Quantum Computing Raises As Many Problems As It Solves

New technologies bring new opportunities and new risks, and quantum computing is no exception. While companies and governments are investing billions in quantum technologies, many questions remain about usage and use cases. These include potential ethical considerations from abuse, misuse, or unintended consequences. 

Some experts have predicted that within a decade, quantum computers could be used by hackers and hostile nation-states to break existing encryption protocols. This would be a major problem for numerous Internet services, including e-commerce and other virtual financial transactions, which all rely on encryption.

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned action should  be taken to help protect networks from cyber security threats that will emerge in the advent of power of quantum computing. Now, the US National Institute of Standards and Technology (NIST) has endorsed cryptographic technologies that are thought to be resistant to attack from quantum computers. 

The privacy of online communication is currently protected by cryptography, which shields information as it travels around the Internet. It secures everything from making online purchases to accessing work email remotely. With capabilities of quantum computing growing rapidly, industry experts reckon that it will take at least another 10 years before quantum computers with very large numbers of qubits are available.

The power of quantum technologies can be used against quantum technologies, and protect our data against quantum hacking. Eindhoven University of Technology is currently setting up a unique testbed to validate this technology in several societal settings, thus paving the way for a fast and unhackable quantum Internet. 

The immense computing power of quantum is especially useful in calculations with many different outcomes: these can be done in one operation all at the same time. 

Building a fully functional quantum computer has, for many years, been one of our most engaging scientific and engineering pursuits. Quantum computers could run algorithms that could break the public key encryption we currently use. Quantum computing exploits the puzzling behavior that scientists have been observing for decades in nature's smallest particles, think atoms, photons or electrons. At this scale, the classical laws of physics ceases to apply, and instead we shift to quantum rules. 

What Makes Quantum Different?

The systems we have been using since the 1940s in various shapes and forms, laptops, smartphones, cloud servers, supercomputers, are known as classical computers. Those are based on bits, a unit of information that powers every computation that happens in the device.  

  • In a classical computer, each bit can take on either a value of one or zero to represent and transmit the information that is used to carry out computations. Using bits, developers can write programs, which are sets of instructions that are read and executed by the computer.  

Classical computers have been indispensable tools in the past few decades, but the inflexibility of bits is limiting. As an analogy, if tasked with looking for a needle in a haystack, a classical computer would have to be programmed to look through every single piece of hay straw until it reached the needle.  

  • At the heart of any quantum computer are qubits, also known as quantum bits, and which can loosely be compared to the bits that process information in classical computers. Qubits, however, have very different properties to bits, because they are made of the quantum particles found in nature, those same particles that have been obsessing scientists for many years. 

One of the properties of quantum particles that is most useful for quantum computing is known as superposition, which allows quantum particles to exist in several states at the same time. The best way to imagine superposition is to compare it to tossing a coin: instead of being heads or tails, quantum particles are the coin while it is still spinning.  

By controlling quantum particles, researchers can load them with data to create qubits, and thanks to superposition, a single qubit doesn't have to be either a one or a zero, but can be both at the same time. In other words, while a classical bit can only be heads or tails, a qubit can be, at once, heads and tails. 

This means that, when asked to solve a problem, a quantum computer can use qubits to run several calculations at once to find an answer, exploring many different avenues in parallel.  

Cyber security researchers are worried that this new type of computer, based on quantum physics rather than  standard electronics, could break most modern cryptography. The effect would be to render communications as insecure as if they weren’t encoded at all.

Quantum computing poses both opportunities and risks to the cyber security environment. The current state of research into quantum technologies and their applications is still at an early stage, offering only a partial understanding of how and when to prepare for future quantum computing. While quantum computers powerful enough to undermine current crypto-graphic defences are a decade away or more, experience has shown that it will likely take an equivalent amount of time to transition to quantum-resistant approaches to cryptography.

