Innovative modern technologies over the last few decades have not only made our lives easier, but also increased the potential for threats. In 1975, renowned engineer and businessman Gordon E. Moore predicted that the computational power would double every 2 years over the foreseeable future, which had later been termed as the “Moore’s Law”. It had been growing exponentially ever since and along the line, we are currently in the beginning of the Quantum Computing era. It is a kind of computation that exploits the properties of quantum states like superposition, entanglement, and interference in a collective way to perform calculations. The devices that do this are called “Quantum Computers”. They have the capacity to outperform even the best supercomputers.
Why is it a threat?
The world’s data are being protected by modern public key encryption algorithms to transmit data over the internet in a secure way. Some of the examples are RSA, Elliptic Curve and ElGamal. They have brought about revolutionary improvements to information security, enabling digital communication, e-commerce applications and accessibility of remote financial services. But just as the World War 2 code breakers developed a system to defeat Enigma, quantum computers are one such technological threat.
Although they can’t currently break public key encryption, they are not far behind. They can be weaponized in the wrong hands and in as nearly as 5 years, they could disrupt the entire cyber security space, posing massive business risks. An algorithm called “Shor’s algorithm” is exponentially powerful than classical algorithms and with a large enough quantum computer, it can potentially expose and crack daily encryption mechanisms like Transport Layer Security (TLS) and Virtual Private Networks (VPN). Hence, organizations need to start thinking about enhancing their security measures starting now. Information that needs to be available securely in 5 years or more should be protected now. US National Institute of Standards and Technology (NIST) is actively working on developing the next generation of cryptography.
Financial institutions in specific have long been the primary focus of attackers. With the introduction of digital banking, the number of sophisticated cyber-attacks has significantly increased. Based on a report from Trend Micro, the ransom-ware attacks on banks have increased by 1,318 percent year on year in the first half of 2021. This could have a great impact on the American economy. A Hudson Institute study revealed that if the access to the Fedwire Funds Service, a real-time GSF transfer system, from any of the largest financial institutions is disrupted by quantum computers, it could lead up to $2 Trillion in loses.
Measures to ensure post-quantum cyber security
In a congressional hearing last year, all 6 CEOs of the major financial corporations testified positively about cyber security being the largest threat to the economy. This prompted the various governing bodies in America such as the NIST and FBI to take necessary precautions. And recently, the white house also issued a memorandum outlining the terms to overcome this threat which was titled “Post-Quantum Cybersecurity (PQC mandates)” for the National Security Agency (NSA). Another huge developed that has happened was discussions on securing NATO’s post-quantum era communications. Their security centre is run by the NATO Communications and Information Agency (NCI Agency), providing 24/7 protection. In partnership with the white house, a UK based post-quantum provider “PQ” has successfully performed testing trails on communication channels in a quantum environment using a Virtual Private Network called “Hybrid Post-Quantum VPN”. This move is crucial to maintain stability in quantum era warfare.
The market for quantum secure solutions is valued at $9.5 Billion by 2029. PQ itself has been involved in R&D for a long time and offers a variety of quantum solutions from IOT to end-user applications and mobile services. Some of the other promising providers in the field are QuintessenceLabs and Crypta Labs. The former is based in Australia and has recently raised A$25 Million in funding to provide quantum-safe solutions and has also won the prestigious CyberTech100 award in 2020. The later is UK-based and raised $7.4 Million in seed funding a couple of years back. It has developed the world’s first Quantum Random Number Generator that is space compliant for securely encrypting satellite data.
Fighting quantum with quantum
So, how can quantum safe algorithms be designed? Well, with the help of quantum cryptography of course! It uses principles of quantum mechanics to encrypt and transmit data in order to prevent even the hackers with quantum computers. Unlike traditional mathematical encryption schemes, this is virtually unbreakable. This is one of the promising avenues being explored at the moment to achieve highest levels of security.
Thus, in the near future, quantum cyber security is expected to act as a pillar for securing digital information across networks for all cryptographic algorithms while organizations made a steady head way towards the adaptation.
