The Quantum Computing Threat
Recently, in the science journal Nature, Google claimed ‘quantum supremacy’ saying that its quantum computer is the first to perform a calculation that would be practically impossible for a classical machine. This quantum computing breakthrough brings us closer to the arrival of functional quantum systems which will have a profound effect on today’s security infrastructure. How will quantum computing affect the security of 5G technologies currently being developed and deployed?
Last spring we suggested that the emergence of quantum internet connectivity and computation, expected sometime in the next decade, poses numerous new cryptography and cybersecurity challenges for 5G security.
MIT offers an explainer on the nascent status of powerful quantum computers, how they work, and where they might provide practical value first. While quantum computers are not expected to replace classical supercomputers for most tasks and problems, they will leverage the “almost-mystical” phenomena of quantum mechanics to produce amazing advances in fields such as materials science and pharmaceuticals.
The secret sauce of quantum computing, which even Einstein called “spooky,” is the ability to generate and manipulate quantum bits of data or qubits. Certain computational tasks can be executed exponentially faster on a quantum processor using qubits, than on a classical computer with 1s and 0s. A qubit can attain a third state of superimposition of 1s and 0s simultaneously, encode data into quantum mechanical properties by “entangling” pairs of qubits, manipulate that data and perform huge complex calculations very quickly. The fundamental challenge is to build a sufficiently high capacity processor capable of running quantum algorithms in an exponentially larger computational space.
The Breadth of the Quantum Threat to Cybersecurity and 5G Security
It is anticipated that quantum computers will be capable of breaking 99% of the encryption used to protect today’s enterprises, financial systems and governments. Primarily this comes from the incredible multiple processing capabilities which enable quantum computers to use algorithm’s and mathematical formulae such as Shor’s algorithm to break down extant cryptographic protocols.
The security of hundreds of billions of dollars in e-commerce transactions is at stake. This security vulnerability also applies to data stored on a digital blockchain. Even more importantly, the integrity of communication controlling critical infrastructure cyber-physical systems could be threatened with resulting impacts potentially threatening lives, well-being and the environment. Encryption in wide use today is unbreakable only because of the massive amounts of time, measured in hundreds or thousands of years, that it would take existing supercomputers to break the underlying mathematical codes.
A May 2019 study by a Google researcher in California and one at the KTH Royal Institute of Technology in Sweden, shows that quantum technology will catch up with today’s encryption standards faster than expected and should greatly concern any public or private organization that needs to store data securely for 25 years or more.
The impending arrival of quantum code breaking capability means that nation states and their military operations, as well as business enterprises, will need to upgrade to quantum-resistant hardware and cryptography to safeguard their data before full-scale quantum computers become available.
Securing classical encryption protocols against quantum technology-equipped adversaries requires a whole new level of effort and care. At the same time, quantum devices already available can also be used to improve cybersecurity by achieving tasks such as very secure secret key expansion.
While quantum computing is likely within the next decade or so, deployment of 5G-network infrastructure is much more imminent and 5G equipment has a service life that extends well beyond the arrival of quantum computing putting 5G security at risk. Telecommunications companies now building 5G infrastructure, along with related mobile IoT systems, rail transit digitization projects, smart manufacturing processes, and smart cities, are all currently investing in technology with expected service lives measured in decades. So, all of that equipment must be quantum resistant to remain secure well into the future. The more insecurities are left in the foundational architecture of 5G the more expensive and time-consuming it will be to plug up the quantum-related security vulnerability gaps in the future.
Additionally, industrial and civic Internet of Things (IoT) networks, increasingly being connected through 5G, have exponentially larger attack vectors and will be highly vulnerable unless they are designed to be quantum safe. That means that civilian government agencies and IT and communications stakeholders need to address the risks now and upgrade to some form of quantum resistant encryption. Doug Finke, a quantum industry analyst, has warned of the need to upgrade 10-20 billion devices with quantum resistant encryption, given that most of today’s online encryption will be vulnerable to quantum enabled hacking. One example of a telco that’s proactive on post-quantum infrastructure is SKTelecom, South Korea’s largest mobile operator, which has already developed Quantum Key Distribution (QKD) technology for its 5G network. It has also partnered with Telefonica, BT, Toshiba and ID Quantique to create a global quantum key ecosystem. The fact that some of the most advanced competitors in the field such as SKTelecom have already developed such measures should be yet another serious warning sign to those who haven’t considered the issue yet.
