If true, this discovery poses a tremendous threat to the RSA data encryption systems that safeguard everything from national security to the global banking system, so we asked four technology security experts to weigh in on the plausibility of the Chinese claims:
- Petko Stoyanov, Global Chief Technology Officer, Forcepoint
- Richard Ford, Chief Technology Officer, Praetorian
- Tim West, Head of Threat Intelligence, WithSecure
- Tom Van de Wiele, Principal Technology & Threat Researcher, WithSecure
Is this a plausible claim? If not, why not?
Richard Ford, Chief Technology Officer, Praetorian: I am not running for the hills quite yet, fortunately. While I am concerned there's going to be an advance that breaks RSA encryption in my lifetime, I believe there's solid evidence that this isn't it. If you read the paper carefully, there are a couple of red flags, and of course, there's silence on one or two of the most important points. Because work like this can be hard to evaluate, there's the acid test: the RSA Factoring Challenge. The proof, as it were, is in the pudding. Can you actually do it? If you can't demonstrate it, it's abstract.
What the paper really describes is a theoretical approach that might be able to break RSA-2048 soon. That's it. It's a bit of a tempest in a teacup, to be honest.
Tim West, Head of Threat Intelligence, WithSecure: I honestly have no idea right now whether it's plausible or not. From what I have read, it has seemed to defy expectations, which places enormous intelligence value on such a discovery, so I would not expect a country to publicly announce it.
Imagine a worst-case scenario where China could reliably break 2048-bit RSA encryption at scale. However, based on what I’ve read, that does not appear to be the case. With that being said, any progression toward such a state is not good news. Having the quantum computing power necessary to break RSA at scale has huge implications, To explain the problem in Lehman’s terms, RSA uses a type of encryption that works on the basis that a mathematical equation can be completed, but not reversed – and China has just claimed to be able to reverse it.
What China may be claiming is that they are now able to reverse engineer the secret values using a quantum computer that defies expectations on how powerful the quantum computer needs to be to do so. If true, they can now reverse engineer the private keys that can decrypt all data they have captured that was encrypted using RSA (and possibly other asymmetric encryption algorithms).”
If this is plausible, what's the impact on encryption, privacy, and surveillance?
Petko Stoyanov: “At this point, nation-states are the only cyber attackers that can afford, program, and operate a quantum computer. Encryption is the cornerstone of our privacy, built on security concepts of confidentiality and non-repudiation of data. Confidentiality ensures that data is only shared between trusted individuals, and non-repudiation assures that the information transmitted has not changed and the sender cannot delay sending it.
If the encryption has been broken, nation-states with quantum encryption could, in theory, not only decrypt encrypted phone calls but potentially change information in encrypted systems while the data is in transit. All telecommunications, from emails to bank transfers and control systems for power plants, depend on encryption. The cybersecurity industry is especially concerned about “encrypted” data, which has been harvested or hacked to be decrypted later.
Are there ways for people and organizations to protect themselves and their encrypted data against the coming wave of quantum computing?
Petko Stoyanov: Most of us are digital pack rats, so we hate to delete data. Given that fact, is storing too much data a risk? For example, a telecommunications organization experienced a large-scale breach of users’ personally identifiable data, including social security numbers and driver’s license numbers. It turns out the breach totaled twice the number of the company’s active customers, demonstrating that data has become an asset and a liability. Organizations need to have data retention and deletion rules to ensure they are responsible for the data they are storing.
Are there ways for people and organizations to protect themselves and their encrypted data against the coming wave of quantum computing?
Richard Ford: Yes, as developers, we have choices around encryption standards, and better yet, there are incredibly robust libraries we can use. There are VERY few people in 2023 who need to be writing their own encryption routines outside of governments. There's quite a selection of so-called quantum-resistant algorithms that are readily available today. In terms of what ordinary people can do? Stop worrying, for starters. While the threat to encryption is real, they're much more at risk from not having a backup or responding to a phishing email.
For companies, it's a little more complex. If you build your own software, take a good look at your encryption practices, and at a minimum, make sure your code is modular and not possible to change algorithms. Better yet, get standards in place that start to move you to something that’s more robust. This likely isn't the proof we've been anxiously awaiting, but it seems likely that day will come in the next decade or two, so it’s best to be ready.
Petko Stoyanov: Identity the data worth protecting and assess the risk of storing the data. Implement security controls on your data (beyond just encryption.) Think access controls rules like MFA, data tokenization, or pseudo anonymization. Create and Implement data retention and deletion rules which limit the data your organization stores and processes. Finally, continuously scan your organizational systems for new data worth protecting.
