Quantum computing is imminent, and enterprises need crypto agility now

Nearly 100 years ago, the first quantum revolution ushered in the technological advances that have made our modern life possible. Advances in quantum physics led to the development of the transistor, laser and atomic clock, which formed the building blocks for innovations like semiconductors, GPS, medical imaging equipment, and optical fiber communication.

Today, we are nearing the arrival of the second quantum revolution. While the first quantum revolution used principles of quantum mechanics to develop new applications, the second revolution will enable engineers to manage the quantum mechanics themselves, controlling quantum systems at an individual level. The anticipated breakthroughs in quantum computing could define the next hundred years in the same way that the first quantum revolution shaped the 20th century.

But while quantum computing will lead to advancements that we cannot yet predict, it will also undoubtedly cause challenges for enterprises and their ability to secure information and communications. Current cybersecurity practices rely on classical encryption algorithms that are vulnerable to attacks from quantum computers. As quantum technology continues to advance, the security industry must develop post-quantum cryptography tools that cannot be broken by quantum computers.

The promise and challenge of quantum computing

The second quantum revolution will exploit the most advanced and nuanced properties of quantum physics; mastering these technologies has become a top priority for leading government entities and corporations. In particular, large organizations with critical systems have recognized the importance of preparing for the security implications of quantum computing.

The second quantum revolution has the potential to render current cybersecurity practices obsolete. Harvesting today’s encrypted data for future post-quantum attacks has already started. Fortunately, there are steps organizations can take today to begin preparing for the quantum revolution and the emerging threats associated with it.

Governments, enterprises, and cybersecurity firms have spent the last five years anticipating the challenges of quantum security threats. The key technology for quantum-resistant solutions will be post-quantum cryptography, as these tools will enable businesses to practice crypto-agility and deploy algorithms that cannot be broken by quantum computers.

Race to develop quantum solutions

According to the National Institute of Standards and Technology (NIST), leading engineers predict that large quantum computers capable of breaking all existing encryption solutions could be developed within the next twenty years. To prepare for this threat, NIST initiated a plan to solicit and standardize at least one quantum-resistant public-key cryptographic algorithm.

Over the past five years, leading engineering teams have worked to develop the algorithms which will serve as the backbone for the future of cybersecurity. NIST has identified finalists (including Thales) for the standardized post-quantum cryptographic algorithm for public key encryption and digital signatures, with the winning solution(s) to be chosen in 2022.

Pursuing crypto agility

While there is never a silver bullet or guaranteed protection in cybersecurity, the challenges presented by the processing power of quantum attacks can only be addressed through crypto agility. In addition to providing vital protection against quantum hacking tools, crypto agility will enable enterprises to lay the groundwork for future threats and solutions.

Crypto agility enables businesses to take a flexible approach to deploying new algorithms, as the new solutions do not require significant alterations to system infrastructure. In the event that the original encryption fails, updated algorithms can be deployed in the same manner. In the long-term, this approach means that enterprises can keep pace with the increasing power of computing without needing to make regular changes to their infrastructure.

Quantum computing threatens to upend the concept of trust as it relates to data ownership, data processing and communication. Crypto agility will allow enterprises to ensure that only those able to access data assets are those who have been trusted to do so. With so little time until the onset of new cybersecurity threats, businesses and organizations must act now to protect their most important information.

The way forward

The second quantum revolution will represent a sea of change in cybersecurity threats and the tools used to protect our data and communications. Post-quantum technologies will play a vital role in securing data and communications in both backbone networks and at the edge. The security industry must come together and act quickly to develop solutions based on post-quantum technologies across the entire value chain and full set of use cases.

Without the industry’s recognition of this threat and support for post-quantum computing, we’re putting organizations and their critical data at risk.