Inside Quantum Technology (IQT) held its World’s Quantum Cybersecurity Event over three days in New York City, October 25-27.
Eighty speakers covered a wide range of topics related to quantum hardware, post-quantum cryptography (PQC), national standards, and more, all working toward a safe migration when quantum is commercialized and has moved from the short-range networks running experimental programs to a fully functional quantum internet.
The keynote, delivered by Andersen Cheng, chairman of Post-Quantum, began with the essential problem for any quantum-safe solution, the fact that future quantum computers will be able to use Shor’s algorithm to break today’s encryption standards, which Post-Quantum reminds us, “safeguard virtually all data flowing over the internet today.” The National Institute of Science and Technology is getting closer to a final decision in their six-year search for quantum-safe algorithms, and the hardware for quantum key distribution (QKD) and the quantum random number generators for those keys are available today.
IN THE AIR, UNDER THE SEA
A basic question discussed at the conference was the when and how of quantum-safe. For those still hanging back, perhaps feeling secure remembering that it took decades to shift over to RSA and other encryption schemes that we use today, there were dramatic reminders of how the migration plans are accelerating and the ability of quantum to crack our current encryption safeguards like the 45-year-old public-key RSA cryptography is no longer just a distant possibility. A recent Quintessence Labs article claimed a classical computer would take about 300 trillion years to break an RSA-2048 bit encryption key, but “a perfect quantum computer could do this in 10 seconds.” That quantum computer would need about 5,000 qubits to manage that, and IBM has recently promised a 1,000-qubit computer by 2023.
Evidence of large national migration efforts currently underway was presented at IQT by Dr. Andrew Thain, expert in quantum communications and quantum information systems for Airbus Space Systems. Thain did a presentation of Airbus’s high-capacity satellites that can support the high throughput needs of satellite-based quantum key distribution networks. Airbus plans to have the new systems aloft by 2026 to support the launch of the European Quantum Communications Infrastructure (EuroQCI) scheduled in 2027. Thain explained, “We have a concept for the high-capacity satellite, and it’s possible to implement a high-capacity QKD satellite by exploiting basic technology that we’ve already developed in Airbus.”
Thain also touted the ripple advantages of this quantum technology. He sees it as “a transversal enabler, by which [he means] that it can be applied to all of our business units.” This is the reason for the heavy investments Airbus is making in the three pillars of quantum technology: quantum computing, quantum sensing, and quantum communication. Thain explained the profound reach of the satellites project: “The European Commission financed this particular project as a quantum communication infrastructure that delivers QKD to key users across Europe, and in a longer-term future eventually evolving to a quantum information network. It will be used in European use cases such as inter-governmental communications, and then will stimulate a quantum ecosystem and also stimulate ideas just in the same way that ARPANET a few decades later eventually gave rise to e-commerce and ‘e’ whatever you like.”
Another first day presentation at IQT by John Prisco, founder, president, and CEO of Safe Quantum, Inc., called attention to an ongoing threat that will detonate when commercial quantum arrives. There are data harvesting attacks today wherein hackers gain access to encrypted files and take away data that they’ll store until the time when they can purchase or lease quantum computing capable of decrypting the files for later sale or ransom.
Prisco describes a massive vulnerability to these harvesting attacks not in the clouds but beneath the seas. The maximum vulnerability he told attendees “is in the submarine cables. So, you know the old story, ‘Why do you rob banks? Because that’s where the money is.’ Well, where would you go to do a data harvesting attack? You would do it in these submarine cables.” According to the digital infrastructure group Dgtl Infra, there are approximately 450 submarine cable systems in service around the world.
Taken together, they span more than 850,000 miles and form a critical part of the internet’s infrastructure. According to Dgtl Infra, these fiber-optic cables laid on the ocean floor are “the backbone of the internet, carrying 99% of all international telecommunications traffic for personal, business, and governmental use. While we live in an increasingly wireless world, that connectivity depends on little-known undersea internet cables.”
Prisco explained that these cables are, for the most part, poorly protected, and they “can have the data they carry compromised with an optical tap without breaking the ongoing connection.” He also told of past reports of nuclear-powered submarines being used for optical tapping, and said attacks could be done in other ways, as well, near terrestrial landing stations where maintenance is done on the cables.
For those who believe there’s no need for concern yet, it’s time to think about the data they might be keeping for longer periods of time and also what the costs might be to catch up if they begin their migration far behind.
FIVE TRENDS IN 2022
Earlier in the year, John Prisco, as a member of the Forbes Technology Council, provided an overview of the quantum trends he expected in 2022 (Council Post: Five Trends For Quantum Science In 2022) as quantum computing continues to move closer to commercial viability. He prefaced the list with a generalization. “The fact remains, adoption of quantum computing will likely be evolutionary, based on available fiberoptic networks, equipment availability and affordability, and the foresight of IT and security professionals to embrace quantum technology early.”
These were cautionary and positive areas we should be watching now:
- “Quantum-based encryption is closer than you think.”
The prospect of quantum hacking traditional cryptography is unnerving, but he also reminds us that “the perceived beauty of quantum security is that it’s unhackable” (PQC).
- “Quantum computing as a service (QCaaS) is on the horizon.”
Amazon Web Services, Microsoft Azure, and others may put quantum security and speed within the reach of present-day technology.
- “Technology is catching up with the vision of a quantum internet.”
As research increases into the two missing elements, quantum memory and quantum repeaters, the notion of a quantum internet becomes more realistic.
- “Critical infrastructure grids will be early adopters of quantum security.”
The U.S. Department of Energy has initiated work on a national security goal of creating a smart grid to protect the infrastructure and customers.
- “Quantum technology companies are poised for growth and investment.”
Finally, Prisco mentions the increased investments of government, R&D, and business. “Accessibility to quantum technologies is expanding, and 2022 will likely be remembered as the year commercial quantum really began.”