Cybersecurity experts and national leaders are preparing for Q-Day, the day when quantum computers will finally render conventional cyber protections obsolete, stripping away the protections that have until now made e-commerce possible.
Quantum computing is a technological marvel, using the principles of quantum physics to increase the speed of some computational tasks by up to a million times faster than conventional computers. But these devices are simultaneously the greatest digital threat of the 21st century. These incredibly powerful computers will soon be capable of employing Shor’s algorithm to render the complex equations that underpin conventional cryptography obsolete.
How Will Q-Day Impact Cybersecurity?
Experts fear the approaching day when quantum computing will be capable of rapidly decrypting sensitive data, a major tactical threat to institutions that rely on secrecy and privacy to operate effectively. This will enable bad actors to breach billions of encrypted records and result in a loss of public confidence in internet and e-commerce security.
Just as concerning, bad actors are strategically harvesting encrypted data today to be decrypted once suitably powerful quantum computers, called Cryptographically Relevant Quantum Computers (CRQC), become available; commonly known as the Harvest Now Decrypt Later (HNDL) attack. This attack will expose the billions of records already harvested and those that continue to be harvested in anticipation of Q-Day.
Cybersecurity experts are already focused on the HNDL threat. A recent survey found over 50% of IT professionals are concerned that cyber criminals are currently harvesting data to be decrypted once quantum computers become widely available.
The fight against CRQCs is being led by the US Government’s National Institute of Standards and Technology (NIST), which has relied heavily on private-public partnerships to produce new algorithms and cybersecurity approaches suitable for the quantum era. As a result of NIST’s leadership, private-sector companies are investing heavily in quantum computing: McKinsey estimates that investors have sunk more than $2.35 billion into quantum start-ups in 2022 alone.
National governments are putting even more money into this emerging technology, with the United States investing $1.8 billion and China spending more than $15.3 billion in its quantum computing sector. Both countries view quantum computing as an engine for economic growth, and as technology with immense national security implications.
Post-Quantum Cryptography: Provisional Measures
In response to the emerging quantum threat, the U.S. federal government charged NIST with selecting post-quantum cryptography (PQC) algorithms to safeguard data from the quantum attacks of tomorrow. NIST announced the PQC challenge in 2016, and the first group of winners on July 5, 2022:
- CRYSTALS-Kyber – General Encryption
- CRYSTALS-Dilithium – Digital Signatures
- FALCON – Digital Signatures
- SPHINCS+ – Digital Signatures
PQC is a critical provisional measure to the quantum threat, but it requires a defensive crypto-agility posture to rapidly replace individual PQC algorithms as they are broken.
On the other hand, quantum key distribution (QKD) is touted as the most secure solution against future CRQCs. However, despite the benefits of QKD, the National Security Agency states that it is only a partial solution. That’s because it is prohibitively expensive and would require a complete restructuring of existing IT infrastructure to implement securely, a huge task. QKD is a future solution that cannot be built with existing technology.
High costs and implementation challenges necessitate a cost-effective alternative that offers the same level of security provided by QKD, but without the drawbacks. QD5 heeded that call.
The QUANTUM DEFEN5E Approach
QUANTUM DEFEN5E (QD5) understands the immense gravity of this challenge and implemented a truly secure encryption methodology into the QD5 Unified Cybersecurity Platform. The company figured out how to scale the same encryption technique used in QKD, through a commercially viable approach that can protect organizations of all sizes.
The firm’s quantum security solution is made possible by using the One-Time Pad (OTP) encryption methodology, which has long been used by diplomatic, military and intelligence communities to transmit sensitive information.
QD5’s implementation of our secure encryption technique allows organizations to achieve perfect secrecy at the same cost as conventional cybersecurity, while employing existing IT infrastructure. This is a critical long-term solution to the quantum computing threat.
The QD5 platform offers the same protections as QKD but without the entanglements; the complexity, high cost, and delay in implementation associated with QKD. The QD5 approach is commercially viable and provably safe. It can be scaled to accommodate institutions of every size and seamlessly deployed into existing information technology (IT) and operational technology (OT) systems.
In Summary
The QD5 Unified Cybersecurity Platform provides institutions with information sovereignty over data in-transit by shielding data from HNDL and today’s cyber-attacks, as well as from emerging threats represented by advanced AI and quantum computing.
