The field of quantum computing is still in its early stages, but the technology will be impacting many industries much sooner than most people realize. Quantum computers are able to process much larger data sets and perform much more complex computations than even the world’s most powerful supercomputers relying on classical computing. They can solve problems previously considered impossible due to their complexity – and they do it almost instantaneously. When Google developed its first quantum computer in 2019, the machine was able to solve a calculation in just over 3 minutes that would have taken the world’s fastest supercomputer at the time 10,000 years to solve.
With such tremendous computing power, quantum computers are able to identify patterns and relationships in massive volumes of data. When applied to commercial sectors, this can be used for a wide variety of purposes, from streamlining the global logistics supply chain, to helping medical researchers bring life-saving pharmaceuticals to market faster, to building better predictive models for forecasting complex problems like climate change. Experts estimate that within a decade, quantum computing will be able to accelerate solutions to a range of problems in numerous industries.
However, not everything that quantum computing ushers in will be positive. It also poses significant, negative impacts to cybersecurity – specifically to the encryption methods everyone uses today to protect sensitive data.
To better understand how quantum computing will impact cybersecurity, and what organizations can do to become more cyber resilient in a post-quantum world, we spoke with Miruna Rosca, cryptography researcher on Bitdefender’s Cryptography and Artificial Intelligence team. Miruna is one of many experts within Bitdefender researching cutting-edge computing technologies to help us and our customers stay one step ahead of the trends that will be influencing cybersecurity in the near future.
What is quantum computing and how will it impact cybersecurity?
Miruna: Quantum computing is a special type of computing based on the principles of quantum mechanics, which outperforms classical computing for many tasks. At a global level, there is a tremendous effort underway by both research institutions and private sector companies to develop hardware suitable for quantum computing. As quantum computing becomes more prevalent, it will dramatically change the way cybersecurity attacks are carried out, as well as how we respond to attacks.
How will quantum computing affect cybersecurity?
Miruna: One of the most immediate impacts quantum computing will have on cybersecurity is in the cryptography realm. Currently, almost all sensitive communications and data shared over the internet or to the cloud is encrypted using what’s known as public key encryption. It is, by far, the most common form of internet encryption used today. The underlying public key infrastructure (PKI) is built into every web browser in use today to secure traffic across the public internet. Public key encryption is also used by most organizations to secure their internal communications, data, and access to connected devices.
With their superior computational power, quantum computers will be able to break (or decrypt) public key encryption almost instantly, without needing access to the decryption key. In other words, an adversarial nation-state or cybercriminal gang with access to quantum computing capabilities could access any and all communications and data encrypted using PKI. It’s easy to imagine the damage that could be done if a nefarious group like that used this capability to access sensitive information from organizations or government agencies involved in critical infrastructure, national security or other important sectors.
To prevent this from happening, I and others are involved in an area of research called post-quantum cryptography, which is dedicated to developing new approaches to encryption that could replace today’s methods and remain secure in the quantum computing age.
What can organizations do to remain cyber resilient in the age of quantum computing?
Miruna: One thing they can do now is begin preparing to move to new encryption systems. The National Institute of Standards and Technology (NIST) has been working to create new standards that include encryption schemes that remain secure even in a post-quantum world. It has also published resources to aid organizations in the transition to post-quantum cryptography schemes. Organizations should begin familiarizing themselves with these proposed standards and use them as frameworks to start evaluating the resiliency of their own systems.
They should also look to adopt new encryption methods, such as homomorphic encryption. This is a form of encryption that makes it possible to perform computations on encrypted data, without having access to the data itself. Using homomorphic encryption, an organization can share its sensitive data with a third-party like a cloud service provider who would be able to run processes using the data but without actually decrypting the data or having the ability to see it. This way, organizations can still use the cloud services and applications they want, while being confident that their private data is still secure.
What would you like people to know about quantum computing and the future of cybersecurity?
Miruna: People should know that quantum computing will be here sooner than they think. It will revolutionize the speed with which large data sets can be processed and complex mathematical computations can be solved. It will enable great technological advancements, but it also poses a real threat to cybersecurity. To continue to protect the private data of people and organizations alike, we must all move to new encryption models, and we must do it quickly.
Learn more about the impact of quantum computing on cybersecurity.
This is the second in a four-part series on the Cybersecurity Heroes who power Bitdefender and our market-leading solutions and services. You can read the first blog in our series here.