As we begin to overcome the hurdles in developing commercially viable quantum computers, it is important to consider the security threats posed by these much more powerful machines.
Chief among these are threats to encryption that put everyone’s online security at risk. We spoke to Nils Gerhardt, Chief Technology Officer and Head of Product at Utimaco, to find out what the future holds after the era of quantum computers.
BN: What threat does quantum pose to existing cryptography?
NG: People have likened this to the advent of nuclear weapons and warned of a “quantum apocalypse,” but I think we need to be realistic about the actual extent of this risk.
Certainly, the emergence of commercially available and relatively easy-to-use quantum computers today would be a catastrophe. Quantum computers could potentially crack the encryption that protects our critical data and infrastructure in minutes, not trillions of years. This would mean that millions of systems we rely on every day would be compromised, almost anything could be edited, sensitive data could be exposed, and data we need to know to be true could be called into question.
I like to think about it this way: What if we knew about a pandemic like COVID-19 decades in advance? We could use that favorable situation to vaccinate the world, and there would be no negative impacts when the pandemic finally arrives. That’s where we are today. We know the consequences of doing nothing would be dire, but we know exactly what we need to do to prepare. Organizations like NIST have already identified quantum-resistant cryptography, and companies like Utimaco have been integrating these algorithms into their hardware and software for years, so many of the solutions we need are already available.
BN: How far away is a post-quantum world?
NG: We really don’t know. The theory has been around since 1980, and basic quantum computers have been around for a few years now. Google and NASA achieved quantum supremacy (the ability to solve certain problems that cannot be solved by classical computers) in 2019. This doesn’t mean we’re a few years away from having quantum computers on our desktops or being able to crack encryption.
The main problem with quantum computers today is that they are prone to inaccuracies due to interference with the tiny, unstable “qubits” that power them. Small fluctuations in temperature or electromagnetic interference can corrupt the qubits, and the ways in which they can be corrupted are much more complicated than the relatively simple “bit flip” in classical computers, where a 0 becomes a 1 and a 1 becomes a 0, for which there are now sophisticated ways to correct the errors. Correcting these errors would make quantum computers much easier to use and reduce the need to be cooled to absolute zero.
A few years ago, the focus of quantum computing development was on building systems with more and more qubits, but today the focus is on error correction. The engineering challenges to this are large, but they will be overcome. This could be decades away, but a breakthrough could make practical quantum computers available sooner.
BN: What should organizations do now to prepare for the coming era of quantum computing?
NG: The first advice I can give is to pay attention. Stay up to date with what’s going on in the world of quantum computing so you know what’s likely to happen next. There’s always news about new developments that will tell you what to do now.
From there, it’s important to understand how your company will adapt to a post-quantum world. The first wave of quantum computers will likely be used by nation-state actors, not criminal groups, meaning organizations that are likely to be the first targets in a conflict (even an undeclared “cold war”) should urgently pursue quantum resistance. This includes companies that work directly with governments and the military, as well as utility, energy, and infrastructure companies. Of course, quantum computers will likely be so effective that sooner or later any company will have to take their security seriously.
In this regard, it is important to consider how long the data and hardware will be active: companies that manufacture smartphones with an average lifespan of 2-3 years are unlikely to need to think about securing these devices against the threat of quantum computing. On the other hand, car manufacturers whose products may remain on the road for 10 years or more will need to take seriously the idea that their cars will be active when quantum computing becomes a potential threat.
BN: How will quantum impact development and the software supply chain?
NG: Quantum security will start to move from science fiction to a realistic necessity very quickly. The use of quantum-resistant algorithms in new technologies will become much more commonplace, especially in equipment that will be in the field for 10 years or more.
We will also see a move to incorporate quantum security into existing systems. The payments industry in particular has many legacy systems in use today that will be in use for the next decade or more. These systems will need to be upgraded soon to remain secure in the future.
Finally, we expect quantum security to become a “must have” when companies consider which other companies to work with, and OEMs will need to ensure they are using the latest quantum-resistant security or risk being left behind as their customers start to take quantum security seriously.
BN: We’ve talked a lot about the risks, but what are the benefits of quantum computing?
NG: The possibilities are endless. Not only will quantum computers be faster than classical computers, they can “think” in a fundamentally different way than classical silicon systems. By being able to leverage probability rather than being limited to simple binary numbers, quantum software can solve problems such as the “traveling salesman problem” that stumps classical computers. In this problem, you are given a group of cities and the distances between them, and ask the computer to find the shortest route between each city. As more cities are added, it becomes much more complicated, resulting in trillions of possible routes. A classical computer could solve this by “brute force” by testing each route individually, but a quantum computer could theoretically solve this problem much faster, due to the special properties of quantum mechanics. This could be used for everything from planning routes for delivery vehicles to global logistics chains and even faster development of new medicines.
More precisely, we know less about the potential of quantum computers than Charles Babbage and Ada Lovelace, the two people who built the first prototypes of what would become computers centuries later. In the early stages, they may be faster than classical computers, but in the long term, we don’t know what they will be capable of. This is scary, but it is also very exciting and opens up new opportunities.
Image credit: Elnur_/depositphotos.com