Enlarge (credit: Getty Images)

The Signal Foundation, maker of the Signal Protocol that encrypts messages sent by more than a billion people, has rolled out an update designed to prepare for a very real prospect that’s never far from the thoughts of just about every security engineer on the planet: the catastrophic fall of cryptographic protocols that secure some of the most sensitive secrets today.

The Signal Protocol is a key ingredient in the Signal, Google RCS, and WhatsApp messengers, which collectively have more than 1 billion users. It’s the engine that provides end-to-end encryption, meaning messages encrypted with the apps can be decrypted only by the recipients and no one else, including the platforms enabling the service. Until now, the Signal Protocol encrypted messages and voice calls with X3DH , a specification based on a form of cryptography known as Elliptic Curve Diffie-Hellman .

A brief detour: WTF is ECDH?

Often abbreviated as ECDH, Elliptic Curve Diffie-Hellman is a protocol unto its own. It combines two main building blocks. The first involves the use of elliptic curves to form asymmetric key pairs, each of which is unique to each user. One key in the pair is public and available to anyone to use for encrypting messages sent to the person who owns it. The corresponding private key is closely guarded by the user. It allows the user to decrypt the messages. Cryptography relying on a public-private key pair is often known as asymmetric encryption.

Enlarge (credit: Getty Images)

The FIDO2 industry standard adopted five years ago provides the most secure known way to log in to websites because it doesn’t rely on passwords and has the most secure form of  built-in two-factor authentication. Like many existing security schemes today, though, FIDO faces an ominous if distant threat from quantum computing, which one day will cause the currently rock-solid cryptography the standard uses to completely crumble.

Over the past decade, mathematicians and engineers have scrambled to head off this cryptopocalypse with the advent of PQC—short for post-quantum cryptography—a class of encryption that uses algorithms resistant to quantum-computing attacks. This week, researchers from Google announced the release of the first implementation of quantum-resistant encryption for use in the type of security keys that are the basic building blocks of FIDO2.

The best known implementation of FIDO2 is the passwordless form of authentication: passkeys. So far, there are no known ways passkeys can be defeated in credential phishing attacks. Dozens of sites and services now allow users to log in using passkeys, which use cryptographic keys stored in security keys, smartphones, and other devices.

Enlarge / The Tunnel Falls chip in its natural habitat (dilution refrigeration hardware not shown). (credit: Intel)

Intel does a lot of things, but it's mostly noted for making and shipping a lot of processors, many of which have been named after bodies of water. So, saying that the company is set to start sending out a processor called Tunnel Falls would seem unsurprising if it weren't for some key details. Among them: The processor's functional units are qubits, and you shouldn't expect to be able to pick one up on New Egg. Ever.

Tunnel Falls appears to be named after a waterfall near Intel's Oregon facility, where the company's quantum research team does much of its work. It's a 12-qubit chip, which places it well behind the qubit count of many of Intel's competitors—all of which are making processors available via cloud services. But Jim Clarke, who heads Intel's quantum efforts, said these differences were due to the company's distinct approach to developing quantum computers.

Intel being Intel

So far, both the large companies and startups that are developing quantum computers have been focused on a single technology (transmons, trapped ions, etc.) that they're betting they can be the first to scale to useful qubit counts and error rates. To the extent that they have customers, those customers are simply developing the expertise needed to use the processors should they ever become viable. That can easily be achieved by accessing the hardware via a cloud service and using a software developer's kit instead of directly controlling the hardware. So, that's what nearly everyone other than Intel has been focused on providing.

Enlarge / The quantum network is a bit bulkier than Ethernet. (credit: ETH Zurich / Daniel Winkler )

A new experiment uses superconducting qubits to demonstrate that quantum mechanics violates what's called local realism by allowing two objects to behave as a single quantum system no matter how large the separation between them. The experiment wasn't the first to show that local realism isn't how the Universe works—it's not even the first to do so with qubits.

But it's the first to separate the qubits by enough distance to ensure that light isn't fast enough to travel between them while measurements are made. And it did so by cooling a 30-meter-long aluminum wire to just a few microKelvin. Because the qubits are so easy to control, the experiment provides a new precision to these sorts of measurements. And the hardware setup may be essential for future quantum computing efforts.

Getting real about realism

Albert Einstein was famously uneasy with some of the consequences of quantum entanglement. If quantum mechanics were right, then a pair of entangled objects would behave as a single quantum system no matter how far apart the objects were. Altering the state of one of them should instantly alter the state of the second, with the change seemingly occurring faster than light could possibly travel between the two objects. This, Einstein argued, almost certainly had to be wrong.

