July 25, 2018
By John Breeden II
For my previous column, I talked about the threat that future quantum computers pose for today’s government data, and how the United States is risking falling behind other countries in the development of quantum science. In turn, I received more comments via tweets, email and other social media platforms than with any other column I’ve written recently. This is clearly a topic that is on people’s minds, which is a good thing because we need to be aware of both the advantages of this emerging technology and also the potential pitfalls.
One of the groups that contacted me was the National Institute of Standards and Technology. The agency wanted to assure me that right now, as far as it is known, AES-256 should be enough to protect government data even as quantum computers evolve. NIST has been studying this issue, and released their findings in the NISTIR 8105 report. NIST’s paper breaks down cryptographic systems into two main types, the public key systems used to protect things like webpages, and the symmetric key systems, like AES, which protects much of the government’s data.