The race between the United States and China for quantum supremacy is on. However, the arrival of quantum computing threatens to destroy current cybersecurity systems and to make today’s encryption techniques obsolete. This places under threat all information currently protected by today’s cryptographic techniques.
The Race is On
Quantum computing has the potential to tackle problems classical computers can’t. It is seen as the next technological frontier that will change the world. The quest for quantum computing supremacy is not just a race between China and the United States. Other nations like Europe, Australia and Canada see it as a geopolitical priority.
The advantage of having the first computer that makes all other computers obsolete would be enormous. It would provide economic, military and public health advantages to the winner of this cyberspace race. Quantum computing could be used to optimize climate change and weather forecast models. It could also be used to achieve faster delivery of products and lower costs for manufactured goods.
Although advances in computing such as quantum computing can be life changing, with it comes the need for comparable advances in cybersecurity.
The Threat of Quantum Computing on Cybersecurity
The main goal of cybersecurity is preventing data breaches and preserving data integrity by using public-key cryptography. The anticipated computing power of quantum computers, however, is expected to be able to break any of today’s most sophisticated encryption systems within days or hours.
Consequently, quantum technology is seen as a serious security risk for companies and individuals alike. Such power in the hands of cybercriminals would put personal and financial information stored on hard drives or in the cloud under major threat. The exchange of information that occurs during online purchases or when work email is accessed remotely, for example, will no longer be secure.
All Data at Risk
All data would be under threat of attack from cybercriminals or other malicious actors. Private data, bank and health records, as well as military and state secrets could all be under threat. Global financial markets and secret government intelligence would no longer be secure.
Furthermore, not only are today’s encryption techniques not secure in a post-quantum world, but today’s encrypted data is also not safe. “An attacker can record our secure communications today and break it with a quantum computer years later. All of today’s secrets will be lost,” says Tanja Lange, professor of cryptology at Eindhoven University of Technology, the Netherlands.
According to Lang, a quantum algorithm already exists that can break all cryptographic techniques currently used to secure connections on the internet. All that is needed is the anticipated computer power of quantum computers for all the world’s data to be at the mercy of malicious actors.
What is Being Done to Counter this Threat
In the face of such a threat, companies are already demanding solutions, even though quantum computing is still just at the experimental stage. In response, the European Commission has provided a research consortium called PQCRYPTO with €3.9 million in funding. The consortium, lead by Lange, is tasked with developing new cryptographic techniques that will be secure in a post-quantum world.
Private enterprises such as IBM, Google and Microsoft are also conducting research to design cryptographic technologies resistant to quantum attacks. Research into quantum secure encryption algorithms is seen as crucial to prepare for what is being called the “techpocalypse”.
Place of VPNs in the Post-Quantum World
Currently, cybersecurity solutions for consumers and businesses rely heavily on virtual private networks (VPNs) for an extra layer of protection. To provide online security, VPNs use cryptography to create a secure tunnel between a user and the Internet.
However, with the arrival of computers capable of cracking today’s cryptographic techniques, VPN technology risks becoming obsolete if it doesn’t evolve to keep pace.
Consequently, efforts are already being made towards preparing VPNs for the post-quantum world. Microsoft for example, has started the NIST Post Quantum Project, which is looking at combining OpenVPN software with post-quantum resistant cryptography.
VPNs are also being considered as possible short-term solutions in the post-quantum world to protect applications that are not quantum ready. Since VPNs allow applications to run inside them, VPNs secured with post-quantum cryptography could be used in a post-quantum world to run applications that are not yet quantum ready.
How Far Away is Quantum Computing
Quantum computers are currently very sensitive to interference from sound, temperature and vibration. This makes them very unstable and limits their computing power, making them not much better than computers of today.
Nonetheless, some have predicted that the first commercial quantum computer could come as soon as 2022. This seems unrealistic to most. Most theorists expect that quantum technology will become a fully developed technology by the year 2025.
In line with this, it is expected that it will take 10 years or so before a powerful and stable enough quantum computer will be operational that can break today’s public-key cryptography, making it obsolete.