Another challenge is that the security of historical data, and even data generated in 2019-2020 or later, could be broken retroactively whenever quantum computers power up. If somebody intercepts encrypted messages today, they could decrypt them using quantum computing down the road. In fact, unknown bad actors may be downloading encrypted data in a “harvest now, decrypt later” scheme that could compromise military weapons systems, and personally identifiable information (PII) like SSNs and personal health records. Secure private data storage is pretty cheap, so such schemes are totally realistic. Today’s harvesters in fact, could be stockpiling databases for sale in the future to the highest bidder among adversarial nation states and terrorists or other criminal organizations.
So if you are building infrastructure today, such as the 5G infrastructure, and promising secure messaging, quantum computing is another security threat to think about. You may want to consider using hybrid classical and quantum resistant encryption that would force hackers to break both types of cryptography before they could gain access to protected data.
Current Advances in Quantum Computing
These threats are becoming more real and urgent with breakthroughs happening in quantum laboratories. Recently, in the science journal Nature, Google claimed ‘quantum supremacy’ as it showed off its Sycamore chip, that can work like a quantum computer should, performing a calculation in a few minutes that it says would take the fastest classical computer 10,000 years. Google’s Alphabet CEO Sundar Pichai boasted about the multiple layers of systems engineering that required, saying “its as complicated as it gets from an engineering perspective.” He’s excited about being ‘only one creative algorithm away’ as the Nature paper describes it, from valuable near term applications that will help us understand the chemistry and physics of nature better by simulating molecules and molecular processes. Potential uses cases include designing better batteries, more effective medicines and responses to climate change.
IBM, which has its own 53-qubit processor, disputed Google’s claim of quantum supremacy and asserts that a simulation of the task performed by Google can actually be done in 2.5 days on a classical computer such as the one at Oak Ridge National Laboratories in Tennessee, so technically that threshold of ‘supremacy’ has not yet been reached. IBM didn’t actually run simulations, but based its own estimate on a theoretical model. Irrespective of these claims from IBM, the practical reality is that lowering the time needed for a supercomputer from 2.5 days to a few minutes or hours doesn’t change the cryptographical security issue – it merely limits its scope to bigger and more important targets.
A computer science professor at the University of Texas, Austin published an editorial in the New York Times on October 30th explaining quantum supremacy, and characterizing the Google demonstration as ‘a critical milestone’ on the path to quantum computing.
The search giant’s progress in quantum computing is undeniable even though practical uses of it at this point may be limited to verifying randomness of numbers for crypto keys. IBM agrees that “building quantum systems is a feat of science and engineering, benchmarking them is a formidable challenge” and concedes, “Google’s experiment is an excellent demonstration of the progress in superconducting-based quantum computing.” IBM similarly predicts quantum breakthroughs that boost machine learning, simulation and optimization. These capabilities may enable design of new materials, innovative business models and transformation of global supply chains. IBM suggests that hybrid quantum-classical computer architecture will emerge to “outsource” portions of difficult problems to a quantum computer.
IBM also observes that the concept of quantum computing is inspiring a whole new generation of scientists, including physicists, engineers and computer scientists to transform information technology. It is collaborating with San Jose State University on providing students with the skills needed for high tech jobs of the future, including in quantum computing.
Meanwhile, David Poulin, co-director of the quantum information program at the Canadian Institute for Advanced Research says that Google’s recent progress “is not a technology milestone, it’s a scientific milestone.” Google’s quantum hardware researchers are talking with their company’s security experts about adapting the Sycamore experiment to create random numbers for encryption keys. They are also testing whether Sycamore-like chips might help machine-learning algorithms to generate useful virtual reality images of things like natural weather phenomena and manufacturing processes.
IBM, Intel, Google and start-ups Rigetti and in Canada, D-Wave already have developed processors with up to 53 qubits, and can envision scaling up to hundreds or thousands of qubits. But apparently it will take quantum computers with more like a million qubits to accomplish full error checking and practical usefulness. D-Wave announced last month that it will house its first Leap quantum cloud-based system outside North America in Julich, Germany to serve researchers and app developers in Europe. Chinese tech and internet firms like Alibaba Group Holding, are also ‘all-in’ on developing similar quantum machines. Meanwhile, the NEC Corp of Japan, though an early leader in quantum computing technology, long ago ceded the field to others.
What is Required for Quantum Resilience?
Currently, post quantum cryptography usually involves public key algorithms that are considered secure against quantum attack. However, the most popular public-key algorithms are vulnerable to a strong quantum computer running Shor’s algorithm to solve the mathematical problems that created the security in the first place. By contrast, symmetric cryptographic algorithms and hash functions are thought to be relatively secure against quantum attacks. Cryptography researchers are always trying to prove the equivalence of a cryptographic algorithm and a known hard math problem. These proofs are known as ‘security reductions’ and they demonstrate the difficulty of cracking the algorithm.
