Show logo

Post-quantum Cryptography

  |  Compiler Team   Security

Compiler • • Post-quantum Cryptography | Compiler

Post-quantum Cryptography | Compiler

About the episode

What happens when the encryption protecting the world’s most sensitive data is broken? As quantum computing advances, the standard algorithms we use for banking, healthcare, and government operations are facing an existential threat.

Red Hat Distinguished Engineer Simo Sorce breaks down the real-world implications of post-quantum security threats, and how the IT industry is shifting toward quantum-resistant services.

Compiler team Red Hat original show

Subscribe

Subscribe here:

Listen on Apple Podcasts Listen on Spotify Subscribe via RSS Feed

Transcript

So I thought back to Y2K and you think about like the year or two before that and just the panic. Absolutely. I mean, if you're old enough to remember, right, the panic that people had with the idea that all these computers were going to break at midnight when it hit 2000. Right. And it didn't materialize because we did a lot of proactive work. Right. So we could take that approach, do this proactive work. And Y2Q is a nothing burger like we solved it. Right. The alternative. The other part that made me think about it was like the old Ghostbusters movie, right? When they talk about, like, cats and dogs fighting in the streets, mad chaos, you know, like right at the end when everything's going down and they're in front of the mayor and they're like, what do we have to do? Right. And then it's like, that's literally where it'll be if we do nothing. This is Compiler and original podcast from Red Hat. I'm Vincent Danen and joining Emily Bock this season to talk about product security. Today's episode the countdown to Y2Q and what quantum computing means for the IT industry. Today, we're tackling a topic that sounds like science fiction. The threat of quantum computing to current encryption and how companies, governments, and other organizations are preparing for a quantum-safe future. Giving us a break down of this topic, we have Simo Sorce. Simo is a distinguished engineer at Red Hat and he leads the Red Hat Enterprise UX Crypto Team. So I know we're not talking investments or super dogs here. So what exactly is the Crypto Team? Well, that's the team that handles cryptographic libraries and things that are products that are related to strong cryptographic use. Well all right then let's dive straight in. When we talk about quantum computing and cryptography, what exactly is the threat? How are things expected to change? Yeah, quantum computing is quite interesting and not much about speed, but about a completely different paradigm to be able to compute things. Quantum computing is based on, you know, physics, and it can provide tools that classic mathematics cannot deal with. Specifically, it has a number of algorithms where you can run computations and find, you know, solutions to complex problems that cannot be done through a classical computer. I mean, a classical computer can try to do it, but it takes, as you said, a long time because it has to check all the possibilities. You know, one by one, you can paralyze the problem to some degree in some cases. But classic computers are limiting what they can do to attack this kind of problems while quantum computers. There are a few algorithms that specifically, when we look at cryptography, can, deal with some of the hard problems that cryptography is based on and make them not hard anymore. So it's not just about doing current calculations faster, but about solving problems that are currently intractable for our machines. And there are specific algorithms here that pose a threat to cryptography. There are two well known algorithms, that we now have in the toolbox when it comes to quantum computers. And one is the Grover's algorithm and other's SHO's algorithm. Interesting algorithms. Grover's algorithm is a way to search keyspace and, allows you to look for let's say a random key faster, you know, basically in a, in a nutshell, halves the size or half the strength of a key. But it stops there. SHO's algorithm is more specific to a few problems, like the factorization problem, of which the RSA algorithm is based, or EEC also, elliptic curves. These two problems, can be vastly simplified to SHO's algorithm and if and when we'll have a quantum computer is big enough to handle the keys that these algorithms use it will be a matter of hours, if not minutes, to basically break one of these keys and, and find, you know, find the private key from the public key. So SHO's algorithm is, a threat to, you know, current cryptography. Now, we've talked about encryption on a past episode of Command Line Heroes, but it's been a little while. So how about a refresher? So pop quiz. Vincent, how does modern encryption work? Well, the best way to talk about it or describe it is using an analogy. I love analogies. So we'll think about, a digital mailbox. Right. So in this particular mailbox you can have one key that can lock the mailbox and other keys that can unlock the mailbox. Think about your, you know, deliveries that you get online, right? You can hand out all of these keys, we'll call them the public keys, to all the people who are delivering those packages to you so they can use that key to unlock the box, place