References
https://www.weforum.org/agenda/2020/06/quantum-computers-security-challenges/
https://post-quantum.com/about/index.html
https://www.qmunity.tech/post/quantum-cryptography-explained
If public key encryption was broken it would probably result in many more things than just threats to cyber security, as it would disrupt society as a whole. I liked how you mentioned that companies and organizations need to improve their security measures as a result of this. But I think that regardless of if quantum computing is a significant threat to security, that organizations need to constantly keep improving their security either through more robust algorithms or devising better ways to mitigate the risks that cyberattacks targeting the weakest link, users. I do wonder however what will be the next big step in cybersecurity, as if we use quantum computing to protect against quantum computing what will be next since science hasn’t advanced that far for the next step of computing. Interesting article about constantly improving computation and the risks and potential benefits of it.
This is very interesting, talking about the quantum cryptography, that is advanced technology with the power to do alot of things, these days attacks are done with using simple ways but complicated like this, using quantum on cyber security is very new to me, I should go and read about this very well.
I think this post does a fantastic job of shedding light on the larger implications of the quantum computing sphere. As you mentioned, quantum computers have the ability to tremendously outperform advanced supercomputers, and therein lies the enigma, which further urges us to ask the following: Is the continued growth of quantum computing a threat to cybersecurity? Although the threat posed by these computers is currently perceived as hypothetical, with continued advancement in the field of quantum computing, such computers, will effectively render current critical cryptographic software obsolete. This would be catastrophic, as such softwares protect much of the most sensitive information in the world. It is important that we recognize the threat posed by the continued growth of the Quantum domain, however, counter-measures have already been proposed. For example, the US National Security Agency has called for a transition to new algorithms that would be safe from quantum computers, with the ultimate goal of developing cryptographic software that will be impenetrable by quantum computers, which is a necessary provision, especially, considering that quantum computers can be weaponized to further the political and personal agenda’s of various nations across the globe.
Great post, it did a good job of explaining quantum computing in a more accessible way. One question I would have regards Moore’s law. Do you think the threats described here depend in part on Moore’s law remaining true? Gordon Moore himself estimated that Moore’s law will end by 2025 due to the physical limitations to the size of transistors. Would this have an impact on the threat or is it a separate issue?
Thanks for your questions , Sophie. As you rightly pointed out, Moore did point that out but the threats and advancements in processing systems are not mutually exclusive in my opinion. They can be considered a destructive, inevitable byproduct of all modern technologies. This blog highlighted the law in order to shed light on the relative timeline of developments that led to quantum computing and how it lies at the pinnacle as we are nearing the end of the law’s applicability. But as you read, vulnerabilities still exist. To address another point, the advancement in processing capabilities are estimated to progress in quantum powers. Dr. Hartmut Neven, the director of Google’s Quantum Artificial Intelligence Lab, observes that “quantum computers are gaining computational power at a doubly exponential rate” and that this law would eventually replace Moore’s law. Here is a relative read,
https://www.sciencealert.com/why-it-might-be-too-soon-for-a-moore-s-law-for-quantum-computers
This is a really interesting topic. What I wonder about is what “quantum-secure encryption” actually looks like. How does it differ from the existing forms that we have learned about in this course so far? Also, this post brings up questions about the potential of quantum computing in the long term. For example, how much faster will a quantum computer made thirty years in the future be than one made in ten years? Could they potentially become fast enough to try every possible combination of numbers of the right length to guess a key?
Interesting observation. The video does a decent job explaining quantum cryptography but in my opinion, the key takeaway could be that it improves security through Quantum Key Distribution (QKD) using properties of quantum physics meaning if any third party tries to eavesdrop, both sender and receiver can immediately detect it, as measuring a quantum system actually disturbs it. As for the potential for growth there is a law known as Rose’s law that states that quantum computing qubits should double every 2 years and is close to or already moving faster than Moore’s Law. Hence, its computational powers are increasing at double exponential rate. And I guess with all good things, there is always a flip side. In the wrong hands, any technology can be destructive!
Interesting paper on the hazards and potential rewards of constantly improving computation. If public key encryption were to be compromised, it would likely cause far more than just cyber security issues, since it would destabilise society as a whole. I liked how you emphasised that as a result of this, businesses and organisations must upgrade their security procedures. Regardless of whether quantum computing poses a substantial security concern, I believe that enterprises must continue to improve their security, either through more robust algorithms or better ways to limit the dangers of cyberattacks targeting the weakest link, users. However, I’m curious in the next big step in cybersecurity, such as what would happen if we utilise quantum computing to guard against quantum computing, as science hasn’t progressed that far yet.
