Historical Context

The Encryption Revolution (1970s-2000s):

Public Key Cryptography (1976):

The Breakthrough:

  • Whitfield Diffie & Martin Hellman: Published "New Directions in Cryptography"
  • Invention: Public key encryption (two keys: public + private)
  • Before: Encryption required shared the secret key (impossible at scale)
  • After: Anyone could send encrypted messages (using the recipient's public key)

How It Works:

  • Alice: Has public key (everyone knows) + private key (secret)
  • Bob: Encrypts message with Alice's public key
  • Only Alice: Can decrypt (with her private key)
  • Math Problem: Factoring large numbers (RSA) or discrete logarithm (Diffie-Hellman)
RSA Encryption (1977):

Ron Rivest, Adi Shamir, Leonard Adleman:

  • Created: The RSA Algorithm (named after initials)
  • Based on: Difficulty of factoring large numbers
  • Example: Easy to multiply 61 × 53 = 3,233
    • Hard: Given 3,233, find 61 and 53 (if numbers are huge)
  • Security: Relies on this being computationally infeasible

Adoption:

  • 1980s-90s: Banks, governments, and corporations adopt
  • 1990s: Internet boom (SSL/TLS uses RSA)
  • Today: Nearly all encrypted communication (HTTPS, email, and messaging)
The Crypto Wars (1990s):

Government vs. Privacy:

Clipper Chip (1993):

  • NSA: Proposed an encryption chip with a government backdoor
  • Clinton Administration: Pushed for adoption
  • Privacy Advocates: Revolted (EFF, ACLU, and tech companies)
  • Outcome: Defeated due to public backlash

Export Controls:

  • U.S. Government: Classified encryption as "munition" (export restricted)
  • Phil Zimmermann (PGP Creator): Nearly prosecuted (1993)
    • Created: Pretty Good Privacy (email encryption)
    • Posted Online: Code spread globally
    • Government: Investigated for "exporting munitions"
    • Charges Were Dropped: 1996 (public pressure)

Outcome:

  • Strong Encryption: Became legal and widespread
  • Privacy: Won (for now)
Post-9/11 Surveillance Expansion (2001-2013):

Patriot Act (2001):

Mass Surveillance Authorization:

  • Section 215: "Business records" surveillance (any tangible thing)
  • Section 702: Foreign intelligence surveillance
  • NSA: Interprets broadly (collects everything)

What We Didn't Know Then:

  • NSA: Collecting metadata on ALL phone calls (billions of records)
  • PRISM: Direct access to tech company servers (Google, Facebook, Microsoft, and Apple)
  • Upstream Collection: Tapping internet backbone (AT&T facilities)
Snowden Revelations (June 2013):

Edward Snowden (NSA Contractor):

  • Leaked: Thousands of classified documents
  • Revealed:
    • PRISM: NSA gets access to tech company data
    • XKeyscore: Search engine for surveillance data
    • Bulk Metadata Collection: Every phone call in the U.S.
    • Overseas Cables: Tapped (partnership with GCHQ/UK)

Encryption Status:

  • NSA: Could not break strong encryption (RSA and AES)
  • But: Collected encrypted data anyway ("store now, decrypt later")
  • Assumption: Quantum computers would eventually break it
"Store Now, Decrypt Later" Strategy (2013-Present):

The Threat:

What NSA/Other Agencies Do:

  1. Collect: All encrypted communications (intercept internet traffic)
  2. Store: In massive data centers (Utah Data Center and others)
  3. Wait: For quantum computers to be developed
  4. Decrypt: Everything retrospectively (decades of communications)

Why This Matters:

  • Your Encrypted Email Today: Could be read in 10-20 years
  • If You: Become political target, activist, or a journalist
  • Government: Can read all your past communications

The Utah Data Center (NSA, 2013):

Bluffdale, Utah:

  • Opened: September 2013 (right after Snowden leaks)
  • Size: 1-1.5 million square feet
  • Cost: $1.5-2 billion
  • Purpose: Store surveillance data (exabytes of storage)

Capabilities:

  • Storage: Estimated 3-12 exabytes (3-12 billion gigabytes)
  • Enough for: Billions of emails, phone calls, internet traffic
  • Encrypted Data: Stored indefinitely (waiting for quantum)

