The quantum apocalypse is probably something you have not heard of before, but it is a very real concern that researchers are preparing for. At the end of December, amidst the turmoil of a particularly heavy news cycle, Google released an astonishing report. According to Google, their new quantum chip, (named “Willow”) solved a computational problem in under five minutes – a task that would have taken the world’s fastest supercomputers approximately 10 septillion years. So astonishing was this feat, that scientists actually started discussing the idea that we may be living in some kind of multiverse. The journal “Nature” even ran a story on it.
But that wasn’t the story that kept those of us in the security space up at night. A quantum superchip that can process infinitely quicker than even the fastest supercomputers on the planet poses a tremendous security risk. So much so, that some people in the community started talking about some kind of “quantum apocalypse” scenario in which everything secure could be broken.
Back to Google… this state-of-the-art chip represents a significant leap forward in quantum computing technology, showcasing unprecedented processing power and error correction capabilities. However, with great power comes great responsibility, and the cybersecurity implications of such advancements cannot be ignored.
Capabilities of the Willow Quantum Chip
The Willow Quantum Chip is equipped with 105 qubits, which are the fundamental units of quantum computation. Unlike classical bits that exist in a state of 0 or 1, qubits can exist in multiple states simultaneously due to a phenomenon known as superposition. This allows quantum computers to perform many calculations at once, greatly enhancing their processing power.
One of the most notable features of the Willow chip is its error correction capabilities. Quantum systems are highly sensitive to environmental disturbances, which can lead to high error rates. Willow addresses this challenge by employing innovative techniques that reduce error rates exponentially as more qubits are added. This breakthrough is crucial for building reliable, commercially relevant quantum systems.
Cybersecurity Concerns
While the technological advancements of the Willow Quantum Chip are impressive, they also raise significant cybersecurity concerns. Quantum computing has the potential to break the cryptographic algorithms that currently protect our digital communications and sensitive data (quantum apocalypse). Here are some key concerns that have been keeping cybersecurity researchers up at night:
- Breaking Encrypted Traffic: Quantum computers can run algorithms that can break public key encryption, which is widely used to secure online communications. This means that sensitive information, such as financial transactions and personal data, could be vulnerable to interception and decryption.
- “Harvest Now, Decrypt Later” Attacks: Malicious actors can harvest encrypted data today with the intention of decrypting it once quantum computers become more powerful. This poses a significant threat to industries such as banking, healthcare, and government.
- Signature Impersonation: Quantum computing power allows attackers to impersonate digital signatures, leading to attacks such as malware distribution and targeted phishing.
- New “Zero-Day” Vulnerabilities: The potential for yet unknown quantum algorithms to break existing cryptographic systems presents a new set of challenges for cybersecurity professionals.
Preparing for a Quantum Future
To address these concerns, organizations and governments are working on developing quantum-resistant cryptographic algorithms. The U.S. National Institute of Standards and Technology (NIST) has already released the first set of post-quantum encryption algorithm standards, and more are in the pipeline.
Is the Quantum Apocalypse Upon Us?
Time will tell, but the age of quantum seems to be rapidly speeding up. Google will not be the only player in town to get on the quantum train, and just like the world jumped on the AI bandwagon, we suspect that something similar will happen with quantum computing. This has tremendous potential for good, but also considerable concerns for security (as mentioned above).
The biggest vulnerability right now is public-key cryptography. One of the first in cybersecurity architecture is to never do the same thing when it comes to cybersecurity. Cybersecurity practices should continually change according to evolving threat applications and vulnerabilities. Nonetheless, for the last 30 plus years the US has relied on public-key cryptography to secure digital data globally. With the date looming for quantum chips to hit the market, the US is now in a race to replace a decades old standard of encryption to protect vital data.
What is Y2Q?
Those of you of a certain age may remember the dreaded Y2K scare at the end of 1999. Planes were going to fall from the sky, banks would close, utilities would shut off. It was a terrifying non-stop sensational panic that gripped the nation. Programmers were spending countless hours updating legacy code and every night, we gathered around the television in the basement as the year 2000 quickly approached.
People in the industry have coined a similar term; “Years to Quantum” (Y2Q), which refers to the unknown number of years before there are Cryptographically Relevant Quantum Computers (CRQC). Google’s Willow seems to be knocking on that door.
As quantum computing evolves and the technology for CRQC comes to reality, no single entity can pinpoint a precise date when CRQC will make an impact on the worlds IT infrastructure. Speculation ranges from five to 25 years and various organizations have developed Y2Q countdown clocks, arbitrarily specifying date ranges up to 2034, as the deadline by which the world must upgrade its IT infrastructure to meet the Y2Q threat.
Conclusion
Is the quantum apocalypse around the corner? As the world awaits Y2Q, government entities and cybersecurity managers, along with medical, telecom and bank industries are generating play books/plans and contingencies to defend against CRQC. While CRQC will pose a considerable threat to enterprises in the future, a wide variety of contingencies are emerging to develop advanced CRQC solutions to alleviate the threat.
While the full range of quantum computer applications steadily grows, it is nevertheless clear that America’s continued technological and scientific leadership will be subject to its ability to sustain a competitive advantage in quantum computing information and systems. Critical infrastructure, security protocols, internet banking in addition to military and civilian communications could be threatened.
Is the United States postured to solidify its role as a world leader in its approach to Y2Q? Time will tell…