Addressing quantum cyber-threats should already be a high priority for cybersecurity professionals, according to Duncan Jones, head of cybersecurity at Quantinuum, speaking during the ISC(²) Secure Webinar ‘The Threat and Promise of Quantum Cybersecurity.’
Jones began by emphasizing the significant differences between quantum and classical computing, both in operations and possibilities. One of the most significant of these is that while classical computers only have binary choices, 0 or 1, quantum computers are made up of ‘qubits,’ which “can have values that are combinations of 0 and 1.” This mixture is known as a ‘superposition.’
This enables calculations to be made in parallel. In addition, qubits can be connected, which provides the opportunity to model aspects of nature in their entirety. This aspect offers enormous potential in fields like drug discovery, where testing could be simulated rather than requiring lengthy and expensive trials.
Jones added that many companies operating in this space are developing different types of computers. “It’s unlikely that one technology will emerge as the best answer in every situation. I think in the years ahead, we’ll have different types of quantum computers for different purposes,” he stated.
However, quantum also poses significant dangers in cyberspace. In particular, in the next 10-15 years, it is expected to be able to break existing cryptography algorithms such as RSA, Elliptic curve cryptography and Diffie–Hellman key exchange. For example, quantum algorithms like Shor’s algorithm (1994) will ultimately solve the complexities of such systems.
This threat is not imminent, and Jones said we are currently in the noisy intermediate-scale quantum (NISQ) era, in which the leading quantum processors do not contain enough qubits to mount such attacks. However, this will inevitably change in time, and the asymmetric realm “will be completely broken by Shor’s algorithm.”
This will impact numerous everyday systems, including public key infrastructure (PKI), HTTP/TLS, network security, payments, Internet of Things (IoT) and blockchain.
Jones emphasized that quantum does not just represent a future cyber-threat but nevertheless is very relevant today. This is the concept of ‘hack now, decrypt later.’ In this scenario, a hacker will listen in to and record an encrypted exchange today, which they can decrypt retrospectively on a quantum computer in the future. Therefore, “perfect forward secrecy doesn’t help you here because the attacker can see all the messages that were exchanged, and a quantum computer will be able to break the mathematics protecting that exchange.” This issue is particularly pertinent to data that will still be relevant in 10-15 years, such as health information. “Quantum attacks may well have already started,” noted Jones.
"Quantum attacks may well have already started"
He also highlighted the huge dangers quantum attacks pose to IoT devices. This is because these devices have a secure boot mechanism baked into the silicon that cannot be upgraded, leaving many of these devices vulnerable to quantum attacks. “What happens if you’ve got a device in 30 years’ time that has an elliptic curve-based secure boot mechanism in the field?” he asked.
Despite these concerns, Jones emphasized that there are actions security teams can take now to secure their systems against the threat of quantum. He highlighted the National Institute of Standards and Technology (NIST)’s ongoing process to identify new algorithms “that we don’t think a quantum computer can solve any better than a classical computer.” It is currently at round three, a stage that will decide the algorithms selected for standardization.
Jones added that we have been “spoilt” by algorithms like RSA, which provides both digital signatures and encryption. However, post-quantum algorithms will not be able to do both, with different algorithms required for different problems. Therefore, NIST is seeking separate algorithms for public key enabling (PKE) and digital signatures. Once round three has closed, the ‘winners’ will proceed to standardization, with the final standards set to be finalized in 2024. In addition, round four will subsequently try and identify further potential candidates.
Jones said that organizations should consider moving to a ‘hybrid mode’ regarding their cryptographic algorithms, in which a post-quantum algorithm is combined with classical algorithms. This “makes you no less secure than just using your classical algorithm, but if you chose a good candidate that turns out to be quantum-resistant, it protects you against this hack-now-decrypt-later concept.” He noted that some systems and products are already moving in this direction. Currently, this should be done in a closed eco-system in the absence of standardization.
Jones went on to discuss how security teams can migrate to post-quantum cryptography, noting “there are a lot of steps ahead of us.” He cited NIST, which believes full implementation of a new crypto standard will take a decade or more. For now, teams should be focusing on understanding the cryptography they are using, the highest-value assets in their organization and the assets most vulnerable to being recorded today and decrypted later.
He added that organizations should be communicating to their cybersecurity vendors about this issue, “asking them what their quantum-safe roadmap looks like.”
The potential cybersecurity benefits of quantum computing were also highlighted by Jones. These revolve around two main areas: quantum key distribution and quantum key generation. “In some areas of cybersecurity, we can actually throw away those complexity assumptions and instead build systems that have no complexity assumptions at all,” he said.
A number of organizations are working on developing systems based on this principle, including Quantinuum.
Concluding his presentation, Jones offered the following advice to security teams regarding addressing quantum threats:
- Understand your assets and use of cryptography
- Identify the biggest risks (sensitive data, hack now, decrypt later)
- Speak to vendors – ask them about their quantum-safe roadmap
- Create a prioritized migration plan
- Test and experiment as soon as possible