Is Quantum Computing a Cyber Security Threat?

Quantum computing will speed up computing and unlock rich potential soon. Experts haven’t yet estimated the impact of such disruption on cyber security fully. But some areas of concern, where quantum computing already threatens cyber security, are already focal points for researchers and other cyber security experts.

1. Threat to existing algorithms

Quantum computing will break RSA encryption.

The ability of quantum computing to break hitherto impenetrable encryption keys erodes the trust in certificate authorities, digital signatures, and encrypted messages. It also strikes at the heart of the $4 trillion-plus eCommerce industry.

Classical RSA digital ciphers use complex mathematical formulas to convert data into encrypted messages. An attacker must try all keys to identify the key that decrypts the data. Doing so using the world’s fastest supercomputer will take trillions of years! The impossibility of cracking the algorithm within a reasonable time frame ensures the integrity of RSA.

The hyper-efficiency and speed enabled by quantum computing will allow solving algorithms, including RSA algorithms, faster. A quantum computer with 4,000 error-free qubits could crack RSA encryption keys in seconds. Technology has not reached the stage yet, though. Today, decoding the RSA key in seconds would require 1 million noisy qubits. The world’s largest quantum computer in existence has less than 100 qubits. Also, the current quantum computers are too error-prone to crack any meaningful encryption codes. But it is only a few years before the technology sorts itself out and goes mainstream. IBM and Google have road maps to achieve one million qubits by 2030.

Two quantum algorithms, Shor’s algorithm and Grover’s algorithm, are already working overtime to break down the complex RSA algorithms.

2. More destructive disguised attacks

Quantum computing will make it easy for hackers to masquerade powerful attacks.

Hackers today use machine learning techniques to deploy deadly malware. Quantum computing will allow these hackers to up their game. For instance, hackers could leverage it to analyse datasets and launch sophisticated attacks on multiple networks and devices. Security experts estimate that by 2030, quantum-based code-breaking tools will have 100,000 times more processing power than the tools available in 2022.

Incumbent security tools detect malicious traffic based on signature scanning and behaviour scanning. Quantum computing allows attackers to display different behaviours and signatures every time.

Technological advancements will soon make quantum computing available and affordable in “as-a-service” mode. Hackers, including state-sponsored actors, will soon be able to access quantum solutions such as simulators, resource estimation tools, and qubit architectures, using such open resources.

3. The scraping threat

The risk posed by quantum computing goes far beyond perishable sensitive data. A more significant threat is the vulnerability of information that must remain secret. Examples of such data include national security-level data, banking data, and data covered under privacy acts.

But even if the disruptions are some years away, nefarious actors have started scraping sensitive data with an eye on the future. Enterprising cybercriminals steal data and hold onto it. They await the day they have access to quantum computing solutions to decrypt it.

4. Increasing the cost of cyber-security

The risks posed by quantum computing will increase the costs and resources needed for cyber defence.

The cost to train deep models for Machine Learning based cyber defence grows as data volumes and complexity increase. The environmental costs of cyber security also increase. For instance, open AI’s GPT-3 used as much carbon as an average American citizen uses in seventeen years.

Quantum machines could, however, create more time- and energy-efficient machine learning algorithms.

The immediate solutions

Enterprises cannot afford to relax, thinking the quantum computing threats are still some years away. Quantum computing will be here sooner than people think.

As immediate responses, enterprises need to:

  • Deploy state-of-the-art tools such as Tanium for immediate remediation of network threats. Tools such as Tanium search for arbitrary heuristics and indicators of compromise. It offers contextual responses to attacks in seconds.
  • Implement stronger encryption. For instance, enterprises using 256-bit could upgrade to 512-bit keys. This will increase the time for hackers to break encryption. But such tinkering will only buy some additional time before quantum computing advances.

The long road ahead

Leveraging quantum computing to strengthen cyber defences will require concentrated efforts from governments, universities, industry, and the broader technology ecosystem.

Some of the broader initiatives to prep up the cyber defence in the wake of quantum computing advances include:

  • The United States’ National Quantum Initiative Act that incorporates educational initiatives funding.
  • Open-source communities such as IBM Qiskit
  • The European Commission’s consortium, set up in June 2021, aims to use quantum to secure critical infrastructure and government communications.
  • The U.S. National Institute of Standards and Technology, which is evaluating 69 new “post-quantum cryptography” methods. The organization expects to release a draft standard by 2024. Quantum computing will affect a significant change in the encryption business model, where hashing algorithms get replaced every four to five years.

Researchers are already developing new encryption methods capable of resisting quantum code-breaking efforts. The technology that shows the most promise is lattice-based cryptography. This enables fully homomorphic encryption (FHE). Here, data resides inside complex algebraic structures that are very difficult to solve. Users may perform calculations on a file without seeing the data, pre-empting hackers from accessing the data. Two potential use cases include

  • Analyzing credit scores without decrypting credit card data
  • Sharing medical records without revealing patient identity.

Developing quantum-safe cryptography solutions requires years of research and involves several stakeholders. It becomes necessary to improve existing cryptographic methods now.

Side-by-side, white hat hackers white hat hackers will be in demand from businesses and governments desperate to detect weaknesses in their systems . As quantum computing goes mainstream, white hat hackers with training in quantum computing can identify security loopholes quickly and make proactive fixes. Threat hunting tools such as Tanium is a valuable arsenal for their purpose. 

Cyber security is always evolving. While risks abound, quantum computing could also benefit cyber security. Enterprises have to become more agile to dodge the quantum computing challenges. They also need to harness the technology to improve cyber security, and turn the tables on cyber attackers.

Tags:
Email
Twitter
LinkedIn
Skype
XING
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.