Checking in on Quantum Computing

• Progress in quantum computing has been rapid in recent years.  
• This has raised questions about cybersecurity, especially in light of researchers breaking the RSA algorithm using quantum computing 
• But framework is being put in place to fend off bad actors and, at present, the “good” is ahead of the “bad”. 
• Read on for more on the emergence of quantum computing and what it means for cybersecurity and beyond… 

This post originally appeared on Robert’s LinkedIn here.

Nearly four years ago, I wrote in an article predicting that quantum computers will be able to outplay online security mechanisms that are currently unbreakable – it’s just a matter of time. I was therefore intrigued to read that researchers now did exactly that apparently: break the RSA algorithm with a quantum computer. RSA powers that majority of online encryption today, and a machine being able to break this foundation would be a fundamental change to the way the Internet works, not to mention our lives. Imagine that any data protected with a password could be accessed by anyone with access to such a tool. Your data, the data of businesses or Governments – in the hands of a hostile actor, it would be the end of the world as we know it.

There’s no reason to be overly alarmed yet. The published paper is not peer-reviewed and largely theoretical. It is therefore disputed in scientific and academic circles, and there is scepticism how much of it is politically motivated. But what it does show is how quickly the technology is progressing. In 2018, some forecasted the end of Quantum Computing. One year later – just before I wrote my article – IBM launched the 20-qubit IBM Q System One – at the time the first “universal approximate quantum computing system installed outside of a research lab”.

“In 2021, the most powerful machine worked with 127 qubits. And at the end of 2022, with around 450. The speed of progress is undeniably clear.”

What does this mean for cybersecurity? I still stand by my thoughts from 2019. With the emergence of any new technology, actors will always try to exploit them for good as well as bad intentions. By the time quantum computers are actually capable of breaking conventional encryption algorithms, the very same technology will offer quantum-powered encryption. NIST has already provided the framework for quantum-resistant cryptography. With this, one quantum machine will fend off another one.

Also: Is a criminally minded entity able to get their hands on a computer with sufficient qubits? At this point, it is not likely. Ownership is privileged as quantum machines are huge, super-expensive and rare. Even if you wanted to, you cannot buy them anonymously on the dark web. What this means is that, at least for a while, “the good side” is ahead of “the bad side”. In modern cybersecurity it’s usually it’s the other way round: legitimate organisations are playing catch up with cybercriminals.

From this perspective, the RSA story is good for cybersecurity and quantum computing alike. Both are evolving technologies, and evolution of one accelerates development of the other. A lot of conversations around quantum computing are still hype-focussed and theoretical, but new use cases are emerging. For now, the focus is often on cybersecurity – but soon it will start going beyond. It’s just a matter of time.