Why start now to protect ourselves from the quantum threat?

Although today communications, data and transactions on the Internet are protected by encryption systems that are based on mathematical problems too complex for traditional computers, it is anticipated that the advance of quantum computers could threaten cryptographic security as we know it today.

A sufficiently advanced quantum computer could solve the mathematical problems behind current encryption and authentication systems in a much shorter time using quantum algorithms, such as Shor’s algorithm, which allows public key cryptographic systems, Elliptic Curve Cryptography (ECC) Rivest, Shamir and Adelman (RSA), to be breached and threaten the confidentiality and security of data.

Much of the digital security infrastructure in use today would be vulnerable to computer attacks of this type. Although the risk of attacks at this level is not imminent as there are no quantum computers capable of executing the algorithms needed to break the asymmetric cryptography we use today, work has begun on developing post-quantum cryptography, designed to be resistant to this type of threat.

What kind of information would be exposed in the event of a quantum attack?

1. Financial transactions: cryptography is used by banking and financial systems to secure money transfers, online payments and credit card transactions. A quantum attack could decrypt these communications, exposing sensitive financial data.
2. Personal data and passwords: personal information (passwords, contact information or private documents) stored in email accounts, social networks, cloud storage services and other online services could be breached.
3. Corporate and industrial data: many companies and organizations protect their trade secrets, patents and sensitive data through encryption.
4. Government and military information: national security relies heavily on cryptography to protect sensitive communications, military operations and classified data.
5. Blockchain and cryptocurrencies: cryptocurrencies, and blockchain technology in general, make use of cryptography to protect transactions and ensure data integrity. A quantum attack could allow transactions to be falsified or records to be altered.

In short, any information that relies on conventional public key cryptographic systems, such as RSA or ECC, is at risk from a quantum attack, including virtually every industry that handles digital data.

Why should we start protecting ourselves now?

Recently, a team of researchers at Shanghai University has achieved a major breakthrough in the use of quantum computers, factoring numbers up to 50 bits, a record to date. Although this is significant progress in quantum computing, it is still far from posing a threat to the RSA encryption that protects our data, as this uses much larger keys of 2048 bits or more.

This study underscores the future potential of quantum computers, but also highlights the enormous distance still to go before they can crack current security systems. It is therefore vital to start implementing encryption technologies that are resistant to quantum attacks, in anticipation of the advances that are yet to come.

This risk, although future, is real and potentially devastating for the security of global data and communications. Moreover, it should be noted that even if quantum attacks are not imminent, data could be intercepted now to be decrypted later, when quantum computing is more advanced.

Some of the reasons why we have to start protecting ourselves from the quantum threat now are:

1. Long data lifespan: financial data, trade secrets or government information encrypted and stored today could be decrypted when quantum computers are more advanced.
2. Long transition time: the process of implementing new forms of resilient quantum cryptography could take years, as it will require not only the development of secure algorithms, but also adapting them to millions of systems, networks, applications and devices.
3. Malicious actors’ advantage: Those who get a head start in the field of quantum computing will have the potential for significant attacks. Protecting ourselves in advance can prevent important data from falling into the wrong hands.

What can we do to protect ourselves from the quantum threat?

One solution is to implement post-quantum cryptography. This new form of cryptography, which is resistant to quantum attacks, is being researched and developed, and there are already standards published by institutions such as NIST (US National Institute of Standards and Technology).

Some measures that we can already implement are:

1. Upgrade cryptographic systems: start migrating to hybrid cryptographic solutions, as this combines current methods with secure quantum algorithms under development.
2. Invest in research: support the development of post-quantum algorithms and study how to apply them to existing systems.
3. Risk assessment: companies and governments should conduct security audits to help identify the most critical data and then implement long-term protection measures.

Protecting ourselves now is crucial to ensure privacy and information security in the future, and to avoid being left behind when quantum technology reaches a tipping point.

Research in Post-Quantum Cryptography at ARQUIMEA

ARQUIMEA Research Center, the research center of the ARQUIMEA group located in the Canary Islands, has an orbital dedicated to research in the field of quantum technologies, electronics and photonics and has a research line in post-quantum cryptography with projects for the implementation of post-quantum cryptography schemes in the Internet of Thing (IoT).

In addition, all ARQUIMEA Research Center projects belong to the QCIRCLE project, which is co-financed by the European Union and aims to create a center of scientific excellence in Spain.

“Funded by the European Union. However, the views and opinions expressed are the sole responsibility of the author and do not necessarily reflect those of the European Union and neither the European Union nor the granting authority can be held responsible for them.”