the package in. Mhm. Right. And then that way that package goes in there. Now you have one master key which is your unlocking key. And that is the one that allows, you know, the individual myself to be able to unlock the mailbox to pull that package out. So it's kind of a one way transference with multiple public keys. And then one way of getting that data out with my with my private key. Gotcha. So like master key versus the kind of like a hotel key card, like you can give it to anyone, but it's not the one that gives you, you know, behind the scenes access. Ish. Maybe, maybe here's another way of looking at it. Right when you're looking at cryptography, the whole idea is to make, this data private to only the intended recipient. Right. So maybe we'll take a look at it from a paint mixing perspective. Right. So when you're looking at mixing different colors in paint, now my primary colors is probably wrong. But if you're looking at blue and yellow. Right. You mix us together you'll get green. How do you unmixed that green paint to get the blue in the yellow? It's a one way operation. So you have what you could call a master key, a trapdoor, secret sauce, whatever it is that basically allows you to take that green paint and pull it back towards composite blue and yellow parts. Gotcha. Effectively, like, try to boil this down to, like, the basics. And I mean, I'm not a cryptologist, so I can't get into the same details that Simo can, but at its essence, that's effectively what cryptography is. That makes sense. And so in that kind of scenario then locked equals encrypted for our benefits, is that right? Correct. So like I'm old school and the way that I think about public key cryptography is with, the GNU privacy guard or GNUPG. And basically what you're doing there is like, I create a secret key or. I create a secret and a public key. So I have my key pair. I can publish my public key on the internet so that people know how they can send me encrypted email messages. That public key is public. Anybody can use it. Anyone could can take care of it. Yeah. You know, just send me stuff. The secret key that I have that if that thing ever gets compromised or like you protect that thing, I don't want to say with your life, it's not that important. But you. But you protect it, right? Like it is offline. It's like in a bank safe. Whatever. That key is private to me. As soon as I think it's compromised, then anyone can decrypt any of the data or emails or whatever that have been sent to me using that public private key pair. Gotcha. And so Simo said that with quantum computing, breaking keys like that private key could take hours or minutes, not longer than that. That's a big difference between the current time scale we're looking at, where it would take a classical computer to break them. So SHO's algorithm fundamentally changes the game for current asymmetric cryptography. Exactly. We ask Simo about the current state of this technology, and we're going to hear from him again after the break. All right. Let's pick up where we left off with Simo Sorce telling us about the current state of quantum computing. Yeah. So the problem is that these computers are coming at some point. I mean, there's still skeptics that say, oh, that will be, you know, physical issues by which you will never get a computer. You cannot. But we can't bet on that. You know, so far progress is happening. You know, they're improving, you know, every year getting bigger and more coherent, less errors. And so we need to expect that a quantum computer able to actually crack current, cryptography will be available at some point in the future. That's something some people called Q-DAY, you know, or Y2Q to remember the Y2K. But, the point is, we need to start finding a solution for when this will happen. So we know it's going to be a problem. But what about the data we're encrypting today? Is it safe from a quantum computer? Oh, that is an entirely other issue. The first problem we have already today is that, we transmit a lot of data over the internet, you know. That data is encrypted because, of course, that being, you know, a lot of important data, we encrypted it, but the encryption is using the current cryptography, classical cryptography. So what are organizations like nation states doing is they are doing something called: harvest now, decrypt later. What does it mean? They record all of the communications that happen anywhere on the internet that they can access. They store the whole communication, the whole back and forth between computers from start to finish into hard drives somewhere. And the hope is that in a few years, they will have a quantum computer that is powerful enough to go back to those communications, break the keys, recover the information. Decrypt the whole screen and see what communication went on. They don't know what's in there. I mean, in some cases they may have an idea what kind of communication like if they're if they if they record your communication, I don't know, maybe a bank, they will know that there's most likely banking information there. Right? Or if they record your information when you talk to your doctor, you they will know that is probably some information. And when you talk to your insurance, it's probably some insurance information and so on. Well that is a chilling