Securing our digital future against quantum threats

Why organizations must start now to secure their digital future against quantum threats

Quantum computing is quickly evolving and showing undeniable momentum, offering organizations the promise to process information and solve complex problems in ways that are simply impossible with traditional computers.

Using the principles of quantum mechanics, quantum computing is sure to revolutionize various sectors. However, ever-more performant computers like quantum computers are also facilitating progressively more sophisticated cyber threats and increasing the potential to break existing cryptographic systems.

The urgent need to anticipate the quantum threat

Cryptography ensures the confidentiality of data by scrambling it and making it unreadable to attackers. For decades, it has facilitated secure communication, storage and exchange of sensitive information and established trust between digital systems.

But as quantum computing advances, traditional cryptographic methods are becoming increasingly vulnerable, rendering current security measures obsolete. This is posing a significant threat to data security across industries including financial services, where sensitive transactions could be intercepted, and the healthcare sector, where patient data could be compromised. Classified information such as government and military data could also be at risk. The stakes are incredibly high, with potential impacts on national security and personal privacy.

Failure to address these vulnerabilities could lead to massive data breaches and heavy financial losses. The global average cost of a data breach in 2024 is $4.88 million, 10% higher over last year and the highest ever, according to IBM Security. But the potential loss is not just financial. Data breaches can lead to brand erosion and loss of public trust.?

Cyberattacks can focus on storing encrypted data now with the goal of decrypting it later with quantum computers once they are fully developed, in a “harvest now, decrypt later” threat model . Quantum computing represents a real challenge to the foundations of our cybersecurity solutions, and the need for more robust security measures is urgent.

New quantum-resistant technologies

However,? such measures do exist, and organizations can already benefit from adopting them. New innovative ways to enhance security through quantum-resistant methods leverage the principles of quantum mechanics to provide secure communication channels. Quantum key distribution (QKD) uses these principles to securely distribute encryption keys, while computer scientists are developing new cryptographic algorithms resistant to quantum attacks called post-quantum cryptography (PQC).

The Technology Innovation Institute is already working on cryptographic algorithms that are resistant to quantum attacks and has developed quantum-safe libraries in both software and hardware to combat these potential threats. These libraries provide implementations of classical as well as recent post-quantum cryptographic standards such as FIPS 203, and FIPS 204. Additionally, TII researchers are actively engaged in the process of developing quantum-resistant cryptography by submitting candidate cryptographic algorithms to NIST’s standardization effort, as well as by studying the robustness of a variety of mathematical problems supporting quantum-resistant cryptography.

Both PQC and QKD are crucial for future-proofing data security and developing a robust defense against quantum threats. These technologies ensure that even with the advent of quantum computers, data can remain secure. Importantly, PQC and QKD can run on today's classical machines. This is essential because it allows the use of today’s resources to ensure the security of data and communications, and it protects against future attacks.

The quantum cryptography market is witnessing rapid growth, and forecasted to be worth about $22.7 billion in 2033, from $1.4 billion last year. However, quantum cryptography presents infrastructure requirements that cannot be accommodated in many use cases. For most use cases, implementing PQC is an easier and more reliable solution.

The bumpy road ahead and the need for collaboration

Existing cryptographic protocols and infrastructures must be updated to support the new algorithms, ensuring that these new algorithms work across different platforms. This requires extensive testing and validation.

Developing and agreeing on global standards for PQC is also essential for widespread adoption. The National Institute of Standards and Technology (NIST) in the US has been working on developing quantum-resistant algorithms, but greater collaboration on a global basis is needed on that front.

Organizations must start developing strategies to assess their reliance on current cryptographic systems and eventually migrate to PQC. This can be challenging for those that are unaware of where and how cryptography is used in their existing technology infrastructures. It could also bring some reluctance to upgrade to more secure standards if they fear disruption to core business-critical activities.

To stay ahead of potential threats, continuous research and developments as well as investments are essential to make sure that the new algorithms are resistant to both classical and quantum attacks and that they are continuously updated and improved to address emerging threats.

Collaboration between industry, government and academia is vital. Such partnerships can drive innovation, establish strong regulations, and ensure public safety in the quantum era.?

Collaboration with research centers such as TII can be helpful to support the migration of cybersecurity practices to quantum resistant ones by providing expert advice and consultation to various stakeholders to overcome the challenges anticipated during the migration.

By working in partnerships and anticipating, organizations can successfully develop and implement effective quantum-resistant cryptographic methods to secure their digital future.