Quantum Computing Basics (2010s-Present):

What Makes Quantum Different:

Classical Computers:

  • Bits: 0 or 1 (one value at a time)
  • Processing: Sequential (one calculation at a time, or parallel with many processors)

Quantum Computers:

  • Qubits: 0 AND 1 simultaneously (superposition)
  • Processing: Massively parallel (try all possibilities at once)
  • For Certain Problems: Exponentially faster than classical methods

Shor's Algorithm (1994):

Peter Shor (Bell Labs/MIT):

  • Proved: Quantum computer can factor large numbers efficiently
  • Impact: RSA encryption would be broken (in polynomial time)
  • Classical Computer: Billions of years to factor 2048-bit number
  • Quantum Computer: Hours or minutes (with a large enough quantum computer)

This Is The Threat:

  • All RSA Encryption: Is vulnerable to quantum
  • All Diffie-Hellman: Vulnerable
  • All Elliptic Curve Crypto: Vulnerable (Shor's algorithm adapts)
  • Most Internet Security: Would collapse
Quantum Computing Progress (2019-Present):

Google "Quantum Supremacy" (October 2019):

  • Sycamore Processor: 53 qubits
  • Claimed: Solved problem in 200 seconds (would take classical supercomputer 10,000 years)
  • IBM Disputed: (Said classical could do it in 2.5 days with better algorithm)
  • Regardless: Proof quantum computers work

IBM, Microsoft, and Amazon:

  • All: Building quantum computers
  • IBM: Has 433-qubit processor (2022), targeting 1,000+ qubits (2023)
  • Still: Not enough qubits to break RSA (need millions for 2048-bit RSA)

Current State (2024):

  • Quantum Computers: Exist (50-1,000 qubits)
  • Not Yet: Able to break encryption (need ~20 million qubits for RSA-2048)
  • Timeline: Experts estimate 10-30 years (wide range, uncertain)
But The Threat Is NOW:

"Harvest Now, Decrypt Later":

  • Adversaries (NSA, China, and Russia): Collecting encrypted data today
  • Storing: Everything (medical records, financial, communications, and government secrets)
  • When Quantum Comes Online: They'll decrypt retroactively

What's At Risk:

  • Classified Government Documents: (encrypted today, readable in 15 years)
  • Corporate Secrets: (M&A plans and trade secrets)
  • Personal Communications: (activists, journalists, and dissidents)
  • Medical Records: (HIV status, mental health, and genetic data)
China's Quantum Investments (2015-Present):

Massive State Investment:

  • China: Spending $10+ billion on quantum research
  • National Laboratory: Quantum Information Sciences (Hefei, $10B)
  • Quantum Satellite: Micius (launched 2016, quantum communication experiments)

Why China Invests:

  • Surveillance: Domestic (Uyghurs, dissidents, everyone)
  • Espionage: Foreign (U.S., allies)
  • Advantage: First to break encryption = geopolitical dominance

U.S. Response:

  • National Quantum Initiative Act (2018): $1.2 billion over 5 years
  • Far Less: Than China ($10B+ total)
  • Fragmented: Across agencies (NSF, DOE, NIST, and DOD)
U.S. Corporate Quantum Investments (2020-Present):

Who's Building:

Google (Alphabet):

  • Google AI Quantum: Dedicated division
  • Funding: Billions (exact amount undisclosed)
  • Goal: Practical quantum computer by 2030

Microsoft:

  • Azure Quantum: Cloud quantum computing platform
  • Topological Qubits: Different approach (more stable)
  • Investment: $1+ billion (estimate)

IBM:

  • IBM Quantum: Most advanced (publicly known)
  • 433 qubits (2022), roadmap to 1,000+
  • Partnered with: National labs and universities

Amazon:

  • AWS Braket: Quantum computing as a service
  • Partnerships: IonQ, Rigetti (quantum hardware companies)

Startups:

  • IonQ, Rigetti, and D-Wave: Raised billions
  • Total Private Investment: $5-10 billion (2015-2024)
Data Center Buildout (Quantum-Ready, 2020-Present):

What's Being Built:

NSA/DOD:

  • Utah Data Center: Already storing (waiting for quantum)
  • Other Facilities: Fort Meade (MD), San Antonio (TX), and Augusta (GA)
  • Total Capacity: Estimated 50+ exabytes (50 billion GB)

