The rise of quantum computing is sure to bring new risks, but it also provides an opportunity for greater security.
The computational power promised by quantum computing may be what brings machine learning, artificial intelligence and nanotechnology into the mainstream. It is also being closely watched by government and industry security experts for its potential to both crack existing encryption algorithms and give birth to the next generation of computer security.
Although encryption-defeating potential of quantum computing has gotten more attention, the lead security officer at the National Nuclear Security Administration sees a real opportunity for greater security.
NNSA CIO and Chief Information Security Officer Wayne Jones wrote in an Oct. 26 blog post that quantum computing and big-data analytics offer greater leverage against growing cyberthreats.
"Quantum and exascale computing will fundamentally impact computing capabilities across science and information security," he wrote. "It will allow us to exchange information and respond to cyberthreats at an incredible rate. The advances happening in big-data analytics provide us with new ways to assemble, break down and understand data."
Jones added that "never before have we been able to move with the combined speed and accuracy that these fields are bringing to the table. It’s an exciting time to work in the cyber field."
Quantum computing uses quantum mechanics to analyze data instead of the binary techniques used by modern computers. The new capability can analyze data at far greater speeds than traditional computers, potentially opening broad new horizons for cryptography.
Experts have predicted that quantum computing will bring great risk to an already risky cybersecurity environment because encryption algorithms that today are effectively uncrackable could not withstand quantum computers' processing power. They say new defenses must be developed to get ahead of the looming risk.
At the end of April, the National Institute of Standards and Technology kicked off an effort to develop quantum-resistant cryptography. Crypto-breaking quantum computers might not arrive for another 20 years, but it took almost that long to deploy the public key cryptographic infrastructure we have now, NIST said. It will take a significant effort to ensure a smooth path from what we have now to “post-quantum cryptography,” and that effort has to start now.
Michele Mosca, co-founder of the Institute for Quantum Computing at the University of Waterloo in Ontario, Canada, agrees. In a September report for the Global Risk Institute, he estimates that there is a one-in-seven chance some of the fundamental public-key cryptography tools that undergird today's cybersecurity protections will be broken by 2026. By 2031, he predicted, the odds would be 50-50, essentially rendering those tools useless.
Although quantum computing is still developing, some advances -- such as China's recently launched quantum satellite communications platform -- are already setting the stage for a new cybersecurity world, Mosca said in recently published papers.
"Although the quantum attacks are not happening yet, critical decisions need to be taken today in order to be able to respond to these threats in the future, and organizations are already being differentiated by how well they can articulate their readiness," he wrote.
Editor's note: This article was changed Nov. 17 to correct the year when Mosca said public-key cryptography tools would be broken. It's 2031, not 2013.
NEXT STORY: Making identity federated, portable and trusted