There are so many amazing opportunities for quantum computing. I’ve been following this space for some time and am excited to see the ongoing evolution of qubit counts as well as error reduction technologies. So many areas stand to benefit from quantum applications. That said, the area that seems to get the most attention is cybersecurity, and this comes mostly from the threat of quantum computing rather than the opportunity.
The concept of Q-day, the day when quantum computing can decrypt most of the password encryption used worldwide, has been discussed for some time. I have worked on encryption and decryption technologies for most of my career and will talk a bit about what is being done to mitigate the looming threat of quantum decryption as well as what we should be doing to protect our data today.
The Problem
The problem is not difficult to understand. We count on cybersecurity, specifically safe cryptography algorithms to protect our data. This is crucial not only for safeguarding our everyday lives and activities from communication to banking, but also for ensuring national security. However, the threat of a quantum computer sufficiently capable of decrypting this data is not a matter of ‘if’ but ‘when’, given rapid advancements in higher qubit quantum computing.
Many of today’s security solutions use RSA2048, aptly named after its founders Rivest, Shamir, and Adleman. RSA2048 uses 2048-bit long keys and relies on the complexity of factoring large prime numbers, something that quantum computers are good at and difficult for traditional computers. The threat posed to our many systems that count on RSA2048 means there is an urgent need to address the quantum threat.
Two Main Areas of Quantum Resilience
When we discuss the need for encryption we typically split this into two areas:
1. General encryption – this is used to encrypt information across networks
2. Digital signatures – this is used for identity authentication
As we look towards quantum resilience and readiness, we will address progress in both areas.
Quantum Resilient Approaches
There are various approaches to beginning quantum resilient practices. Many of these involve specific products, but some common vendor-neutral approaches are listed below.
- Post-Quantum Cryptography (PQC) – PQC is the focus on encryption algorithms that are ready for quantum computing’s decryption abilities. The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has been focusing on this area (covered in more detail in the next section) for both general encryption and digital signatures.
- Quantum Key Distribution (QKD) – QKD is a key distribution methodology using quantum mechanics. It enables communication and connection security.
- Hybrid Cryptography – This is an area where PQC and traditional encryption methods are both used, therefore creating a hybrid solution. There are various approaches to using hybrid cryptography as a means of transitioning to quantum supported solutions.
- Quantum Random Number Generators (QRNGs) – Generation of quantum cryptographic keys. · Cryptographic-Agility – This is a means of an agile approach to adapting new security solutions and evaluating them as they become available.
NIST Post-Quantum Cryptography (PQC)
In August of last year, NIST released the first three encryption algorithm standards that are intended to withstand an attack of a quantum computer’s decryption capabilities. NIST has been working on PQC standardization, and these three new algorithms are the first contribution to such standards. NIST believes that a device capable of breaking current encryption methods could be seen within the next decade, therefore creating a relatively urgent need to secure existing methodologies for individuals, organizations, and nations.
NIST began the standardization initiative in 2015 and, together with the world’s leading cryptography experts, assessed 82 different algorithms from 25 countries. NIST is recommending that all companies integrate the three newly released standards into their systems and products immediately, providing code and instructions to assist in the process.
The currently defined standards are as follows:
- Federal Information Processing Standard (FIPS) 203 – General Encryption standard based on Module-Lattice Key-Encapsulation-Mechanism (ML-KEM).
- FIPS 204 – Digital Signature standard based on Module-Lattice Digital Signature Algorithm (ML-DSA).
- FIPS 205 – Digital signature backup method to ML-DSA based on Stateless-Hash Digital-Signature-Algorithm (SLH-DSA).
- FIPS 206 (unreleased) – Digital signature backup method to ML-DSA and SLH-DSA based on the Fast Fourier Transform over lattice based digital signature algorithm.
- HQC (unreleased, expected 2027) – General encryption backup algorithm for ML-KEM.
Vendor Progress in Quantum Readiness
There are various solutions to get companies started in quantum resilience. To maintain vendor neutrality, I will not mention vendors here, but I suggest that you look at the PQC roadmap of your vendors. You may also wish to look at quantum computing leaders and what programs they offer to get started with establishing quantum resilience for your organizations.
What To Do and When
Many of the companies I work with are interested in the threat posed by quantum computing, but they are not actively building or deploying a quantum strategy. I think this is a mistake.
The reason we must focus on implementing solutions immediately is the ‘harvest now, decrypt later’ issue. Even if we feel safe that we have not been the subject of a cyber-attack, it is possible that we actually have been or could become subject to data harvesting. This means that a hacker may be holding our data and waiting for the day that advanced decryption methodologies can break the data’s encryption with ease.
Q-Day, which commonly refers to the date when quantum decryption of traditional encryption technologies becomes a reality, is a real and serious threat. Most sources believe that Q-Day will arrive in less than 10 years, with others believing it will be less than 5 years. Regardless, protecting our data with Q-Day readiness is highly recommended. Given the release of the NIST standards and complimentary solutions, I suggest these be a priority for all of us and especially for CIOs and CISOs.
Some steps that are recommended to become quantum resilient as a company include:
- Discuss what quantum computing could mean to your company and build a quantum strategy.
- Implement solid and comprehensive backups, ensuring they work, and use best practice current methodologies to protect your data from ransomware attacks.
- Ensure any new data environments have post-quantum cryptography.
- Use large encryption keys and best-in-class algorithms to secure your data today.
- Implement quantum resilience approaches, especially PQC with FIPS 203 and 204 as a priority.
- Implement QKD or hybrid cryptography for key distribution.
- Consider cryptographic agility to stay on top of quantum resilience progress.
- Have regular reviews with your vendors, partners, and other third parties to assess their quantum resilient readiness and implementation of the above recommendations. Exercise such reviews with both software and hardware vendors.
- Continue best practices for IT and cybersecurity outside of quantum computing.
- Run tabletop exercises for Q-day scenarios.
In Summary
While quantum computing is a fascinating topic, it tends to get pushed to the side because the threat it poses doesn’t seem imminent. Unfortunately, many companies have not embraced a quantum strategy. Given the serious threat of Q-Day and ‘harvest now, decrypt later’, I suggest that we all prepare and strategize the security aspect of quantum now. And, while you’re at it, I think it is a good idea to do an analysis of how quantum computing can be an enabler and opportunity beyond the threats of decryption that it brings.