thought. And kind of strikes me, as with your mailbox, analogy, there, they're just taking the whole mailbox on the off chance they'll be able to break in later. That means, like, sensitive information shared today, even with our current encryption standards, could be exposed retroactively in the future. So what's the solution to this harvest now decrypt later problem? We need to start encrypting now with an algorithm that cannot be broken. Not be, you know, cracked by these future computers so that the communications with us with now there will be, protected into the future. And that's what post-quantum security is. Well, phew. I'm glad to hear there's a solution. How are these new post-quantum algorithms being developed? Like, are they just stronger versions of what we have now, or are they something completely different? That is a great question, and I'm so glad that Simo is around to answer it. It's based on very hard problems that are easy to solve if you have, you know, all the pieces of information, but it's very complicated to solve if you only have part of the information. And these asymmetries, what is using asymmetric cryptography so that you can provide a public key to someone else and you keep your private key and you never show it to anybody else. And so once we identify a problem like that, that becomes very interesting because you can create a cryptographic algorithms on top of that problem that cannot be broken by, you know, a quantum computer. Sounds like a massive undertaking to update the entire software stack. But what are some of the biggest challenges in this move to post-quantum cryptography or Y2Q? So Simo was talking about a lot of stuff there. The biggest thing for me that kind of keeps me up at night is this whole the whole premise of harvest now, decrypt later. I mean, and you kind of reacted a little bit to it earlier, like, oh, that's a chilling thought. Yeah, a little scary. Totally scary, right? Well, in some ways, right. In some ways it's not that scary because one thing that we do today just because it's so easy and modern computing makes things so much faster, we encrypt everything. Right. I mean if you're going to I know to a comic website now and nothing's super scary about that. But the data is still encrypted. Right. So I mean okay all they'll know is that I looked at this comic, super exciting. But it's the other parts that really kind of concern me and more like Simo noted it, the whole nation state thing. Right? I think there's a lot of data that's been harvested for a while that is just sitting there, a lot of it is going to be useless, but a lot of it or some of it could be actually really, really impactful. And some of it could actually be very embarrassing. Mhm. As well. Right? Exactly. I imagine some of it will be outdated by then as well. But there's some pieces of information that don't really lose their value over time as much know. And you think about it like not to where the conspiracy theorist tin hat or tinfoil hat or whatever. But I mean, you think about things that we've been told, but let's just pick on governments, right? Things that we're told by governments, and then 20 years into the future, we find out because we can crack this stuff and we've seen some internal communications or whatever, like, hey, that thing we actually told you about, not true. And we knew it was a lie when we were telling you. Yeah. Right. Like those sorts of things like that could be embarrassing. This an erosion of trust in public institutions. I'm not saying that they do that necessarily, although, a part of me thinks it's probably happening, you know, human beings being what they are. But I think that like, those are the sorts of things like, what are all the things that are going to happen once these things find out? And I think that companies and governments are wising up to this, which is why we have this push to make some of these changes now so that like, geez, all of this secret information or embarrassing information or sensitive information cannot be found out later. Yeah. Well, I think there's an element of like shifting goalposts there too. Like there might be something that isn't important now, but due to change of, you know, I don't know, society or linguistics or just standards 20 years from now it would be. Yeah. I mean, I'm like a big freedom of information person, right? And in a lot of ways. So I think that at some point, some of those things coming out public later probably should have been public to begin with. So part of me, the little anarchist in me is like, yes, we should do this, right? But then I also know that, like, I rely on modern banking as well as everybody else. Like, I really don't want that stuff to become public. Rright. Or even not even public in the hands of mal actors who are going to weaponize that information against me. So it's not public, but it could be used against me to specifically target me. Exactly. Like there might be data out there that would compromise over data you have out there as well. Like if they get a chunk of stuff that has a key in it or a password or something that could simplify other things down the road. You're actually kind of, I think nailed it, right, when you said password. Yeah. You know, I'm a security guy, password nerd, whatever... My wife is terrible for this. I keep