(Quantum) Encryption: Europeans Need to Come Down in Favor
For decades, Western governments have tried to balance privacy aspirations and calls by law enforcement to undermine encryption. Even as quantum computing provides ever more secure technology, governments will still be able to access digital communications by legally mandating backdoors. Countries such as China and Russia will continue to follow this route, but it will result in severe drawbacks in terms of securing their data from third parties. Europeans need to avoid this trap. Now is the time for the EU to finally side with encryption to protect digital freedom.
Strong encryption is fundamental not only to internet freedom but also to national security. Encryption makes censorship and surveillance harder. End-to-end encryption, for instance, reduces the chances that communications will be intercepted because it only allows the end points of two or more communicating parties to access unencrypted data. Other protocols – such as TLS 1.3, the newest version of Transport Layer Security (TLS), which is run via Encrypted Server Name Indication (ESNI) – even render it difficult for external actors to see which webpages an internet user is frequenting. Encryption has enabled informants to share information securely with investigative journalists. Similarly, it has protected sensitive government data “at rest,” the term used for data stored in any digital form.
The emergence of quantum computers will mean that most of the common public key encryption systems, on which much of current internet communication depends, will be broken. Quantum computers are uniquely capable of solving the mathematical problems that form the basis of public key encryption. By some estimates, large-scale quantum computers will emerge within the next two decades. Consequently, the European Union has begun to pursue two major routes to secure data:
- Quantum Key Distribution (QKD), i.e., communication channels that – according to the laws of physics – should be secure from quantum computers
- (Post-)quantum cryptography, which replaces existing cryptographic building blocks with newly developed tools that are believed to be robust against quantum computing
Securing Data from Quantum Computers
The EU’s European Quantum Communication Infrastructure (EuroQCI) Initiative, for example, employs both QKD and post-quantum cryptography to secure data flowing through fiber optic cables and satellite communications. EuroQCI is now in the implementation phase and should advance quickly in the next decade, providing ways to migrate communications to quantum-secure channels. But China has been quick out of the blocks too, and it is likely already trying to find ways to break into secure communications. China has long been at the forefront of quantum technologies; it established a secure transcontinental communication channel between China and Austria in 2017.
Worryingly, despite QKD often being described as “unbreakable,” several attack vectors against it exist. Quantum cryptographic algorithms, devised in a way that makes it hard for quantum computers to break, are relatively well established theoretically although they have not yet seen widespread deployment. Several quantum cryptographic standards have been proposed, but – despite rigorous analysis by the academic community – none of them has undergone real-world testing in terms of scale or mission critical deployment. As previous experience has shown, changing encryption standards on a large scale is known to be a very lengthy process.
But the real trouble – the data time-bomb – lies in the fact that there is little that governments or individuals can do about existing data that is protected with current encryption methods. These existing data—whether stored at rest or surveilled by (hostile) third parties—present a real vulnerability. While it is relatively simple to migrate existing infrastructure and software to use quantum algorithms, the threat derives from countries like China that may already be storing foreign data and waiting for quantum computers to advance sufficiently to crack it.
The Quantum Age and Internet Freedom
What does the quantum age mean for internet freedom? For the most part, more of the same. It will remain relatively easy for authoritarian regimes to snoop data domestically. While individuals may be able to deploy quantum algorithms, centralized communication service providers will continue to be highly vulnerable to attacks from legislation that may be technically dull yet is practically effective.
Within democracies, long-running “crypto wars” will simply evolve into “quantum crypto wars”; little will fundamentally change in terms of regulation and policy. Services such as Signal or WhatsApp will upgrade their end-to-end encrypted services to post-quantum cryptographic algorithms. Some governments in Europe will continue to argue that law enforcement should be granted exceptional access to systems, continuing in the vein of recent attempts in this direction by the European Commission and UK. Governments will likely continue to deploy key escrow – decryption keys held by industry and shared with the government – to weaken post-quantum cryptography.
Measures will also continue to be introduced to protect web traffic. Amazon first implemented post-quantum TLS in 2019 to protect key exchange for TLS connections to its Amazon Web Services (AWS). While this step indeed protects against quantum computing threats, it cannot prevent authoritarian governments from using state-issued certificates to render it moot. In 2015, for example, the China Internet Network Information Center used such certificates to allow Beijing to intercept data from users surfing the world wide web. The mathematics of the strongest cryptography fail when the government holds the keys.
The Need for Western Governments to Come Down on the Side of Encryption
As European authorities face up to the fact that banning encryption and inserting escrow keys come with major security risks, governments such as China’s are doubling down. China will continue to maintain key escrow to access domestic data from Apple – regardless of whether that data is encrypted via current algorithms or their post-quantum successors. As always, countries hostile to current encryption will ban the future deployment of end-to-end quantum cryptographic messengers or services.
Western governments, too, will almost certainly continue to push for exceptional access to the communications of their citizens. While the war on terror has further propelled these tendencies, Western governments must realize that this access will hurt them in the intensifying geopolitical competition with China and Russia. Weakening encryption opens the door to Beijing’s and Moscow’s foreign intelligence agencies. In the face of escalating geopolitical competition, Western governments must end the (quantum) crypto wars by finally endorsing strong and ubiquitous encryption. They should leave the Achilles’ heel of vulnerable systems to their authoritarian competitors.
This DGAP Memo was published on June 20, 2023.