This is a great post, very informative and concise. I had heard of quantum computing being a threat before but never had done actual research on it. What you said regarding future quantum computing threats and the market for quantum security makes me wonder about the scientists/programmers who will be working on them in the future. In a decade, will every tech company in the world want a team to protect them from threats from quantum computing? Will we regard quantum computing in the same way we regard the A.I. industry today? Perhaps it’ll be similar to the dot-com bubble.
You thoughts are exactly right. As we think about AI as an intellectual alternative to human minds, Quantum Computing applies to physical capabilities. Of course the combination is capable of causing miracles in the technological world as we know it today! With new measures being taken in the cyber security space to ensure prevention rather than cure, I am sure all industries will try to adapt in time.
Amazing job explaining quantum computing! It’s really interesting to see what future security may look like. For those of us looking forward to working in the field I think it’s important for us to be up to date on all these amazing advancements happening fairly fast. I did read an article last year mentioning that Moores law is slowing down as the percentage of increase is decreasing in the traditional sense of chips however I’d say it’s increasing in other ways of innovation, what are your thoughts on this?
You are absolutely right! The law had initially been stated to become obsolete around 2025 as we reach physical hardware capabilities. We can say that we are in the transition period between then and a new era of quantum computing where computations are guided by quantum physics rather than just physical hardwares. A new law by Dr. Hartmut Neven, the director of Google’s Quantum Artificial Intelligence Lab, states, “quantum computers are gaining computational power at a doubly exponential rate” and suggests that this would eventually replace Moore’s law. Here is a relative read,
https://www.sciencealert.com/why-it-might-be-too-soon-for-a-moore-s-law-for-quantum-computers
It’s scary to think how many systems might be caught unaware by the first use of a quantum algorithm in the hands of a criminal. Unlike small improvements to algorithms or software which might enable a hacker to enter a few unprotected systems, or some critical OS flaw that opens up some part of a large amount of computers, this would break the math that a fair amount of the “difficult enough” cryptography used in computers is based on, and would be a lot harder to come up with a quick hotfix for. It’s funny that they’re calling it Y2Q, when it is both much more worrying than Y2K, and seems to be getting panicked about a lot less.
Great post! I didn’t know what the quantum threat was until I read this post. At first, I found this a little bit confusing to understand but you’ve thoroughly explained the process and algorithm for how this works. I’m curious to see how quantum cyber-security is going to impact our future digitally.
Quantum cryptography is super cool and I wish I understood it better. The idea that we can use such complicated principles to make virtually unbreakable codes is incredible, and I hope in the near future that learning about these techniques will become easier and more accessible to everyone.
Very interesting article. Personally I wish I knew more about QC and I have always thought that it would be a super cool area to dive into within Computer Science, however, I personally don’t have a strong Physics background and that would prove troublesome. Very lucrative field to get into if you have the prerequisites.
Hey Zach, thanks for your comment. To provide you some encouragement there’s quite a lot of avenues to pursue within quantum computing, not just limited to the physics and mechanics. To be honest, if are really passionate you can certainly have a career there. With a background in computers, you can always explore quantum programming / developing quantum softwares. You would essentially need to be aware of concepts like compilers, distributed computing, concurrency, etc. along with some basic mathematical knowledge in differentials and other similar areas. There are always opportunities!!
Great Post Rahul!
I have never approached the idea of quantum threats yet, so the blog post was kind of confusing at the start, but this post wants me to explore more on the topic of quantum threats!
The video was super cool as well!
Hi!
It is always exciting to learn about new things that I did not know about! This information, I had no idea what it was about, but now I know a basic idea on what it is. Personally, I don’t think I could ever learn or understand fully because the concept of quantum is way too complicated for me. But overall, it really was an interesting topic to learn about.
Quantum computing has always fascinated me, mainly on the very surface level fact that they can do stuff really fast (to put it very simply). It would only make sense for attackers to then use quantum computing to break these encryption algorithms, computations that would probably normally take years (?) to do. Which then begs the question, what new cybersecurity methods will be developed with quantum computing? Will it continue with algorithms and encryption like we have seen, or will there be something completely brand new that takes over the cyber security world? I personally don’t know a whole lot about quantum computing, so that’s what makes me want to believe brand new things will come of quantum cyber security. Then where do we go with that? If the first computers (that we are familiar with) were created 50 years ago, and we are getting into the quantum realm now, just imagine where we will be in another 50 years! It’s quite exciting.