trying to change her. But she'll use the same password on multiple websites and, like, listen, if all it takes is one of these sites to get compromised, they have your email address, they have your password, and now they're going to try every other website to see if you use that same password and same email address on all of them. Yeah. It's like one thing goes down, the whole ship goes down. Completely. So like to your point, once they have like small pieces of information that you can put together and maybe, you know, since we talk about AI a lot, maybe that actually makes it easier and faster as well. Right. Coupled with post-quantum, I mean, the future is weird. Like it's going to be interesting and crazy seeing what comes out of all of this. Well, I was going to say it's been minutes since we last talked about AI. We had to. There's like there's an element of like anything that they have then they decrypt could also be used to train an AI model. Like it's not just in compromising data, it can be in getting value from unexpected places. Nefariously. And I mean, AI it's really good at drawing connections. So you start giving it disparate pieces of data, say like find certain things out for me, Makes things so much easier, right? It's going to find everywhere you just use that password. Exactly. And that's just one example, right? Exactly. So to move us back to some of the stuff that Simo was talking about, what are some of the biggest challenges you see in this move to post-quantum cryptography or Y2Q? I think Simo's got some interesting ideas. We'll ask him again. One of the problems with security in cryptography is that it's super important, but you don't get money by encrypting your stuff, like you lose money. So the incentive is the risk. The perceived risk of not doing it is like, oh, if I do this, I'll, you know, this is the amount of dollars I'll gain. So it's a little bit harder to provide the right incentives in this area sometimes. So Vincent, we both know for a lot of companies priorities are driven primarily by profit. So in this case where Simo was talking about, you know, there's not direct revenue attached to any of this work. What is the incentive for companies to make this transition and other vital changes to their product security if there isn't an immediate financial gain? Well, that's I mean, fundamentally, that's the question around security just in general, right? Like most people think, security is a cost center rather than a revenue driver. I mean, in some cases it's true. Right. But then at the same time, it's like insurance. Mm. In a lot of ways, like we're doing these things to ensure we avoid or try to avoid a negative outcome later. It's the whole reason we fix vulnerabilities, right? We fix them so that they can't be exploited later. Right. We want to proactively fix these things so that they can't be found or exploited later in the area of the crypto and the post-quantum crypto in particular, what we're trying to do is avoid the things that we talked about before. Right. We want to avoid embarrassment, financial ruin... All of these things that could come out of our data being decrypt. Like you're talking about things like you know a company's IP. You know if somebody can sit there and I don't know decrypt secret plans for like, you know. Quantum computing I'd say. Quantum computing chips or AI chips or something like that. And they can make a lower cost alternative, you know, in a country that's embargoed, that doesn't get those chips or gets weaker chips from us, or I mean, these are things that are happening in the world right now anyways, right? So if those details are leaked that that intellectual property is leaked, we could see like markets shifting. Yeah. Right. And some companies who are dominating in the AI space may suffer as a result of that. Their shareholders suffer and all of these things. So it's not it's not driving profit or driving revenue. It's a risk reduction and a revenue decline proactive preventative measure that I actually don't think a lot of people appreciate. Yeah. And I say this biased, in terms of just product security in general. Right. They're like, well, what do I need to do this stuff for? Like I'm sure I'm sure that's not going to happen. I was actually looking at this just the other day. Just the number of data breaches rising year over year. Yeah. I mean, we tried doing a bunch of stuff, and if we were doing the right stuff, you'd think those numbers would be coming down. They're not coming down. They keep going up. Right? So in this case, you know, with the quantum stuff, what's that- I mean, I don't even know what that curve is going to look like when we're able to start breaking this stuff and this can potentially allow for other companies to be attacked more quickly, more easily, because they're able to break the encryption. Right. Like the they'll have the keys to the kingdom if we do nothing. I think it's a little bit like a dam breaking because like, if everything's kind of on the same standard of encryption, if you break that standard, that's kind of along the lines of what it sounds like quantum computing is lining up to do. It's not just breaking the key, it's breaking the ability to make a key that is safe. Yeah. And, you know, it actually made me think of two things. One, we call it Y2Q