Data security and quantum computing: Part 1

Data security is at the forefront of IT asset management and disposition, at every step in the lifecycle. Data must be protected while it’s actively in use as a part of IT inventory all the way to its end-of-life, whether that means remarketing, recycling, or destruction. We’ve talked before about how the ITAD industry (and the IT asset industry in general) is in a state of constant change. 2019 is no different and is already likely to usher in new standards for data sanitization and the first wave of high-capacity drives in mainstream use.

But perhaps no change will affect the future of, and practices around, data security more than the advent of quantum computing.

What is quantum computing?

Like a problem that classical computers are unable to solve, it’s incredibly challenging to sum up such a complicated topic and question into everyday language. However, getting a basic understanding of the underlying principles helps to display how important this technological revelation will be to the future of data security.

IBM Quantum Computing Depositphotos_218342084_l-2015IBM describes universal quantum computers as leveraging quantum mechanical phenomena to create states of superposition and entanglement that scale exponentially with number of qubits (quantum bits)

That’s a bit of a mouthful! To illustrate the difference a bit more simply, Bernard Marr, a technology advisor writing in Forbes, suggests that one imagine a sphere. The “bit” you’re familiar with today — you know, 0 or 1, as current computing models use — would be at either of the two poles of the sphere. A quantum bit (or qubit, as would be used by a quantum computer) could exist at any point on the sphere. This means a quantum computer using qubits could store a huge amount of information with massive processing power compared to current computers.

What does this have to do with data security?

To better explain how quantum computing could affect the future of data security, we once again must look at some complicated concepts — namely Shor’s algorithm and Grover’s algorithm.

Shor’s algorithm, developed in 1994 by mathematician Peter Shor, is a quantum computer algorithm. It’s designed to factor large integers — and theoretically could be used to break asymmetric public-key cryptopgraphy schemes (or more familiarly, a widely used example of this is RSA encryption). Of course, that would require a quantum computer powerful enough to do so.

Grover’s algorithm, developed by Lov Grover in 1996, is another quantum algorithm. With an appropriately powerful quantum computer, this algorithm could theoretically be used to break symmetric encryption schemes such as AES (e.g., AES-128, AES-256, etc.). If this sounds familiar also, that’s because it’s widely used for data security — an example use would be encrypting data held on IT assets such as SSDs.

In other words — computers capable of executing these steps could, in theory, crack through current methods of encryption.

What’s next?

In our next blog, we’ll be covering what’s being done for the future of encryption “post-quantum,” the realistic outlook for post-quantum data security, and why action is being taken now.

Topics: What's New in ITAD, Industry and Market News, Secure Data Destruction, Data Security