Quantum computing still sounds like the realm of science fiction. The promise is that quantum computing can perform calculations more than a hundred million times faster than the fastest current supercomputer. This will have hugely positive implications for solving the big problems in science.
But it has a darker side effect: Encryption that would take thousands of years to crack using conventional computers could be sent in minutes or even seconds. The implication today is that adversaries are currently able to suck up and store data, which they can attack with a quantum computer for years to come. Some commercial and personal data will remain sensitive well into the future. So it’s worth future-proofing data to withstand quantum computing attacks.
How quantum computing works
The improved performance of quantum computing compared to existing ‘Von Neumann’ machines is such a huge leap that you could easily be forgiven for not believing it to be real. But the speed is a byproduct of how quantum computing works, which is distinctly different. Traditional computer chips are still based on the computer concept invented by John Von Neumann and published in 1945. In this system, each operation is performed sequentially, by reading them from the input device, processing them logically, and then sending them back to storage .
Even massively parallel supercomputers function in this way. If they perform thousands of operations simultaneously, each operation is still performed sequentially by the CPU core. GPUs are simpler than CPUs, but they also contain sequential units, albeit with a much greater parallelization of many more units. Traditional computing also works with bits, which have two states – usually represented as 0 and 1. The input will be one state and after processing the output will be the same or the other state. As problems become more complex, with more possibilities to compute, breaking them down into separate sequential calculations can mean that they go far beyond the capabilities of current architectures.
This is not how quantum computers work. Instead of holding many individual cores to perform sequential operations on a few bits in parallel, a quantum computer works on the probability of an object’s state before it is measured. These states, also called a qubit, are undefined properties of an object prior to detection, such as the polarization of a photon or the spin of an electron. Because these quantum states have no clear position before the measurement, they mix many different possible positions at once, rather than just two.
Despite being undefined up to the time of measurement, these mixed states can be ‘entangled’ with those of other objects in a mathematically related way. By applying the mathematics of this entanglement to an algorithm, complex problems can essentially be solved in a single operation. On the one hand, this can be used for very difficult science, such as predicting multi-particle interactions in a chemical reaction or creating security codes that are much harder to crack than the current ones. But conversely, they can also be used to crack existing codes that would be impossible to crack with current computer technology, because they can run through many possible solutions at once.
Putting this in perspective, it would take a conventional computer about 300 trillion years — 22,000 times the age of the universe — to crack the ubiquitous 2,048-bit RSA encryption. But a quantum computer with 4,099 qubits would take just 10 seconds, using the Shor algorithm, which is designed to find the prime factors of an integer used in encryption keys. It is clear that there is a danger to many forms of cryptography. For example, the ubiquitous SSL and TLS used to encrypt web connections use 2,048-bit RSA keys and would therefore be vulnerable to breach by a quantum computer.
How fast are current quantum computers?
The good news is that we weren’t at this stage yet. While 4,099 qubits doesn’t sound like much when we now have 64-core processors performing over 3 billion operations per second per core, it’s still more than the most powerful quantum computer of today. IBM’s Eagle, unveiled in late 2021, has just 127 qubits. Google’s Sycamore has only 53 qubits, China’s Jiuzhang University of Science and Technology has 76 cubits, and most quantum processors (QPUs) have fewer than 50 qubits. There are D-Wave quantum annealing processors with up to 5,760 qubits, but they require a limited number of possible outcomes and cannot perform the Shor’s algorithm needed to break the encryption.
However, development is progressing. Xanadu plans to launch a 216-qubit QPU called Borealis in 2022, and IBM aims to hit 433 qubits with Osprey by 2022, followed by 1,121 qubits with Condor in 2023. So while traditional encryption remains secure for now, it won’t. are much longer. For example, IBM’s roadmap targets 4,158 qubits by 2025, making it likely that 2,048-bit RSA can be cracked virtually in real time before 2030, the last year NIST originally thought would still be secure. You may not be able to go out and buy a quantum computer desktop computer by 2030 — D-Wave’s first commercially available quantum computer cost $15 million when it shipped in 2017. Prices will come down, but this will probably only be big companies and countries that will have QPUs in the coming years. However, not all of those countries will have our best interests at heart, so the danger is imminent.
Strengthening cybersecurity against quantum computing
Fortunately, there is time to prepare for the threat; for example, by using security products based on post-quantum cryptography. These products can protect your sensitive data today and future-proof it against attacks from quantum computers.
Current coding algorithms use either integer factorization, discrete logarithms, or discrete logarithms with elliptic curves, all of which can be beaten by Shor’s algorithm using a quantum computer. Post-quantum cryptography is switching to alternative approaches that are not vulnerable to quantum computing. Research is still in its infancy and based on six primary methods, but products using the technology are already emerging. An example is QST-VPN (opens in new tab), based on the OpenVPN library but with post-quantum secure algorithms that protect user data. The server software is delivered via the AWS cloud, with clients for Windows, macOS and a wide variety of Linux distributions, giving businesses the opportunity to start strengthening their security now, rather than after the quantum horse crashes.
Quantum computing has enormous potential to revolutionize the speed at which we can perform calculations. Like any new technological development, this has both good and bad consequences. But now that we know what cybersecurity has in store – in the not-too-distant future – we can at least prepare so that the beneficial potential of quantum computing takes precedence over its more nefarious possibilities.