Google is dramatically shortening its deadline readiness for the arrival of Q Day, the purpose at which existing quantum computers can break public-key cryptography algorithms that secure a long time’ price of secrets belonging to militaries, banks, governments, and nearly every individual on earth.
In a post published on Wednesday, Google said it’s giving itself until 2029 to arrange for this event. The post went on to warn that the remaining of the world must follow suit by adopting PQC—short for post-quantum cryptography—algorithms to reinforce or replace elliptic curves and RSA, each of which might be broken.
The tip is nigh
“As a pioneer in each quantum and PQC, it’s our responsibility to steer by example and share an ambitious timeline,” wrote Heather Adkins, Google’s VP of security engineering, and Sophie Schmieg, a senior cryptography engineer. “By doing this, we hope to offer the clarity and urgency needed to speed up digital transitions not just for Google, but in addition across the industry.”
Estimates for when Q Day will arrive have varied widely because the mid-Nineties, when mathematician Peter Shor first showed that a quantum computer of sufficient strength could factor integers in polynomial time, much faster than classical computers. That put the world on notice that RSA’s days were limited. Follow-on research showed quantum computers provided an analogous speed-up in solving the discrete log problem that underpins elliptic curves.
The timeline for this arrival relies on when existing quantum computers will contain the required variety of qubits that may correct inevitable errors. In 2012, most estimates were that a 2048-bit RSA key may very well be broken by a quantum computer with a billion physical qubits. By 2019, the estimate was lowered to twenty million physical qubits. A running joke amongst researchers has been that Q Day has been 20 years away for the past 30 years.