Tech Companies:

  • Google, Amazon, and Microsoft: Building data centers for quantum
  • Purpose: Quantum computing as a service (sell access)
  • Location: Undisclosed (security)

China:

  • Massive Data Centers: Xinjiang and Inner Mongolia (surveillance)
  • Quantum Labs: Integrated with surveillance apparatus

The Current Threat Landscape (2024):

What We Know:

Governments Are Preparing:

  • U.S.: NSA has quantum research program (classified details)
  • China: Openly building quantum for surveillance + military
  • Russia: Also investing (less advanced than U.S./China)

Data Is Being Collected:

  • NSA: Still operates PRISM, Upstream (post-Snowden reforms = weak)
  • China: Great Firewall + surveillance (collects everything domestically)
  • Five Eyes: U.S., UK, Canada, Australia, and New Zealand (share surveillance)

Timeline:

  • Cryptographically Relevant Quantum Computer: 10-30 years (expert consensus)
  • Could Be Sooner: Breakthrough possible (unknown unknowns)
  • Could Be Later: Technical challenges (decoherence, error correction)

Post-Quantum Cryptography (The Defense):

NIST Competition (2016-2024):

National Institute of Standards and Technology:

  • 2016: Announced competition (find quantum-resistant algorithms)
  • 2022: Selected 4 finalists (after 6 years of cryptanalysis)
    • CRYSTALS-Kyber (encryption)
    • CRYSTALS-Dilithium (digital signatures)
    • FALCON (digital signatures)
    • SPHINCS+ (digital signatures, backup)
  • 2024: Published standards (final)

How They Work:

  • Based on: Lattice problems and hash functions (not factoring)
  • Quantum Computers: No known advantage (resistant to Shor's algorithm)
  • Classical Computers: Can use them (no special hardware needed)
The Migration Problem:

Replacing Encryption:

  • Current: RSA, elliptic curve everywhere (HTTPS, email, VPNs, etc.)
  • Must Migrate: To post-quantum algorithms
  • Timeline: NIST recommends by 2030 (5-10 years)

Challenges:

  • Legacy Systems: Can't upgrade (old hardware and software)
  • Coordination: Global internet (billions of devices)
  • Time: Takes 10+ years to fully transition

Meanwhile:

  • Adversaries: Keep collecting encrypted data (waiting)

The Surveillance Capitalism Connection:

Corporate Quantum + Government Access:

PRISM 2.0 (Hypothetical):

  • Google, Amazon, and Microsoft: Build quantum computers
  • Government: Demands access (FISA court order and national security letter)
  • Companies: Comply (secretly)
  • Result: Government decrypts citizens' data (using corporate quantum)

Precedent:

  • PRISM (2007-2013): Tech companies gave the NSA access
  • Lavabit (2013): Email service was forced to give encryption keys (shut down instead)
  • Apple vs. FBI (2016): FBI demanded iPhone backdoor (Apple resisted, and the FBI backed down)

Pattern:

  • Government: Demands access to encryption
  • Companies: Sometimes resist, often comply
  • Quantum: Makes this worse (breaks encryption entirely)
The Dual-Use Dilemma:

Quantum Computing Benefits:

  • Drug Discovery: Simulate molecular interactions (cure diseases)
  • Materials Science: Design batteries and solar cells
  • Optimization: Logistics and finance (real benefits)

Quantum Computing Harms:

  • Break Encryption: Surveillance and espionage
  • Undermine: Privacy, security, and democracy

Can We Have One Without The Other?

  • Maybe: Strict regulation (quantum only for approved uses)
  • Hard: Technology is dual-use (same machine does both)
  • Our Approach: Heavily regulate and prioritize privacy
The Pattern:

Every Technological Shift:

  1. New Capability: Promises benefits (internet, AI, quantum)
  2. Government: Exploits for surveillance
  3. Corporations: Build infrastructure (profit + government contracts)
  4. Privacy: Eroded (mass collection, no oversight)
  5. Resistance: Activists and whistleblowers fight back
  6. Partial Reform: Limited protections (never full)
  7. Repeat (with next technology)

Quantum Is The Next Cycle:

  • We Must: Break the pattern (strong regulation NOW)
  • Before: Quantum breaks encryption (too late then)