Broken CryptographyEvangelos Rekleitis of ENISA on the Need to Prepare for Quantum Computing Risks
Quantum computing eventually could break existing cryptographic methods with brute force attacks, so organizations need to prepare now, says Evangelos Rekleitis of ENISA, the European Union Agency for Cybersecurity.
“We have known about [quantum computing] since the 1990s that could actually break all widely used cryptosystems, things like Diffie Hellman and elliptic curves and RSA,” Rekleitis says. “For public key systems, we will have to find replacements. … Once we have a quantum computer, things like elliptic curves and RSA are mostly dead.”
Although quantum computers are not yet available, he says, "if I was a hacker with a lot of resources, and was able to capture and store all the communications that we are right now exchanging that are secured by a public key cryptosystem, after 10 or 15 years, once I get a [quantum computer], I can start decrypting all the past information that you have exchanged. So for a lot of organizations, the implications are now, so we'll have to act as soon as possible.”
In a video interview with Information Security Media Group, Rekleitis discusses:
- The definition of quantum computing;
- How current public key cryptography will be impacted by quantum computing;
- What today’s cryptographically reliant organizations should be doing.
Rekleitis, network and information security officer at ENISA, has has more than a decade of experience in information and communications technology governance, compliance and risk management. He has taken part in many EU-funded research projects on ICT security, privacy and risk assessment.