so I thought back to Y2K and you think about like the year or two before that and just the panic. Absolutely. I mean, if you're old enough to remember, right, the panic that people had with the idea that all these computers were going to break at midnight when it hit 2000. Right. And it didn't materialize because we did a lot of proactive work. Exactly. Right? So we could take that approach, do this proactive work and Y2Q is a nothing burger. Like we solved it, right? The alternative, the other part that made me think about it was like the old Ghostbusters movie, right? When they talk about like, cats and dogs fighting in the streets, mad chaos, you know, like right at the end when everything's going down and they're in front of the mayor and they're like, what do we have to do? Right. And then it's like, that's literally what it'll be if we do nothing. Yeah. And a quantum computer is realized and it's cheap enough that somebody can use it. Right. Or I mean maybe money isn't a concern for nation states. I don't know, I'm not one so. They probably have lots of money that I don't. But when they're able to start using these things, if we haven't put these protective measures in place, it's going to be chaos. Yeah. Essentially, we could end up with Y2K as it happened or Y2K as we feared it would. Correct. It kind of depends on what we do about it now. 100%. And the problem is with Y2K, we knew when it was. Like a very specific date. Right. And it wasn't within our control to test, like you can roll your computer forward and actually see like okay, I'm going to test see what breaks. Time-stamped doom. We can't do that. Yeah. Because these computers aren't there where they're able to actually do the things that we hypothesize will be able to do. But once they are, it's like we've gone from 0 to 1000 in one moment. Exactly. And we don't know when that moment's going to be. Yeah. That's spooky. It's a little nerve wracking right. Like I would like to know, like how long do I have? Do I have five years to do this? Great, I can pace myself. Do I have six months? Yeah. I'm dropping everything else and focusing on this, but it's somewhere in that range. Like we don't know. Yeah. Or necessarily what resources we need to get there. Like, we don't know that we need X COBOL coders. Oh. For now. Who knows? Yeah. And that's the thing. We don't know. Right. And it is a collective thing, right? Like, it's not like everyone's re-implementing these algorithms themselves. We think about things from an open source perspective. There's a few cryptographic libraries. Those are the ones that need to be updated. Most of them are, but then it's using them. All the applications that use it like they have to be reconfigured, they have to be tested. They there's all these things. Yeah. So we have to start. Exactly. We don't just have to find the cure. We have to then administer it everywhere. I like that. that's a good way of putting it. Okay, so Simo says there's no need to panic today despite my tinfoil hat. Right. But proactive measures like we were talking about are still definitely required. And I want Simo to give his final takeaways for security professionals or just for interested individuals. And say, if you are a professional, you need to make plans. Start with simple things: inventory, you know, what you have and what you think will be, you know, at risk. Find out when your vendor if you're you know, if you're purchasing your software or you know, using services when your service will provide you with your access, to the service using post-quantum resistant algorithms so that you're secure for the future. So it is something that almost all of us can deal with. By example, you could check, in your browser, if you wanted to, you know, what kind of encryption has been used in this connection? I mean, I don't think people will do that. Of course. But you can, you know, you can find instructions on the one how to how to find it out. But it's more like, you know, look out for services, that start advertising: hey, our connections are secure and are post-quantum safe or quantum resistant. So that's the thing that people can look out and, and start doing their part to secure themselves. All of this does sound like a pretty huge undertaking. But it's also not just all doom and gloom. It's also a growing field with a lot of opportunities. Hey, you're right. It is a huge undertaking. But I do think there is, a lot of opportunities as well. And, I mean, I've said it. Simo said it. Like, do you need to panic? No, but, like doing nothing isn't an option either. Yeah, a little bit of preparation is key. I like he gave really a good action item there. Like watch for things that are advertising for, you know quantum resistance. That's very feasible. Yeah, but honestly Emily, how many people do you think are going to do that? Oh, not many. I think about my mom. Right. I mean, my mom still wants to go to the bank with, like, withdrawals, like to talk to a person, like, not even online banking. Like that was a that's a bit of a hurdle to get her there. Like she doesn't even know. I mean, I hope she knows that there's encryption happening there, but she just doesn't, she just trust that these things will work. Yeah, I suspect that most people on the planet have literally no idea about this problem. Right. Don't necessarily care about it. And, you know, AI is the big shiny so everyone's kind of focus. They're worried about that. They're thinking about the opportunities and possibilities and, and everything else. Like that's great. This is just like the growing fire risk in the corner. 