Understanding the Quantum Threat: Chapter 1

By now, you may have heard of the looming threat quantum technology poses to cryptography. But what's the real story behind it? In this introductory article of our 3-part series titled Understanding the Quantum Threat, we will delve into the world of quantum computing and unveil the enigmatic timeline leading to the emergence of a quantum computer with the power to shatter classical cryptography. Join us for a closer look at the quantum threat.

The Quantum Threat

To understand the quantum risk, we rewind to the groundbreaking 1990s, when Peter Shor, a visionary mathematician, discovered an algorithm that holds the tantalizing potential to attack fundamental algorithms in classical cryptography that form the bedrock of our secure communication systems. The catch? Today's supercomputers remain powerless to execute these algorithms. However, the day when a powerful quantum computer will change the game is fast approaching.  

Quantum Supremacy Achieved

One thing that many people are unaware of is that researchers have been experimenting with quantum computers for over a decade. While these processors were initially very limited, their processing powers have grown exponentially. Not only are there already quantum computers in operation today, but there are quantum computers that have broken the quantum supremacy barrier. Quantum supremacy means that a quantum computer can solve some problems faster than any (non-quantum) supercomputer. When we say, ‘broken the quantum supremacy barrier,’ we mean that there exist quantum computers that have solved certain mathematical problems very quickly, say in mere seconds, that would take the most powerful classical supercomputer millions of years or more.

The quantum supremacy barrier does not mean that the quantum computer can run every problem faster than a classical computer. In fact, most problems will always be faster to run on a classical supercomputer. The mathematical problems used to demonstrate quantum supremacy were carefully chosen to give quantum computers an edge; they were not designed to have any practical use cases.

Practical Applications for Quantum Computers Abound

That does not mean that quantum computing will not be useful. It is likely that within a few years, quantum computers will already be powerful enough to solve numerous commercial problems. Some areas that will most benefit from quantum computing are material engineering, pharmaceutical design, logistics, finance, and artificial intelligence. According to Canada’s National Quantum Strategy, "in 2045, quantum is expected to be a $138.9 billion industry, with 209,200 jobs and $42.3 billion in returns".

Governments worldwide, including Canada, the USA, the EU and China, are investing aggressively in the quantum sector, aiming to stay at the forefront of research and development. Major international technology companies, including IBM, Google, and Microsoft, as well as engineering companies specializing in quantum technology, have ambitious programs to build commercially viable machines in the next couple of years.

A Timeline for a Cryptographically Relevant Quantum Computer

The tens of billions of dollars being funneled into quantum computing research has resulted in the rapid development of quantum computers’ power. Yet, this still begs the question, when will a quantum computer be built that is powerful enough to break current cryptography? This is extremely hard to predict, because a single engineering breakthrough could significantly change the landscape, and there are many players in academia and industry making active progress.

Another point that makes estimating the timeline difficult is that it is unclear if certain governments – most notably, the American and Chinese governments – have even more powerful quantum computers that are classified. It is, however, public knowledge that the American government is putting in place regulations for its agencies to transition to quantum-resistant cryptography as soon as new quantum-safe cryptographic standards become available. In the meantime, while these standards for quantum-resistant cryptography are being finalized, the American government will require agencies responsible for National Security Systems to deploy mitigation strategies – namely, using classical cryptography with larger parameters that take longer to break.

One point to note is that quantum computing has not hit a hard barrier, and the scale of quantum computers continues to grow exponentially. By looking at the speed of progress in the last five years and the amount of funding that has been recently dedicated to the field, we estimate that a quantum computer capable of breaking classical cryptography could exist within the next eight to fifteen years. To understand how this will affect your organization, stay tuned for the next blog post of our Understanding the Quantum Threat series coming out next week, or contact us today at info@infosecglobal.com.

The NCCoE Emphasizes Cryptographic Discovery as First Step in PQC MigrationThe Time for Post-Quantum Readiness is NowHow the Growth of Cryptography Impacts IT Security, Risk, & Compliance