Enlarge / Two generations of Google's Sycamore processor. (credit: Google Quantum AI)

Today, Google announced a demonstration of quantum error correction on its next generation of quantum processors, Sycamore. The iteration on Sycamore isn't dramatic—it's the same number of qubits, just with better performance. And getting quantum error correction isn't really the news—they'd managed to get it to work a couple of years ago.

Instead, the signs of progress are a bit more subtle. In earlier generations of processors, qubits were error-prone enough that adding more of them to an error-correction scheme caused problems that were larger than the gain in corrections. In this new iteration, adding more qubits and getting the error rate to go down is possible.

We can fix that

The functional unit of a quantum processor is a qubit, which is anything—an atom, an electron, a hunk of superconducting electronics—that can be used to store and manipulate a quantum state. The more qubits you have, the more capable the machine is. By the time you have access to several hundred, it's thought that you can perform calculations that would be difficult to impossible to do on traditional computer hardware.

Enlarge

Three weeks ago, panic swept across some corners of the security world after researchers discovered a breakthrough that, at long last, put the cracking of the widely used RSA encryption scheme within reach by using quantum computing.

Scientists and cryptographers have known for two decades that a factorization method known as Shor’s algorithm makes it theoretically possible for a quantum computer with sufficient resources to break RSA. That’s because the secret prime numbers that underpin the security of an RSA key are easy to calculate using Shor’s algorithm. Computing the same primes using classical computing takes billions of years.

The only thing holding back this doomsday scenario is the massive amount of computing resources required for Shor’s algorithm to break RSA keys of sufficient size. The current estimate is that breaking a 1,024-bit or 2,048-bit RSA key requires a quantum computer with vast resources. Specifically, those resources are about 20 million qubits and about eight hours of them running in superposition. (A qubit is a basic unit of quantum computing, analogous to the binary bit in classical computing. But whereas a classic binary bit can represent only a single binary value such as a 0 or 1, a qubit is represented by a superposition of multiple possible states.)

Enlarge (credit: Getty Images)

While many companies are now offering access to general-purpose quantum computers, they're not currently being used to solve any real-world problems, as they're held back by issues with qubit count and quality. Most of their users are either running research projects or simply gaining experience with programming on the systems in the expectation that a future computer will be useful.

There are quantum systems based on superconducting hardware that are being used commercially; it's just that they're not general-purpose computers.

D-Wave offers what's called a quantum annealer. The hardware is a large collection of linked superconducting devices that use quantum effects to reach energetic ground states for the system. When properly configured, this end state represents the solution to a mathematical problem. Annealers can't solve the same full range of mathematical problems as general-purpose quantum computers, such as the ones made by Google, IBM, and others. But they can be used to solve a variety of optimization problems.

Enlarge / Artist's illustration of a quantum experiment that studies the physics of traversable wormholes.

Wormholes are a classic trope of science fiction in popular media, if only because they provide such a handy futuristic plot device to avoid the issue of violating relativity with faster-than-light travel. In reality, they are purely theoretical. Unlike black holes—also once thought to be purely theoretical—no evidence for an actual wormhole has ever been found, although they are fascinating from an abstract theoretical physics perceptive. You might be forgiven for thinking that undiscovered status had changed if you only read the headlines this week announcing that physicists had used a quantum computer to make a wormhole, reporting on a new paper published in Nature.

Let's set the record straight right away: This isn't a bona fide traversable wormhole—i.e., a bridge between two regions of spacetime connecting the mouth of one black hole to another, through which a physical object can pass—in any real, physical sense. "There's a difference between something being possible in principle and possible in reality," co-author Joseph Lykken of Fermilab said during a media briefing this week. "So don't hold your breath about sending your dog through a wormhole." But it's still a pretty clever, nifty experiment in its own right that provides a tantalizing proof of principle to the kinds of quantum-scale physics experiments that might be possible as quantum computers continue to improve.

"It’s not the real thing; it’s not even close to the real thing; it’s barely even a simulation of something-not-close-to-the-real-thing," physicist Matt Strassler wrote on his blog . "Could this method lead to a simulation of a real wormhole someday? Maybe in the distant future. Could it lead to making a real wormhole? Never. Don’t get me wrong. What they did is pretty cool! But the hype in the press? Wildly, spectacularly overblown."