The quantum computer revolution: here tomorrow, so we must prepare today

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Phil Quade, Chief Information Security Officer, Fortinet


• The impact of quantum computing on internet security will be so great we must start planning now.

• The impact of quantum computing on internet security will be so great we must start planning now.

• Its exponentially higher processing power will render widely used cryptography obsolete.

• ‘Security agility’ – crypto agility – is a key concept in being quantum-ready.

Strategic thinking has enabled many of mankind’s greatest successes. But when some leaps are just too big for a single bound, or seem too far into the future, strategic acting – incremental, consistent decision-making consistent with a long-term vision – can serve as an enabler for future success.

While an operationally viable quantum computer seems beyond the horizon to most, the steps needed to prepare for its inevitability are indeed within sight. We need more advanced planning in cyberspace to prepare for the impact of quantum computing, where, without some changes, it will undercut all internet integrity and confidentiality – an economic and social disaster. This is where strategic acting can come into its own.

A quantum computer is radically disruptive; it will use a different method to represent and compute information, allowing much, much faster speeds. It’s not just evolutionary, but revolutionary. Quantum computers will be as revolutionary in this century as computers were to last century’s mechanical calculators. They’ll be built by, essentially, leveraging the properties of atoms we studied in physics class. They can be millions of times faster.

A quick primer on internet security foundations might help us understand this disruptive potential.

Confidentiality, Integrity and Authentication – of people, machines, software and data – underpin all internet security (and undermines it when poorly implemented); cryptography – the use of mathematical equations to protect information – is at their foundation:

• Confidentiality (e.g. scrambling data to render it private)

• Integrity (e.g. preventing attempts to falsely change “deposited $100” to “deposited $10,000”)

• Authentication (e.g. verifying the identity of the person you’re communicating with)

How does something as important as cryptography work? A good analogy is a combination lock on a high-school locker. (In this analogy, the padlock is the cryptographic “algorithm”, and its secret numbers are the cryptographic “key”.) Combination locks have two security functions: lock – a simple mechanism that requires you to do nothing more than push it together to close/secure; unlock – a relatively complex mechanism that relies on secret numbers provided to the lock through a clockwise/counter-clockwise motion. That’s what well-designed and implemented cryptography is: a mechanism to easily apply the security, but completely impractical to guess unless you know the key to unlock it.

But once an operationally viable quantum computer is produced, it can guess the possibilities at a substantially faster rate: exponentially so.

If you tried to read a cryptographically scrambled message by guessing the cryptographic key with today’s fastest computers – even working together – it is not practical. The mathematics of cryptography triumph over computer science. Cryptanalysts may try to use supercomputers (combined with mathematical insights), but it’s completely impractical to brute-force a modern crypto algorithm’s key, which is why cryptography serves as the foundation of security.

For decades, engineers made computers with more computational power by either speeding up the time it takes a processor to evaluate each individual binary possibility, or adding multiple processors that look in parallel at different possibilities. In theory, with enough speed and parallel processing, you could test all possible lock combinations (the cryptographic key).

But manufacturing complexities create a practical limit to the first approach. And the second technique, parallel processing, becomes prohibitive due to processor costs and the expense to power and cool them (they melt or otherwise malfunction when running fast and in close proximity).

Therefore, well-designed and implemented cryptography is far beyond the reach of fast/parallel processor supercomputers’ ability to guess each possibility.

But quantum computers can make many more guesses at once. Sometimes resulting in exponential (the doubling, of a doubling of an amount, etc.) increase in processing power, rather than the incremental increases possible with traditional computers. Importantly, certain kinds of mathematical problems are well-suited for a quantum computer.

Most believe an operationally viable quantum computer – one that is both reliable and has a useful number of qubits (the data units of quantum computers) – is five to 15 years away and that a handful of countries are pursuing that goal.

We need to prepare now. This is how:

1. Make “security agility” part of your operational security doctrine. When purchasing cybersecurity in the next two to five years, tell your providers you want “crypto agility”, i.e. the seamless ability to swap to “quantum-resistant asymmetric cryptographic algorithms” when available.

2. Adopt quantum-resistance cryptographic algorithms when available. Ideally, use a standard quantum-resistant algorithm several years before a quantum computer is thought to be available, because:

• Uncertainty: Quantum computer availability is unknown (the most advanced research on them is classified).

• Interoperability: There needs to be a seamless transition to this new class of cryptography. There will be a time where crypto agility – the ability to securely and agilely choose and use different types of cryptography – will enable communication with both those who use quantum-resistant cryptography and those who don’t yet.

3. Inventory your data assets to see which ones need to be re-encrypted with quantum-resistance cryptographic algorithms. Some data is so valuable that it has a long shelflife (decades) and must be protected from those adversaries who would steal your encrypted data now and “break” it with quantum computers available in the future.

