The positive implications of the arrival of the quantum era are obvious. However, not all potential uses of quantum computing power are quite so benign. Quantum computers are ideally suited to solving complex mathematical problems, such as the factoring of large numbers, which is at the core of asymmetric cryptosystems. This has serious implications for cybersecurity.
Indeed, cybersecurity relies on a rather restricted number of cryptographic primitives. Foremost among them are the well-known RSA and ECC algorithms. Both are based on the hardness of factoring, which does not hold true anymore once quantum computers are available.
As the critical lifespan of data gets longer, the danger becomes more tangible. Data stolen today does not have to be decrypted today to hold value. Financial, healthcare and intellectual property data stolen today could still be relevant in 10 years’ time.
The ability to download now and decrypt later means than, even if they are only available in several years, quantum computers pose a genuine threat to data security today.
In response to the threat of the quantum computer, there is a need to replace the current cybersecurity infrastructure with a new quantum-safe one. For this purpose, cybersecurity innovators are turning to a variety of technologies.
First, one can replace current cryptographic algorithms, which will not withstand the arrival of the quantum computer, by a new set of quantum-resistant algorithms, also known as post-quantum algorithms. The search for suitable algorithms has been formalised by a process led by the NIST in the USA.
Candidates for various cryptographic functions are currently under scrutiny. Standardisation is expected within 4 to 5 years. However, there is a distinct possibility that new quantum algorithms, i.e. algorithms operating on quantum computers, may threaten these. The risk may be unreasonable for data with high and long-term value.
Alternatively, in an interesting twist, one can use quantum technologies themselves, and in particular quantum cryptography to counter the emerging threat. Advances in the development of quantum key generation and quantum key distribution (QKD) for example are well underway.
QKD is a breakthrough technology that exploits one of the fundamental principles of quantum physics (observation causes perturbation) to ensure forward secrecy of encryption keys across an optical fibre network, or across free space. Any attempt to eavesdrop on the network would be detected and passive interception is rendered impossible.
Unlike the quantum computer, QKD is already a reality. There is a number of real-world installations of QKD already in place. This includes a 2000 km-long infrastructure backbone in China, used to secure data exchanged between Beijing and Shanghai (and all points in between). This is currently being extended to an 11’000 backbone, which will cover most of Eastern China.
In Europe, the QComm hub has recently launched the UK Quantum Network (UKQN), while other QKD networks are planned in several countries. In the USA, QKD real-world implementation is led by a private company, Quantum Exchange. Quantum Exchange is building a key-as-a-service infrastructure to link financial companies in the New York area, with more to come.
ID Quantique is a pioneer in the field of quantum security solutions, delivering a certified source of entropy for key generation with our Quantis range and provably secure key exchange via our Clavis and Cerberis range of products.