Thanks for sharing such an informative post! While reading this I learned many things that I have not knew or even heard about before. I really like the video you added to your blog. Quantum Cryptography is a super cool concept that intrigues me to want to know more. It will be interesting to see how cyber security will work in the future!
Thank you for sharing. This is an interesting topic. This post mentioned that quantum computers have the ability to surpass the best supercomputers, which shows that it will pose a certain threat to modern public key encryption algorithms. I think it is very important to strengthen security measures to increase the protection of data. As this post said, when a financial institution accesses the real-time transfer system, if it is interrupted by the quantum computer, it will cause huge financial losses to the institution. Therefore, organizations and institutions need to research and design more powerful quantum security algorithms to protect the security of data and funds. Through quantum cryptography to calculate a more secure algorithm, encrypting and transmitting data may become a security measure. No matter whether the future development of quantum computer will pose a threat to network security, we need to constantly improve security to prevent and try to reduce these unknown risks.
Moore’s Law shows us the direction of future technology. It may be decades from now that encryption methods that we now consider impossible to crack will become as fragile as paper. While technology brings us convenience, we should also think about how to make technology more secure.
Very cool post. It is always interesting to learn about cutting edge technology and their applications in the info-sec field. The majority of modern day computer systems are protected by RSA and the Diffie-Hellman key exchange (which we learned about in class), so to know that they could be all vulnerable to Shor’s Algorithm and quantum computing is a scary thought. However, as you mentioned, quantum cryptography is also advancing to match new attacks, which creates a sort of technological arms race between hackers and cybersecurity. It will be really interesting to see what sorts of new developments (both malicious and not) arise with the use of quantum computers.
Great article! It was really fun to read and you provided a good overview about the threats without too much detailed information about quantum computing being necessary.
This topic shows very nicely how being a good cyber security specialist means being a good hacker, there are perhaps endless vulnerabilities in current cyber security systems that can be exploited by quantum computers in the near future. The only way to prevent these attacks is by foreseeing them, i.e. thinking of vulnerabilities and finding a way to prevent them, before other people learn how to exploit them. This is going to be a very hard race to win, especially considering how much in the modern world relies on the current encryption models. Therefore, preventing vulnerabilities is only the first step, further it is necessary to adapt the fixes to all different areas of encryption, before the vulnerabilities are removed. I really hope this can all be handled in time, but as I said, the odds do not look great.
The Quantum threat showcases how fast technology grows and the public keys which we thought were nigh impossible to break are now being threatened by Quantum computers. We saw an increase of 1,318 percent in the first half of 2021 due to the introduction of digital banking and I cannot even imagine what the numbers would look like if Quantum computers were thrown in the array. Their introduction might make several algorithms used worldwide for cyber security redundant and it is a very scary thought. Though I feel hopeful hearing that people have already started reaching on it and have already developed something against it so I believe we won’t be completely unarmed in this war.
Good Post! The statistic regarding the recent increase in cyberattacks is astounding, an increase of 1,318 percent is huge! However frightening, I can see the reasoning behind this massive increase in attack frequency. You mentioned that a disruption in the Fedwire Funds Service could lead up to $2 trillion dollars in losses, or potentially up to $2 trillion dollars in gains for any would-be attackers. With such staggering consequences, I agree that security utilizing quantum computing is necessary and is worth investing in, and considering the massive size of the market for quantum secure solutions, others seems to agree.
Very interesting post. Thank you for the video that made me learn what a quantum computer is and how to break encryption. I hope that in the near future everyone will be able to learn quantum cryptography. I’m excited to see how cybersecurity will work in the future.
A very interesting article! Quantum computing truly is something that’s worrisome in the context of our current systems of cyber security. Even with the idea of fighting quantum computing with quantum computing, chances are governments and large corporations will be the first to have access to quantum computers before the average consumer, meaning it may not be feasible to implement the security systems to mitigate the issues at a large scale. This would produce a situation where the people who have access to quantum computers first would wield the power to break the legacy systems while the world is still transitioning into the newer systems. Hopefully I’m just having the equivalent of a Y2K scare and things will play out differently, but only time can tell.
Super interesting post! It’s quite something how one technology can so easily disrupt the status quo and lead to both good and bad consequences. Looking more closely at moore’s law, in your opinion do you think that the protective measures under quantum cryptography will be be outpaced by malicious uses of quantum computing, or will they both generally stay about equal.