While quantum computing is a revolutionary development, attempts to safeguard quantum computers using the existing security systems may prove insufficient. The reason is that quantum computers, unlike modern-day computing devices, function on the principles of quantum mechanics. The difference in approach and principles makes it incumbent upon organizations to devise new defensive mechanisms against emerging cyber threats, says the Cybersecurity and Infrastructure Security Agency (CISA).
What are quantum computers?
Quantum computers run on the principles of quantum theory and quantum mechanics. Quantum theory expresses the behaviour of atoms and energies at a quantum (sub-atomic) level. Like modern-day computers, quantum computers also use bits to store specific information or perform certain tasks. These are called quantum bits (qubits), a quantum version of classic binary bits (binary digits). According to Allied Market Research reports and predictions, in 2020, the global quantum computing market size was pegged at US$ 1,370.82 million. According to the projection, the market size will reach US$ 18,336.45 million by 2030.
What is quantum computing?
Quantum computing is a form of computation where information is processed using quantum-mechanical phenomena, such as superposition and entanglement. A quantum computer operates on qubits, which can represent a zero, a one, or any other two-state system. Quantum computers are different in design and function than the computers that we use today.
Security concerns for quantum computing
Quantum computers are not yet commercially available. Still, security researchers and professionals worry about the risks of quantum computing, especially in the context of technology and IT infrastructure. CISA advised organizations to take proactive measures to protect networks and corporate infrastructures against cybersecurity threats emanating from the advent of quantum computing. CISA also released its suggestions on how organizations should prepare for securing critical infrastructure and post-quantum cryptography.
The agency also recently published a paper addressing leaders to start equipping themselves for the great transition from classic computing to quantum computing. The report mentioned tips on various security risk mitigation methods and urged them to participate in conceiving new security standards.
Achieving the Quantum Supremacy
The specialists in the field of quantum computing believe that quantum computers will attain superiority over classical computers by the end of this decade. It might quickly render the existing computing systems obsolete with successive capability leaps. By harnessing the power of quantum mechanics, quantum computers can perform powerful computations in seconds that traditional computers take hours or even days to accomplish. Cryptographic techniques and algorithms that are now considered the strongest will get cracked in seconds through quantum computers.
"When quantum computers reach higher levels of computing power and speed, they will be capable of breaking public key cryptography, threatening the security of business transactions, secure communications, digital signatures, and customer information," explains CISA. On August 26, China's Baidu came up with "Qian Shi." It is an industry-level quantum supercomputer that it plans to commercialize soon. It can achieve a stable execution and performance at ten quantum bits of power.
Preparing for the new dimension of cybersecurity
Research and development of quantum encryption are already in progress. Furthermore, the National Institute of Standards and Technology (NIST) plans to publish the official guidelines for leveraging cryptographic measures by the end of 2024. Various companies and security firms are investing heavily in research and development (R&D) to win the race for quantum supremacy. Some prominent companies on the list are IBM, Intel, Google, Microsoft, etc. Experts from CISA, in collaboration with Homeland Security, also recommend the stakeholders follow the post-quantum cryptography roadmap given here.
Some essential measures that the roadmap mentions are:
Enterprises should prepare an inventory of all those systems that use cryptographic algorithms. This way, in the future, enterprises can smoothly shift them from modern cryptographic techniques to quantum cryptographic security.
Enterprises should also identify critical assets that are encrypted using public key cryptography to ensure such enterprise systems are tagged as quantum vulnerable.
Company owners and top executives should improve their engagement with firms and institutions developing post-quantum standards.
Quantum computing is the next disruptive technology that will bring a new era in computation along with associated security risks. As the technology is still in its nascent stage, organizations should take proactive measures to protect themselves from quantum computing cybersecurity threats. They should also participate actively in formulating new security standards and investing in research and development of quantum-resistant cryptography.