Quantum technologies are expected to unlock transformative opportunities in computing, sensing and communications. At the same time, they introduce unique challenges for current operating practices across government and industry. Perhaps most alarmingly, quantum computers capable of breaking encryption could exist as early as the end of the next decade. Thankfully, we already have a roadmap for protecting sensitive systems and data against this threat. Recognizing the complexity of translating this roadmap into practice, the White House has initiated several recent executive actions to accelerate whole-of-government preparation for quantum technology capable of disrupting U.S. infrastructure and interests.
In this article, we untangle how quantum technology threatens cybersecurity and outline what organizations can do today to begin protecting sensitive assets against quantum attacks.
Encryption in the digital age
The internet relies on multiple cryptographic techniques to meet different information storage and communications needs. Public key (or asymmetric) cryptography has become an especially popular mechanism for encrypting information in the digital age because it sidesteps symmetric cryptography’s logistical challenge of sharing a single key. Public key cryptography rests on the assumption that we can effectively secure information behind certain difficult math problems, and it has successfully delivered on that promise since the 1970s. Certain calculations are so computationally onerous that they are practically impossible to solve, even with today’s best supercomputers. But quantum technology is changing the rules of the game.
Encryption in the quantum age
Quantum computers will solve certain types of problems exponentially faster than today’s computers, which we call classical computers. But “faster” is a bit misleading; against certain problem sets, quantum computers enable entirely new capabilities. Some of these are incredibly exciting and offer opportunities to revolutionize public service missions. Others threaten the foundation of modern data protection as they decompose the difficult math problems we rely on for cybersecurity. Quantum changes what constitutes a “hard math problem” by requiring it to be difficult for both classical and quantum computers. To meet this new standard, the field must identify new cryptographic algorithms. Ultimately, this transition will require organizations to identify and update vulnerable cryptography with quantum-resistant alternatives, referred to as post-quantum cryptography (PQC). The urgency around PQC has grown tremendously in the last year, but we’ve been headed for this inflection point for a long time.
When we talk about the quantum cyber threat, we often talk about factoring. Factoring is one of the computationally intractable problems enabling public key encryption today. For example, RSA encryption uses factoring to establish a mathematical relationship between a public and private key. Without knowing one of the factors in the published public key, decomposing the large number into its primes is so computationally onerous that we have been able to effectively conceal information behind this calculation for half a century. However, in 1994, Peter Shor demonstrated that this approach would not remain secure forever. Quantum computers can solve these problems efficiently, leaving RSA-encrypted information vulnerable when the quantum hardware necessary to implement Shor’s algorithm reaches scale.
If we’ve known about this possibility since the 1990s, what changed to drive the urgency we’re seeing today? The simplest answer is quantum computing capacity. When Shor developed the algorithm capable of breaking RSA encryption, it was not clear if we would ever have a quantum computer capable of executing it. Today, we know that it is a question of when, not if. The National Institute of Standards and Technology and the Department of Homeland Security warn we could see a quantum computer capable of breaking current encryption methods as early as the end of the next decade. That may sound far away, but those familiar with the complexity of this and other cryptographic transitions know that we’re up against a challenging timeline to transition to PQC.
PQC refers to the suite of classical algorithms designed to be difficult for both classical and quantum computers. NIST is in the final stages of standardizing these algorithms and NSA has already recommended PQC as our front-line solution for quantum-safe cybersecurity. In parallel, DHS recently published guidance to help federal agencies begin planning for PQC. In January 2022, the White House issued National Security Memorandum VIII (NSM-8) updating Executive Order 14028 to include new PQC transition requirements for national security systems. Additional requirements followed in May 2022, continuing to build momentum for the whole-of-government transition required for post-quantum cybersecurity. The Executive Order on Enhancing the National Quantum Initiative Advisory Committee reinforced the strategic importance of this technology area by establishing that the committee shall now report directly to the President in addition to its previous duties. NSM-10 emphasizes the urgency of PQC transitions by establishing an annual assessment and review cadence to ensure progress in a national quantum-safe cyber posture. NSM-10 also reflects the importance of parallel efforts in the private sector and tasks NIST with creating public-private partnerships to encourage private entities’ adoption of shared PQC migration standards.
Organizations must start planning their transition today to ensure the appropriate protections are in place for their most sensitive assets before quantum computers capable of breaking public key encryption emerge. NIST suggests that “it may be decades before the community replaces most of the vulnerable public-key systems currently in use” given the complexity of transitioning to PQC. If we really do see cryptographically relevant quantum computers by the end of the decade, that’s time we don’t have. NIST also called special attention to the fact that the community cannot expect PQC algorithms to function as drop-in replacements. Every agency’s migration will be unique, intensifying the importance of early prototypes to identify PQC’s effects on application and network performance. By auditing their cybersecurity infrastructure, organizations can identify vulnerable cryptography and develop comprehensive strategies for prototyping, implementing and maintaining security against both quantum and classical threats.
Jordan Kenyon, PhD is a senior lead scientist at Booz Allen Hamilton. JD Dulny, PhD is a director and serves as Booz Allen’s firm-wide quantum lead. The Booz Allen quantum team focuses on the science and impact of quantum technologies to client missions.