Quantum Computing Poses Risks to Data and Cybersecurity
As quantum computing matures, developers race to meet the cybersecurity challenges it brings.
- By Kayla Williams
- March 16, 2023
Quantum computing is a new hardware technology that has the potential to change the way the world processes large and complex problems. It is a pioneering new computer science technology based on the principles of quantum theory – using materials on an atomic or subatomic level. This gives quantum computing the potential to solve problems that have historically been deemed too complex for traditional computing methods because it can grow exponentially and essentially calculate all possible configurations at the same time.
Public companies including Google, IBM, and Amazon are investing heavily in quantum technologies, while governments have poured billions into research and development programs in efforts to be the first to harness it. As quantum computing garners more attention and promises to drive transformational changes with breakthrough applications, it also opens the door to new and dangerous threats.
Quantum computing is forecasted to revolutionize industries ranging from aerospace and pharmaceuticals to finance and manufacturing. For example, harnessing the power of quantum computers could allow scientists and researchers to design life-saving drugs faster, and the automotive industry to create longer-lasting batteries for electric vehicles and promote a greener economy.
Similar to the space race, governments also have a stake in the quantum computing game. In 2018, the White House Office of Science and Technology Policy and the Department of Energy invested more than $1 billion into quantum computing research and created the National Quantum Initiative Advisory Committee to provide counsel on quantum computing. In 2020, the Chinese government allocated $10 billion to construct the National Laboratory for Quantum Information Sciences.
However, with any new technological advancement comes inherent risk. Quantum computers can break many of the encryption algorithms currently used to protect sensitive data, posing a grave threat to all data users.
Quantum Computing as a Cybersecurity Risk
Modern encryption relies on the difficulty of calculating solutions to mathematical problems to keep data secure. Thanks to the exponentially greater processing power of a quantum computer, it could be capable of calculating all possible solutions to those problems simultaneously, essentially breaking an encryption cipher and making the encryption null and void.
The post-quantum computing era will require companies to find new forms of encryption, as current methods may not be secure against quantum-based attacks. Although much of the research into quantum computing is currently taking place in academia, private and government organizations are increasingly focusing on the potential cybersecurity risks it poses. The National Quantum Blueprint, announced at this year's World Economic Forum, aims to guide nations looking to invest in quantum technology development while assessing its cybersecurity dangers. As the view of quantum computing shifts from an exciting innovation to a potential cybersecurity threat, it is becoming an increasingly pressing concern.
Addressing Quantum Computing Challenges
As an example of the work being done to address the challenges posed by quantum computing, Microsoft is developing a post-quantum version of the Transport Layer Security (TLS) protocol. TLS is a commonly used security protocol that protects data transmitted over the internet. However, Microsoft has noted that some of the asymmetric algorithms used in the TLS exchange can be vulnerable to particular algorithms when executed on a quantum computer. In July 2022, the National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce released the first four quantum-resistant cryptographic algorithms resulting from a six-year competition. These algorithms will be included in NIST's post-quantum cryptographic standard, which is expected to be released in 2024.
Further research into cryptography protection is being conducted by IBM. In doing their research and thanks to their quantum computing network, Big Blue has developed a proprietary system called Quantum Safe, which works directly with companies to identify their specific risks, assess their maturity, and determine what steps must be taken to ensure mature security controls, including cryptographic standards adoption. As recently as November 2022, IBM and Vodafone announced a partnership to help prepare the telecommunications giant for the next wave of quantum computing challenges that will arise, aiming to protect their assets and data with Quantum Safe across a variety of telecommunications use cases.
Although the adoption of new cryptographic algorithms may require changes to current business practices, the potential benefits of quantum computing far outweigh the risks. However, it is crucial to manage these risks effectively to shape the future. When used responsibly, quantum computing has the potential to make a significant positive impact.
Kayla Williams is the CISO at Devo. In her career, Williams has worked in many facets of information and process assurance. Prior to joining Devo, she worked as the director of GRC for LogMeIn, a global SaaS company, where she developed and implemented the information security policy framework, as well as security, compliance, and technical privacy risk framework, streamlined the company’s compliance function and instituted a security and technical privacy governance steering committee. You can reach the author on LinkedIn.