4. Awareness and education. Tell your colleagues what it’s all about and why they should care, making a distinction between three main topics: quantum computing (much faster computers);quantum-resistant cryptography (algorithms that need to be developed and adopted to prepare for the eventual computers); and quantum key exchange (a means to privately share information while detecting when it has been compromised).

What is the World Economic Forum doing on cybersecurity

The World Economic Forum’s Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority. World Economic Forum | Centre for Cybersecurity

Our community has three key priorities:

Strengthening Global Cooperation – to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.

Understanding Future Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.

Building Cyber Resilience – to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.

Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.

For more information, please contact us.

Quantum computers will be revolutionary in their speeds, so much so that they can undermine the foundation of the internet’s security. They are not simply a technical curiosity to marvel at, but a revolution that requires us to plan for their arrival ahead of time, since they can undermine internet security. We should adopt agile, integrated cybersecurity strategies now – including agile cryptography – to ensure we’re prepared for the age quantum computers will usher in.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

Coronavirus: Commission proposes a Digital Green Certificate

LUX Audience Award 2021 goes to Collective

EU launches WTO dispute against discriminatory procurement by Russian State-owned enterprises

Congrats to the #FutureofMalta: a new age of voting

Christine Lagarde: This is what we can still learn from the Great War

What the future holds for the EU – China relations?

Protect women’s rights ‘before, during and after conflict’ UN chief tells high-level Security Council debate

Is sub-Saharan Africa ready for the electric vehicle revolution?

Predatory labour taxation not an issue for the Commission

UN sounds alarm as Venezuelan refugees and migrants passes three million mark

Blockchain is becoming key for global trade – but is that a gift for hackers?

State aid: Commission expands Temporary Framework to further support micro, small and start-up companies and incentivise private investments

Delivering masks across borders: EU Single Market protecting citizens’ health

Eurozone again whipped by Greek winds

The world invested almost $2 trillion in energy last year. These 3 charts show where it went

It is me

On the detention of children in the United States of America

Yemen: UN envoy asks Security Council for more support ‘to move back’ to the negotiating table

Lithuania finds the ways to maintain its energy security

What is hydroponics – and is it the future of farming?

What will it take for the world’s third-largest economy to empower women?

Brazil identifies a clear pathway for aligning its transfer pricing framework with the OECD standard

How the EU sees its own and Russia’s role in Ukraine

Reasons to hope and reasons to keep perspective on a vaccine

MEPs and European Youth Forum call on EU to Invest in Youth

Why it’s good to turn your colleagues into friends

The historical performance of women in human health

Is it too soon to hope for a tobacco free Romania?

Negative inflation hits Eurozone, ECB to print and distribute one trillion euro earlier than expected

How COVID-19 has affected our sleep

The patient, the doctor, the students and the overcrowded room

The circular economy transition is a multi-million opportunity for Africa – here’s why

Coronavirus: following Commission’s call, platforms remove millions of misleading ads

Trump goes ahead with plan to undo globalization; targets China and EU

Women to save Europe’s own labour resources

UN gender agency hails record-breaking number of women in new US Congress as ‘historic victory’

EU consumer rules: Airbnb cooperates with European Commission and EU consumer authorities improving the way it presents offers

What would happen if we removed cars from cities?

Mental health and suicide prevention

European Parliament speaks out against “killer robots”

Boeing WTO case: The EU puts in place countermeasures against U.S. exports

UN chief ‘alarmed’ by violations of UN-backed ceasefire in Libya

A Sting Exclusive: “Europe needs decisive progress for stronger cybersecurity”, EU Commissioner Gabriel highlights from Brussels

Why growth is now a one way road for Eurozone

Team Europe: EU provides €100 million to Mozambique for education, health and social protection

Turkey presents a new strategy for EU accession but foreign policy could be the lucky card

THE ROAD TO GANESHA

Country origin ‘best predictor of outcome’ for children with cancer, UN experts say

A new tidal energy project just hit a major milestone in Scotland

Some 300,000 Venezuelan children in Colombia need humanitarian assistance; UNICEF looks to boost response funding

French full-body veil ban, violated women’s freedom of religion: UN Human Rights Committee

UNESCO lists wrestling, reggae and raiho-shin rituals as global treasures to be preserved

Are the G20 leaders ready to curb corporate tax-avoidance?

Manufacturing reimagined: from improved productivity to profitable growth

Poland: €676 million worth of EU investments in better rails and roads

UN launches innovative programme to detect and disrupt terrorist travel

To realise the full potential of AI, we must regulate it differently

Coronavirus Global Response: WHO and Commission launch the Facilitation Council to strengthen global collaboration

6 surprising side effects of this year’s global heatwave

More efforts needed to boost trust in business and finance

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s