Quantum computing still sounds like the realm of science fiction. The promise is that quantum computing can compute more than a hundred million times faster than the fastest supercomputer today. This will have extremely positive implications for solving big problems in science.
However, it has a darker side effect: encryption that would take thousands of years to crack with conventional computers could be removed in minutes, or even seconds. The consequence is that adversaries are now able to collect and store data that they can attack with a quantum computer for years to come. Some commercial and personal data will remain sensitive in the long term. Therefore, it is worth securing your data for the future to withstand quantum attacks.
How quantum computing works
The increased efficiency of quantum computing compared to the existing Von Neumann machines is such a huge leap that one can easily be forgiven for not believing them to be real. But speed is a byproduct of quantum computers, which is clearly different. Traditional computer chips are still based on the computing concept developed by John Von Neumann and published in 1945. In this system, each operation is performed sequentially by reading from an input device, logic processing, and then outputting back to memory.
Even massively parallel supercomputers work in this way. If they perform thousands of operations at the same time, each of them is still performed sequentially by the processor core. GPUs are simpler than processors, but also contain sequential units, albeit with much more parallelism with much more units. Traditional computation also works with bits that have two states – usually represented as 0 and 1. The input will be one state and after the operation the output will be the same or a different state. As problems become more and more complex, with more computational possibilities, breaking them down into individual sequential computations can mean that they go well beyond the capabilities of current architectures.
That’s not how quantum computers work. Rather than containing multiple individual computational cores to perform successive operations on a single bit in parallel, a quantum computer analyzes the probability of an object’s state before measuring it. Known as qubits, these states are undefined properties of an object prior to detection, such as photon polarization or electron spin. Since these quantum states do not have a clear position before the measurement, they mix many different possible positions simultaneously, not just two.
However, although undefined until measured, these mixed states can be “entangled” with the states of other objects in a mathematically related manner. By applying the mathematics of this entanglement to an algorithm, complex problems can be solved essentially in one operation. On the one hand, this can be used for very difficult scientific research, such as predicting the interaction of many particles in a chemical reaction or creating security codes that are much more difficult to break than the present ones. Conversely, they can also be used to break existing codes that would not be possible to crack with current computer technology, as they can pass through many possible solutions simultaneously.
In retrospect, a conventional computer would take around 300 trillion years – 22,000 times the age of the universe – to break the ubiquitous 2048-bit RSA encryption. But a 4099 qubit quantum computer would take as little as 10 seconds, using the Shor algorithm, which was designed to find the integer prime factors used in encryption keys. It is clear that there is a threat to many forms of cryptography. For example, the ubiquitous SSL and TLS protocols used to encrypt Internet connections use 2048-bit RSA keys and are therefore prone to breach by a quantum computer.
How fast are quantum computers today?
The good news is that we haven’t been at this stage yet. While 4099 qubits doesn’t sound like much with 64-core processors now performing over 3 billion operations per second per core, it’s still more than the most powerful quantum computer available today. The IBM Eagle, unveiled in late 2021, is only 127 qubits. Google’s Sycamore is only 53 qubits, Jiuzhang from the University of Science and Technology in China is 76 cubits, and most quantum processors (QPUs) are less than 50 qubits. There are D-Wave “quantum annealing” processors with a maximum of 5760 qubits, but they require a limited set of possible outcomes and cannot run the Shor algorithm required to break the encryption.
However, development is moving forward. Xanadu plans to launch a 216 qubit QPU called Borealis in 2022 and IBM aims to reach 433 qubits in 2022 with Osprey and then 1,121 qubits with Condor in 2023. So while traditional encryption remains for now safe, it won’t happen for much longer. For example, IBM’s roadmap aims to get 4,158 qubits by 2025, making it likely that breaking the 2048-bit RSA in real-time will be possible before 2030, the last year NIST initially he believed he would still be safe. You may not be able to go out and buy a desktop computer with quantum computing by 2030 – the first commercially available D-Wave quantum computer cost $ 15 million when it was shipped in 2017. Prices will drop, but it will likely only be large companies and countries that have QPUs for many years. However, not all of these countries care about our best interests, so the danger is looming.
Strengthening cybersecurity before quantum computing
Fortunately, there is time to prepare for the threat; for example by means of post-quantum cryptography based security products. These products can protect sensitive data today and secure it in the future against attacks from quantum computers.
Current encryption algorithms use either integer factorization, discrete logarithms, or discrete elliptic-curve logarithms, all of which Shor’s algorithm can overcome using a quantum computer. Post-quantum cryptography is moving to alternative approaches that are not amenable to quantum computing. Research is still in its infancy, based on the six basic methods, but products using this technology are already emerging. One example is QST-VPN (opens in a new tab), based on the OpenVPN library, but with post-quantum secure algorithms to protect user data. The server software is delivered via the AWS cloud, with clients for Windows, macOS, and a wide variety of Linux distributions, and offers businesses the ability to increase security right now, not after the quantum horse is gone.
Quantum computing has great potential to revolutionize the speed of computing. Like any new technological development, it has both good and bad implications. But now that we know what cybersecurity awaits – in the not-too-distant future – we can at least prepare ourselves for the beneficial potential of quantum computing to prevail over more nefarious possibilities.