Have you watched the scene in Avengers: Infinity War in which Dr. Strange traverses through the multiverse within seconds to find all the possibilities of defeating Thanos? It took him just a few moments to visualize what others would take quite a long time. That’s quite similar to what quantum computing will do to the world of cybersecurity. In no time, quantum computers will be able to decipher encryptions that humans or even traditional AI systems would take hundreds of years. And in a flash, our secure fortress protecting our data may shatter like glass. How is the world bracing for the disruption that is destined to knock our door sooner than we can imagine?

Why is Quantum Computing different?

Since childhood, we must have studied that computing machines understand only binary language. It is a game of 0s and 1s that computers play to do everything that we ask them to. These 0s and 1s are called bits and are the basis of the functionality of traditional computers. However, quantum computing takes this notch above by using qubits.

Qubits can exist in multiple states other than just 0s and 1s, owing to a phenomenon called superposition.

It is basically like a state between 0 and 1, which means a state where you cannot decide whether the bit is 0 or 1, but potentially both until you look at what the state is. Or in simpler terms, suppose Schrodinger is confused whether the cat inside the box is dead or alive, and therefore it is both dead and alive, until Schrodinger peeps into the box. This extra state of existence renders immense power to quantum computers to do the computing operations at supernatural speed. This feature is accompanied by entanglement.

Entanglement refers to a phenomenon where one or more qubits can be linked together, leading to changes on one qubit affecting the others, despite the distance between qubits – from nanometers to light years.

And that opens up a world of wonders for us, as computations and problem solving get accelerated so much beyond comprehension that it seems like unlocking God-level computation.

Why should cybersecurity experts be worried?

The answer is simple… encryption tools that are used today to secure data, emails, documents, and platforms stand frail before the quantum computers. Quantum computing can break through today’s encryption mechanisms like a hot knife cutting through marshmallow. Our banking and retail transactions stand defenceless before the feared onslaught of quantum computers.

What’s more concerning is the fact that hackers are stealing encrypted files and storing them safely for breaking into them once advanced quantum computers arrive. This is what we call “harvest-now-decrypt-later”.

Even the RSA and ECC algorithms, which form the basis of secure communications online, will crash like a deck of cards in the face of quantum computer-led attack. Though National Institute of Standards and technology (NIST) has finalized a set of Post-Quantum Cryptography (PQC) standards to protect data against quantum decryption, yet it is uncertain how soon companies will transition to these standards.

Can’t quantum computing help us?

Yes, it can! Quantum computing can bolster our arsenal against cybersecurity attacks. NIST has chosen four encryption tools designed to withstand the assault of quantum computers, which will also become part of NIST’s post-quantum cryptographic standard. However, the bigger and better news is the emergence of Quantum Key Distribution (QKD) which leverages the principles of quantum mechanics to exchange encryption keys devoid of any risk of an eavesdropper penetrating the system. Just in case any hacker tries to intrude into the system, the quantum system will get disrupted, thereby ceasing the exchange of keys.

Don’t think that QKD will soon join the infantry of cybersecurity because its range is still limited, and scientists are striving to improve its reach.

Important to note that PQC relies on mathematical assumptions which can be invalidated by quantum computing, while QKD offers information-theoretic security that stays resilient in the face of infinite computational power. And though QKD and PQC can join hands to become an indomitable shield against cyberattacks, the concept is fraught with geopolitical and economic challenges.

QKD vs PQC – which one trumps?

PQC is more compatible with existing systems alongside posing fewer logistical challenges. Moreover, countries may not prefer implementation of QKD as its indestructible encryption can prevent surveillance by governments, which sometimes grows important from national security point of view. However, that has not stopped few countries from adopting QKD in their cybersecurity efforts. For example, European Union has been investing in satellite-based QKD systems, while China has been investing heavily in beefing up its quantum communications strategy. Not lagging behind, India has integrated QKD into its national defense strategy for safeguarding its technological sovereignty.

What’s expected Tomorrow?

Quantum computing is in its early stages, and yet accelerating at a meteoric speed in its development. And just the way soldiers can’t commence training on the day of war, cybersecurity experts can’t start reinforcing their fortress on the day quantum computing-led attacks break through the walls. It is high time that good forces of quantum computing be deployed to battle the evil forces of quantum, to keep trust intact in the digital world.