Quantum computing relies on two key concepts of quantum mechanics: overlay and entanglement.
The overlay allows a qubit, the quantum equivalent of a bit, to exist simultaneously in multiple states, unlike traditional bits limited to a single state (0 or 1).
Entanglement creates links between qubits, even at a distance, a feature not found in conventional computing where bits are independent. Quantum computers have much greater computing potential than traditional computers because of these properties. This technological advance could quickly become a social, economic and military threat.
The concerns
The main concern of security agencies including the National Security Agency (NSA) in the United States is that a nation with the computing power of quantum computers could decipher encryption algorithms currently used to protect our communications, including financial transactions and military and strategic information exchanges. Quantum computers have the potential to break these encryption algorithms.
Conventional encryption systems, such as RSA and ECC, use the complexity of factoring large numbers into prime numbers. This operation takes an infinitely long time for a conventional computer to perform. However, a quantum computer could potentially factor these large numbers quickly.
In theory, if a sufficiently powerful and stable quantum computer were built, Shor’s algorithm could break most public key cryptography systems currently used to secure communications over the Internet by factoring their public keys very quickly.
Gil Herrera, the NSA Director of Research, told a U.S. Senate committee on March 11 that no country has a quantum computer that he would consider useful — yet. He said there are a lot of teams around the world that are innovating with different quantum technologies. While unlikely in the short term, someone could make an extremely unexpected breakthrough with profound and dangerous security consequences.
We would all be in trouble if this technology were in the wrong hands.
A real race for quantum weapons
The race for quantum domination to break encryption algorithms parallelled the nuclear arms race during the Second World War. Just as possessing nuclear weapons has given a decisive strategic advantage to the nations that hold them, so mastering quantum computing will offer a considerable advantage to the country that succeeds in developing it first.
The ability to break current encryption systems could redefine the balance of power, allowing a nation to decipher the secure communications of its adversaries and protect its own from intrusions. Therefore, the race for quantum domination is a battle for strategic advantage in security and intelligence, just as the race for nuclear weapons was.
China is determined to win the race for quantum domination. China has positioned itself as a leader in quantum research since the launch of the world’s first quantum satellite, Micius, in 2016. The satellite allowed the distribution of quantum keys over long distances for the first time, paving the way for inviolable global communications.
With significant investment, China and the United States are the main competitors in this high-stakes race. In addition to significant advances in quantum communications, China has also demonstrated advanced capabilities in some quantum computing areas.
In December 2020, the Chinese quantum computer Jiuzhang calculated in 200 seconds what would have taken 2.5 billion years from a conventional supercomputer.
Despite this progress, China is still catching up with the United States in developing quantum computing capabilities. However, China is ahead in quantum communications and has the most quantum technology patents.
China’s advances could allow it to break modern encryption protocols, accelerate machine learning research and win the race to quantum domination.
What is the future of encryption in our communications
Efforts have been made to develop post-quantum cryptography to address this imminent threat. The aim is to develop secure cryptographic systems against quantum and conventional computers. In July 2022, the National Institute of Standards and Technology (NIST) announced the first four quantum-resistant cryptographic algorithms.
Unfortunately, some of the post-quantum algorithms selected by NIST have already been broken. For example, the SIKE algorithm, which had reached the fourth round of the NIST competition, was broken using a conventional computer. In addition, the CRYSTALS-Kyber public encryption mechanism, recommended by NIST for post-quantum cryptography, was also broken by using artificial intelligence.
However, you should note that these breaches do not necessarily mean that all post-quantum algorithms are vulnerable. NIST continues to work on standardizing post-quantum cryptography and plans to announce new quantum-resistant algorithms (Cloud Security Alliance, 2023).
Harvest now, decrypt later
The concept of Harvest Now, Decrypt Later (HN-DL) represents a major challenge for financial institutions and national security. This strategy involves collecting and storing currently tamper-proof encrypted data until it is later decrypted using quantum computers. For financial institutions, this means that today’s secure transactions could be exposed tomorrow, jeopardizing the confidentiality of customer data and the stability of financial markets.
In national security terms, encrypted and supposedly protected government and military communications could be decoded, compromising sensitive and strategic information. This risk underlines the importance for these institutions to prepare for the transition to post-quantum cryptography systems capable of withstanding the capabilities of future quantum computers.
It is also quite possible that criminal organizations may store encrypted data they have been able to exfiltrate for future use. This investment could be profitable in the long run since the storage cost is relatively low.
In conclusion, while the quantum computing perspective poses a worrying threat to cybersecurity, it also stimulates innovation in this area. Whether this threat will materialize in 2 years, 10 years or never, remains open. Given the strategic importance of being able to compromise communications security, we will likely only discover such a capability at the last moment or too late.