In the last several days, headlines have been plastered all over the internet regarding Chinese researchers using D-Wave quantum computers to hack RSA, AES, and “military-grade encryption.” This is true and not true.
A white paper published by the Chinese Journal of Computers in May of 2024 dives into quantum annealing via D-Wave systems using Ising and QUBO models to factor RSA-protected integers, which is a critical component in breaking encryption.
The paper goes on to describe the researchers’ success at breaking 50-bit RSA encryption as well as the process in which they did it.
There is no mention of attempts to crack AES encryption in the paper. There is no mention of “military-grade” encryption either.
What does any of this even mean and should I be worried?
TL;DR – NO. But please, read on.
RSA encryption is pretty much the standard encryption we use on the daily every time we check our email or browse the ‘net – it’s the “s” in “https://”. There’s a public key and a private key and they’re mathematically related through a ridiculously large number that’s very difficult to break down into its prime factors needed to crack without the keys. We’ve been using RSA for decades. Additionally, our devices are generally using 128-bit or 256-bit AES encryption whenever we log into a router with a password when we connect to Wi-Fi.
Yes, Chinese researchers were able to hack a 50-bit encryption key using quantum computers.
They could have also hacked a 50-bit RSA key with an iPhone in just a few seconds. Or even that old Celeron 200 MHz laptop that’s been in the back of your closet for the last 20 years that you just can’t get yourself to throw away because of its nostalgia. As early as the 1990’s, a 512-bit RSA key was considered to be weak by encryption standards.
Modern everyday RSA encryption is 2048-bit. By adding bits, cracking encryption becomes exponentially more difficult – in this case, 50-bits to 2048-bit is 2^1998 times more difficult to crack. That’s a 1 followed by 601 zeros. We don’t even have a formal name for such a ridiculously high number.
To really illustrate that, in 2010, a team of researchers from around the globe cracked a 768-bit RSA key after two and a half years of continuous number crunching on hundreds of computers working around the clock.
As mentioned before, the paper does not include any verbiage about attempting to crack AES encryption. That being said, “military-grade” encryption is generally 256-bit AES. The RSA key equivalent would be 15,360-bit.
Quantum computers most certainly sound like something from the future, and they still mostly are. Humans have only just scratched the surface of the surface in what may be possible. Years from now, quantum computers very much will be able to crack longer and longer encryption algorithms. But not today.
In conclusion, while a pocket calculator might not have the processing power to hack a 50-bit RSA key, the phone you’re likely reading this on absolutely can. And so can a D-Wave quantum computer.
Paper – “Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage”: Chinese Journal of Computers (PDF)
Source of Article