[By Adam Goldfeld – Technology Team Lead at Classiq]
Todayās media narrative around quantum computingās role in cybersecurity is overwhelmingly negative, because quantum computers will render todayās encryption standards redundant, leaving much of our data at risk of being decoded. While this is a genuine concern, itās one that can and is being addressed. Instead, it is now time to move beyond this basic analysis of quantum computing and focus on the positive potential of this technology to improve our privacy, security, and safety.
Cause for concern
First, itās important to understand how quantum computing will impact encryption. For decades, the RSA encryption algorithm has been the standard system used to securely transmit data. Classical computers can decrypt RSA, but it takes an astronomically long time.
In 1994, American mathematician Peter Shor developed a quantum algorithm that essentially could break RSA encryption phenomenally faster. The current quantum computers arenāt powerful enough to run Shorās algorithm, but the technology is developing at speed. Estimates vary, but a quantum computer capable of running the algorithm could be ready in 10 yearsā time ā if not sooner.
Given that time frame, most forms of encrypted data and communications, such as emails or plans for a near-term project, can still safely use RSA. But data today that will still be relevant in a decade or more ā think financial records, medical records, or government data ā are less secure. Criminal actors or hostile nations could harvest and download encrypted files now with the intention of decrypting them later once the technology is ready.
Financial institutions, large organizations, and governments are rightly concerned about the vulnerability of RSA, but many are already taking steps to address this issue by assessing and changing their encryption protocols. For example, the US administration last year ordered government agencies to audit their systems to identify which are using RSA and set a timeline for transitioning to quantum-resistant cryptography. Meanwhile, there has already been extensive work by researchers to develop quantum-safe encryption standards ā some of which will be based on quantum technology. The US National Institute of Standards and Technology (NIST) has announced the first four Quantum-Resistant Cryptographic Algorithms and is planning to announce additional four algorithms in the future.
It’s important, therefore, to take a step back and realize that while quantum technology may undermine RSA-based security, quantum will also play a big role in creating new security standards that will improve how we communicate, make transactions, and go about our daily lives.
A new era of security
Quantum-based encryption is already in development. These protocols will allow people to communicate more securely, as it will be much harder for bad actors to collect or intercept data using these quantum communication protocols.
For instance, quantum key distribution will allow two communicating users to tell whether a third party has tried to eavesdrop or tamper with a transmission. This system of key distribution relies on a fundamental aspect of quantum mechanics: that trying to measure a quantum system will disturb that system. Someone trying to obtain a key in order to observe the data packet will introduce detectable anomalies, allowing the rightful owner or recipient to put a quick stop to the transmission if needed.
Similarly, quantum technology will enable true random number generation. Random number generators (RNGs) are used in security protocols to create encryption and decryption keys and things like one-time passwords. However, todayās RNGs still follow some form of code, meaning that patterns could be detected over a large enough dataset. If this code is cracked, a bad actor could access a data file or an account.
However, the numbers derived from a quantum-powered RNG can be generated entirely randomly, meaning there is no way to discern what it will come up with. This true randomness will make it much harder to decipher, identify, or steal encrypted information, meaning companies that adopt quantum RNG can vastly improve the security of data transfers and communications.
Taking AI/ML to the next level
The greatest potential for quantum computing security applications is within artificial intelligence and machine learning (AI/ML).
There is already a huge scope for AI/ML in security. By feeding large datasets to machine-learning models, AI can be created that can assess and identify potential threats, whether thatās fraudulent behavior, suspicious transactions, or emails containing harmful malware. The issue today is that there is simply too much data for classical computers to process in a reasonable timeframe, limiting how much data can be fed into an AI/ML model and, thus how āsmartā it can be or how accurate the results it produces will be.
But the speed advantage offered by quantum computing means that a quantum computer can take all that data, create connections, and feed those connections to an ML model, which a classical computer will still be able to run and operate. Quantum computing will allow you to create those models much more quickly and be more confident in the resulting algorithm. Alternatively, there is a possibility for AI/ML models to run entirely on the quantum computer, enhancing classification and regression capabilities.
SuchĀ AI/ML models will be much more accurate at neutralizing cybersecurity threats, such as by spotting phishing emails in an inbox or identifying suspicious user behavior perhaps caused by someone logging into a system using stolen credentials.
Thinking beyond cybersecurity, using quantum computing to improve AI/ML models has applications in many industries. For instance, it can improve the object-orientation algorithms needed for autonomous driving features, making roads safer. Similarly, quantum machines could process and analyze large amounts of CCTV or police bodycam footage recorded every day to identify criminal activity.
Meanwhile, the finance industry could benefit in multiple ways. More advanced ML algorithms could be used to improve credit risk analysis as well as for financial fraud detection. Also, high-frequency trading algorithms used by financial institutions have been connected to flash crashes in the stock market when these automated trading bots make errors; improving these algorithms through quantum data processing should limit these errors, adding stability to financial markets, as well as helping financial institutions generate more profit.
Then there is national security. As mentioned, quantum encryption is a key development, enabling governments to better protect communications and state secrets, but thereās also an exciting area of research called quantum metrology: the use of quantum computing in radar technology. Improving the ability to detect things in greater detail that otherwise may go unnoticed could provide key intel and early warning of potential threats, such as fighter jets, missiles or drones. Applying quantum-powered algorithms to analyze satellite imagery could also provide key battlefield intelligence in real-time, such as troop movements or the placement of defenses.
Ultimately, these are just a few ways that quantum computing provides opportunities for creating a safer, more secure world. By using quantum machines to process more information, at a faster pace, organizations will have the ability to create vastly more sophisticated AI. They can rely less heavily on heuristics or intelligent guesses and instead make more informed choices. While sufficiently powerful quantum computers are still some years away, there are exciting opportunities ahead.