Threat level quantum: cybersecurity systems are at risk
Data encryption tools used by businesses and government could soon be obsolete.
The development of quantum computing technologies will threaten to undermine even the most sophisticated cybersecurity systems deployed by both businesses and government, according to a report by the Global Risk Institute (GRI).
Within 10 years, the report purports there is a one-in-seven risk that advanced quantum computing will undermine critical public-key cryptography tools, and a 50% risk that most of them will be obsolete by 2031.
Public-key cryptography is an encryption scheme that uses two mathematically related keys. A public key encrypts while a private key is used to decrypt important data. The practice is the foundation of digital commerce and used by many large global organizations, such as financial institutions, online retailers and government agencies.
The report was authored by Michele Mosca, a special advisor on cybersecurity to the GRI, co-founder of the Institute for Quantum computing at the University of Waterloo and a founding member of the Perimeter Institute for Theoretical Physics.
Mosca believes the threats stem from the power of quantum computing to execute tasks beyond the reach of conventional computer, which typically use long strings of bits that encode either by a 0 or a 1. Quantum computing permits the bit to embody both the 0 or 1 states simultaneously. Manipulating a large collection of quantum bits, known as qubits, allows a quantum computer to process an infinite number of 0s and 1s at the same time.
Quantum computing has largely been a branch of fundamental physics and computer science, but it’s working its way into newer technologies with the potential to support groundbreaking and creative applications, such as high precision measurements and medical imaging.
D-Wave Systems Inc., a Vancouver-based developer of quantum computing technologies, has worked with Lockheed Martin to explore how the aerospace and defence manufacturer could use the technology to create and test complex radar, space and aerospace systems, and speed-up complex computation tests.
Another application is digital signatures, a fundamental requirement for online security, which allow a verifier such as a user’s browser to confirm that a piece of code comes from a trusted source and has not been tampered with.
Mosca’s report cautions “when the cryptographic foundations on which a cyber system is built are fundamentally broken, the system will crumble with no quick fixes.”
And fail-safe replacements would take years to develop.
“It is very important that we are not caught off-guard and forced to firefight a threat that takes years of preparation to properly defend ourselves against,” Mosca adds.
The report is part of the Toronto-based Global Risk Institute’s funding of research into quantum computing, which focuses on medium and long-term implications that are likely to have a profound impact on the financial services industry.
Recently, the federal government invested $76.3 million in the University of Waterloo’s Institute for Quantum Computing to accelerate the development of technologies including a universal quantum processor, quantum sensors and long-distance quantum communications.
The money was made available through the Canada First Research Excellence Fund, which deployed $900 million in funding across 13 research initiatives nationwide.