100%. Like, don't get me wrong. Like, I love the potential of AI and everything else. But when I sit there like as a security person, as somebody who uses technology every day and I believe I use it securely, you know, with good security practices in mind. There's this gap of like, I have no control over this thing. I am much, much bigger than any one company or one product. It is. Like, even if you're looking at something, just the interaction of your browser to a website, right? Oh, my browser, my browser has to understand these new algorithms. It has to be able to use them. The website I'm connecting to has to be able to use them. Mhm. The transport layer in between so if I'm using something like, a content distribution network or a proxy of some sort, like, Cloudflare or whomever. Like, that has to be quantum-resistant as well, right? Using the same algorithms. So this whole round trip of what we just think of, I'm typing the URL in my, my browser, I'm going to it, I'm doing stuff. Yeah. The mechanics around all of that there is challenging and everybody has to work together to do it all. Exactly. I kind of see it as if we were trying to update and rebuild every road in the United States all at once, because someday they'll catch on fire. But, you know, a bunch of different people own different roads. There's different regulations. They have different purposes, and you can't just shut down a highway to update it no matter what many of them would believe in repaving efforts. And you clearly don't live in Canada because I was we do shut down roads. It is frustrating. Oh, we do shut down roads too. Oh is it painful. Some of these like highways and stuff. They get shut down for that of like can you guys go faster and can you do it at night please. Yeah. And you know what? Maybe that's a good way of looking at it. Like, there are a lot of vendors and you know, Red Hat's one of them where we are doing that sort of stuff. Like, it's behind the scenes. It's not interesting. It's like the grunt work that we do so that we can make these technologies and platforms and protocols all safer for people so that it's like, I don't know, we created and paved a new highway while the old one was being used. And then we just seamlessly shift over to the next one and you don't even know that you're on a different road. Yes, that's the ideal. That's the goal, right? Somehow, I don't believe it'll go quite so smoothly. But I do like the dream. Well, I mean, maybe if we start sooner rather than waiting for panic, like, again, Canadian reference because we have terrible potholes up here because of our winters. But like, stop waiting for the road to be full of potholes and cars, just, like, start falling into them. Right? Which is literally what will happen if we do nothing. Exactly. Start working on that highway and we can take some time to do it and do it well, and then we'll just seamlessly shift people over and then folks like my mom will literally have no idea and that would be a hallmark of success. Absolutely. I hear you there. So really, I think a lot of what we're saying is that one way or another, quantum computing is here, and it will only become more widely available, and we're going to have to reckon with some changes on how we do encryption. And it's important, of course, to be proactive and not reactive when that happens. Getting ahead of those changes and being reactive about it might mean change is coming too late. Absolutely. So we've talked a lot about our opinions here, but we want to know what you, the listeners, think about Y2Q as well. Hit us up on social media @RedHat and use the #compilerpodcast to share your thoughts. And I think that will do it for this episode of Compiler. This episode was written by Kim Huang and thank you to our guest Simo Sorce. Compiler is produced by the team at Red Hat with technical support from Dialect. And if you like today's episode, tell us. Oh, and follow and review our show on your platform of choice. And we'll see you later.

More about security

Security for modern systems is defined by its adaptability to newer attacks, and its integration into infrastructure and product lifecycles.

Blog post

Zero CVEs: The symptom of a larger problem

February 13, 2026
  |  
James Labocki
Security
Blog post

Extend trust across the software supply chain with Red Hat trusted libraries

February 13, 2026
  |  
Sudhir Prasad
Application development and delivery, Security
Original podcast

Understanding AI Security Frameworks | Compiler

Security
Original podcast

Data Security And AI | Compiler

Security
Original podcast

Data Security 101 | Compiler

Security

About the show

Compiler

Do you want to stay on top of tech, but find you’re short on time? Compiler presents perspectives, topics, and insights from the industry—free from jargon and judgment. We want to discover where technology is headed beyond the headlines, and create a place for new IT professionals to learn, grow, and thrive. If you are enjoying the show, let us know, and use #CompilerPodcast to share our episodes.