The prize of quantum computing is increased security for private industry and, conversely, increased ability to crack encryption for adversaries. This latter is clearly the aim of the NSA's research – the Washington Post reported on new Snowden documents yesterday that NSA quantum research "is part of a $79.7 million research program titled 'Penetrating Hard Targets.'”
When news broke late last year that the NSA had succeeded in subverting a NIST-recommended elliptic curve random number generator, Infosecurity wondered about the Advanced Encryption Standard (AES). AES is the standard US (and by default, the world) encryption algorithm that was developed to replace DES in an open competition sponsored by the NSA.
AES was the winning candidate. It was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen. Infosecurity first asked Ross Anderson (involved with another of the candidate algorithms) whether there had been any NSA interference in the process. "I don't believe the NSA interfered with any of the AES candidates," Anderson told Infosecurity; "they certainly did not try it on with ours. However, the choice of Rijndael as the Advanced Encryption Standard was optimal from their viewpoint."
He continued, "We have exactly the same outcome with AES now as we had with DES in the 1970s. American industry has a usable block cipher, and while the NSA doesn't have a means of breaking it directly using mathematical or brute-force attacks, there are enough doubts over it that risk-averse users (such as foreign governments) are likely to continue using proprietary systems that are actually likely to be much weaker for a whole variety of reasons (not only cryptologic)."
Infosecurity then asked Vincent Rijmen the same questions. He confirmed that the NSA had not interfered with the process. Specifically asked if he thought that the NSA has the ability to break AES he replied, "Not unless they have computer technology an order of magnitude more powerful than anything anyone else knows about. It is impossible with current technology."
Quantum computing could potentially provide that order of magnitude improvement necessary to be able to brute force the AES and public key algorithms currently considered safe.
But according to the Washington Post, the NSA is not there yet. "Although the full extent of the agency’s research remains unknown, the documents provided by Snowden suggest that the NSA is no closer to success than others in the scientific community." It adds, "The NSA appears to regard itself as running neck and neck with quantum computing labs sponsored by the European Union and the Swiss government, with steady progress but little prospect of an immediate breakthrough."