Software updates for quantum computing create security flaws

Hello and welcome to Protocol Enterprise! Today: why the race to protect software against encryption-breaking quantum computing could backfire, more on the Biden administration’s plan to hobble China’s chipmakers and enterprise tech moves.

Now, the hard part

We may be just years away from a very sci-fi scenario turning into reality, with the arrival of ultra-powerful quantum computers that blow existing computing power out of the water.

But like with seemingly all new technology, quantum computing has a dark side: Such computers are expected to be able to obliterate existing methods of data encryption. (Whoops!)

  • The good news is that we now have a defense that should protect us, thanks to the efforts of cryptography specialists and the US federal government.
  • But there’s a catch with that, too: A lot of stuff has to be done before we can use the new algorithms for encrypting data that can withstand a quantum attack. And the preparation process itself could pose major security risks.

It’s inevitable that we’ll see a large number of vulnerabilities unintentionally introduced as software and hardware get updated, according to Jonathan Katz, a cryptography expert at the University of Maryland.

  • “We know how to design mathematically secure algorithms,” Katz told me. “We’re not quite as good yet at implementing them in a secure way.”
  • In part, this is because the tech industry feels some serious pressure to get going on this — and rightly so.
  • While nobody knows when exactly the threat to encryption might emerge, Google Cloud encryption expert Nelly Porter thinks advanced adversaries could have that capability in as soon as three years. (Other experts think it’ll be longer.)
  • “We have time to get ready. But we don’t have too much time,” Porter told me.

Once technology vendors have done their part to implement the quantum-resistant algorithms, that’s when the work for businesses will begin. And that will probably be the hardest part of all.

  • Hardware, operating systems and software will all need updates to enable the new quantum-proof encryption methods.
  • The process will require organizations to take an inventory of everything they use that leverages encryption — and then update, or replace, all of it.
  • Businesses might be paying little attention to the issue right now, but they probably shouldn’t wait too long to get up to speed on what will be required, experts say.
  • “People don’t realize the magnitude of what needs to happen,” said information security consultant Joseph Steinberg. And if encryption-breaking quantum computers show up sooner than expected — say, in the hands of the Chinese government — “we have a problem.”

Read the full report here.

— Kyle Alspach (email | twitter)

SPONSORED CONTENT FROM SOUL MACHINES

They created Digital People. Now they’ve made celebrities available as Digital Twins: Soul Machines co-founder and CEO Greg Cross and his co-founder Mark Sagar, Ph.D., FRSNZ are leading their Auckland and San Francisco-based teams to create AI-enabled Digital People™️ to populate the internet, at first, and soon the metaverse.

Read more from Soul Machines

‘Run faster or trip the other guy’

One question that has come up in the wake of our reporting around the Biden administration’s plan to block the export of advanced chip design software to China: How effective will that — and other similar policies — be at blocking China’s tech development? Protocol got a chance to catch up with former Undersecretary of Commerce William Reinsch and discuss tech export restrictions past and present.

What has the US approach to China and technology been in the past? Has it changed?

Historically, US policy towards China technology was to keep them a generation or two behind. It was a rather simple idea because it did two things: It kept them behind, but by selling them older stuff it also kept them dependent on our technology, and reduced the incentive to develop things on their own.

It was a successful policy up until [recently]until China figured out that in the long run if your goal is to surpass Americans, trailing along behind them in perpetuity is not going to get you where you want to go.

What’s China’s goal now?

China’s goal is [advanced] technologies, and to create global champions that ultimately capture 80% market share.

To what extent are export controls on technology related to chips effective in curbing China’s advancement?

If you’re running a race, there are only two ways to win: You run faster or trip the other guy. This conversation is about the other guy, but the more important strategies are the running faster strategy. And that’s the Chips Act and all the innovation money and that stuff.

You can criticize it or not, but the idea behind it is to sharpen America’s competitive edge and put us in a better position to compete with the Chinese. It’s basically related to our realization that the locus of competition is not going to be just in China, it’s going to be everywhere.

— Max A. Cherney (email | twitter)

Around the enterprise

Intel is nearing a deal with the Italian government to build a chip packaging plant in the northern region of the country (think truffle pasta), according to Reuters.

Microsoft is working on a Canva competitor that would up its game in the creative professional market, ZDNet’s Mary Jo Foley reported.

Cloudflare reported a 54% jump in revenue and raised its forecast for the rest of the year, which Wall Street loved.

SPONSORED CONTENT FROM SOUL MACHINES

They created Digital People. Now they’ve made celebrities available as Digital Twins: Soul Machines is at the cutting edge of AGI research with its unique Digital Brain, based on the latest neuroscience and developmental psychology research.

Read more from Soul Machines

Thanks for reading — see you tomorrow!

.

Leave a Reply

Your email address will not be published.