March 29, 2024

We are increasingly called upon to evolve in the Cyberworld, either as an economic agent or as a citizen but now also as a patient or tourist. While we were quickly won over by the benefits of this Cyber world, we were slow to perceive the dangers we may encounter there. Recent events have forced us to do so abruptly. Ransomwares such as Wannacry have invaded the news and opened our eyes.

Fortunately, faced with the risks of these new uses, we have two significant advantages. We have at our disposal cryptographic algorithms that provide us on the one hand with the guarantee of identity and on the other side with the confidentiality of exchanges. The most used algorithm is based on asymmetric keys. In a communication, each participant has a private key and a public key that he provides to his interlocutors. The private key allows to sign messages, and recipients can ensure his integrity by verifying his signature with the public key.

The link between the public key and the private key also allows the recipient to verify the identity of the sender. They can also send an encrypted response with the public key, and only the person possessing the corresponding private key can decrypt it.

Very often, these keys have RSA keys, initial of the name of their inventors (Ronald Rivest, Adi Shamir, and Leonard Adleman). Their principle has been known since 1977. It is based on the difficulty of finding each of its prime numbers from the product of two large prime numbers.

However, the appearance of quantum computers is shaking up all this; indeed, the mathematician David Shor showed in 1994 that they could, in theory, be used to quickly factor large numbers, rendering broken not only the RSA keys but also those using elliptic curve mechanisms. The qubit is the elementary unit that these computers handle; unlike the bits of conventional machines, they do not correspond to a single possible state but a set of states. The number of qubits is a measure of the power of quantum computers.  These results were achieved using a D-WAWE 2000Q computer. As its name suggests, this computer consists of 2000 qubits, but these qubits are of a particular type that could not be used for the factorization problem. The quantum computers that can be used to run the Shor algorithm on them are currently much less powerful, with less than 80 qubits, because they are more complex to build.  It is, therefore, a significant step. If there is still a long way to go for 2048-bit number factorization, since the largest of the first factorized numbers is 18 bits, there is now a Damocles sword above the security of RSA keys.

It is crucial to prepare for these changes as soon as possible to ensure a smooth transition. It is challenging to predict when the first powerful enough quantum computers will be built or even if they will exist one day, but by the time they are there, it will be too late to act.