Quantum computing is advancing rapidly from being a physics problem to an engineering challenge that could revolutionize technology for the benefit of mankind, but also potentially pose a significant threat to data security. For decades, hackers have persisted in the pursuit of valuable data, typically encrypted, with Shor’s algorithm (a computing method that can solve complex math problems related to factoring large numbers, which has important applications in encryption and security). This level of encryption through classical computing methods can tire and ultimately thwart those with malicious intent however, quantum computing has the potential to dramatically change the game.
The reality of the quantum threat
Current hardware limitations represent a thorn in the side of advancing quantum capabilities and a prime factor in sowing doubt about the potential for quantum computers to compromise public-key encryption. While experts disagree on the timeline for quantum computers to achieve the qubit counts and stability necessary to threaten public-key encryption, it is clear that companies need to prepare for the possibility of a quantum-enabled cyberattack.
A recent study found that to break RSA-2048 encryption a machine with more than 13,000 qubits would need to remain in a stable quantum state for more than 170 days, which is far beyond current hardware limitations. However, technological advancements — such as IBM's Condor, which is projected to have 1,121 physical qubits — are increasing the potential computing power of quantum computers.
Preparing for a cyberattack
Scientists are also exploring ways to harness greater power from quantum computers to address a range of challenges, from more efficient electric vehicle batteries to optimizing financial portfolios to the sourcing of rare minerals. Each innovation increases the risk of a quantum computing-enabled cyberattack — “day zero”. The threat has a particularly sharp focus on data protected by public key encryption, both at rest and in transit.
As significant breakthroughs become more frequent and pronounced, and expectations continue to change, companies in turn need to understand what’s likely to come and take proactive measures to ensure data security. It paramount that this is now regardless of predication or opinion.
Additional contributors Kais Ben Halim and Sara Cotsakis