The magnitude of the threat and the persistence of encrypted information has spurred public and private sector efforts to develop quantum-resistant algorithms and prepare for adoption.

While researchers don't understand everything about the quantum world, what they do know is that quantum particles hold immense potential, in particular, to hold and process large amounts of information. Successfully bringing those particles under control in a quantum computer could trigger an explosion of compute power that would phenomenally advance innovation in many fields that require complex calculations, like drug discovery, climate modelling, financial optimisation or logistics. “For all the dramatic advances offered by quantum computing, it could create a huge threat to the security of our data,” Terry Halvorsen, IBM’s general manager for client and solutions development in the Federal and Public market. “It offers the powerful potential to break certain types of cryptography that safeguards many critical communications.”

The quantum computers that exist today are not capable of breaking any commonly used encryption methods, however, the quantum computing age is coming and with it a serious threat to encrypted communications.

The technology is still at an early stage and will take several decades before it reaches maturity, which allows a window of opportunity to develop IT infrastructures to be prepared for a quantum future. Taking autonomous driving as the first use case, the researchers aim to have the world’s first quantum-secured autonomous driving car ready by next year. Idelfonso Tafur Monroy, TU/e Professor at the Electro-Optical Communication group and the Center for Quantum Materials and Technology Eindhoven (QT/e) recognises the particular threat to systems that require a lot of accurate control, such as autonomous driving. “For example, a hack could trick others into thinking your car is in a different location, slowing down, or changing direction,” he says. “It is even possible that your car is hacked and commandeered by someone external to the vehicle,” Monroy says.

To crack current encryption, a conventional computer takes longer than the age of the universe to try-out every possible solution. A quantum computer tries them all at once and cracks it in the blink of an eye. In Quantum Key Distribution (QKD), quantum properties of photons such as polarisation state and entanglement, wonders of quantum physics, are used to create cryptographic keys.

These keys can be seen as recipes that tell the recipient of some secret data what measurements of the photons are needed to properly decode and access the data. The problem, however, is that at the moment there is no existing infrastructure to determine if a QKD system is actually safe when integrated into existing telecommunication infrastructure. 

 WEF:     NIST:    Nature:    Deloitte:   I-HLS:    IBM:    ZDNet:    American Scientist:    Belfer Center:   PictetAM:

You Might Also Read: 

Quantum Sensors Have Arrived:
 

« Even Air-Gapped Computers Are Vulnerable To Attack
Many Cyber Security Experts Don’t Understand The Systems They Are Trying To Secure »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Grid32

Grid32

Grid32 provides independent computer system and physical security audit services to government and corporate clients of all sizes.

Devo Technology

Devo Technology

Devo Security Operations is a next-gen cloud SIEM that enables you to gain complete visibility, reduce noise, and focus on the threats that matter most to the business.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Industrial Internet Consortium (IIC)

Industrial Internet Consortium (IIC)

The Industrial Internet Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

Digital Intelligence

Digital Intelligence

Digital Intelligence offer a full array of products, forensic and e-discovery consulting services and training.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

Akamai Technologies

Akamai Technologies

Akamai's leading security, compute, and delivery solutions are helping global companies make life better for billions of people, billions of times a day.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Association of Azerbaijani Cyber Security Organizations (AKTA)

Association of Azerbaijani Cyber Security Organizations (AKTA)

The Association of Azerbaijani Cyber Security Organizations (AKTA) is a non-commercial organization aimed at strengthening the country's cybersecurity system.

Cyber News Live (CNL)

Cyber News Live (CNL)

Cyber News Live provide vital information and raise awareness about all things 'cyber' to ensure you stay protected in the digital world.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

InfoSecTrain

InfoSecTrain

InfoSecTrain are a leading training and consulting organization dedicated to providing top-tier IT security training and information security services to organizations and individuals across the globe

turingpoint

turingpoint

turingpoint GmbH is a tech enabled boutique consultancy. It was founded by security experts with a focus on cyber security and software solutions.