Let’s explore the current state of practice in quantum resilience, which includes six different techniques: hash-based, code-based, lattice based, multivariate, supersingular elliptic curve isogeny and symmetric keys.
The downside of hash-based systems is that for any hash-based public key, there’s a limit on the number of signatures that can be signed using the corresponding set of private keys. They are meant either for one-time use or ‘bounded in time’ signatures. However, universal one-way hash function (UOWHF) hashing can be used for an unlimited time. The Post Quantum Cryptography Study Group (PQCSG), sponsored by the European Commission recommended use of the Merkle signature scheme for quantum protection, according to Wikipedia. NIST is expected to certify quantum safe hash-based algorithms before the end of this year.
Next, code-based systems rely on error-correcting codes, in which only the legal user who knows the algebraic structure of the code can remove those errors and recover ‘cleartext’. The PQCSG recommended the code-based McEliece public key encryption (PKC) system for long-term protection against quantum attacks, according to Wikipedia.
Lattice-based PKCs is a promising field of research. Actually, it is the most well understood and longest studied family of hard math problems. It has been studied since early 1800s providing lots of insights about what could and could not be achieved with lattices. Because of that and the versatility of cryptographic schemes lattices allow us to build, this field is the most promising for development of quantum-resilient cryptography. The PQCSG proposed one variant of a lattice-based encryption scheme in particular, the Stehle–Steinfeld variant of NTRU, to be studied for standardization.
Several scholarly articles on supersingular elliptic curve isogeny cryptography are available. This technique relies on mathematical graphs of curves to create a quantum resistant key exchange that can serve as a replacement for the key exchange methods in widespread use today. It offers forward secrecy, which is viewed as helpful in blocking mass government surveillance, and to prevent compromise of long-term keys. Chinese researchers have led the way on this approach.
Multivariate public-key cryptography takes advantage of the difficulty of solving multivariate equations, and systems such as one called “Rainbow” could lead to a quantum secure digital signature.
Finally, symmetric secret-key cryptography or QKD, is a system that uses the same key to encrypt and decrypt data. All parties involved have to know the key to be able to communicate securely – that is, decrypt encrypted messages to read them and encrypt messages to send. Given large enough key sizes, some of today’s symmetric key cryptographic systems are resistant to attack by a quantum computer. The firms currently offering QKD systems are: ID Quantique (Geneva), MagicQ Technologies (New York), Quintessence Labs (Australia) and SeQureNet (Paris).
Inside Quantum Technology, which recently hosted a conference at the Hague in the Netherlands, will be hosting another conference bringing together quantum researchers and businesses in New York City on April 2-3, 2020. If you are interested in this field, you should consider attending.
What Governments are Doing and/or Should be Doing to Address the Quantum Threat
Identifying the right approaches to network security in a post quantum world will require leadership from governments and extensive and sustained collaboration among commercial and public sector enterprises, including major research universities and nationals labs. Critical infrastructure such as transportation systems, power grids and smart cities must be designed to be quantum safe. The upcoming most critical of critical infrastructures – the 5G infrastructure – should as well. All levels of governments should come to terms with this 21st Century reality.
The U.S. National Institute of Standards and Technology (NIST) aims to come up with post quantum cryptographic standards by 2022, and this year it’s judging second-round candidates for the best hash-based quantum resistant algorithms. It is considering two categories of algorithms: those establishing keys that allow two parties who don’t know each other to agree on a shared secret, and those involving digital signatures that verify the authenticity of data. The process has been described as competitive, but NIST is also encouraging cooperation among participants.
In Canada the National CyberSecurity Strategy: Canada’s Vision for Security and Prosperity emphasizes the need to prepare for increasingly sophisticated threats to the IT systems that both critical infrastructure and government rely on to support economic prosperity and public services. It mentions the risk of aforementioned malfeasance in data storage of encrypted data for later quantum-enabled decryption. It also promotes investment in commercialization of practical QKD, including satellites and ground stations as well as software, applications and related up skilling of cybersecurity personnel.
The Canadian government put out a bulletin in May 2019 to help its IT security authorities understand the risks associated with the quantum threat. It mandates they undergo quantum risk assessment that covers reliance on asymmetric public key cryptography, and current and future creation, management, handling and storage of classified information with medium or long-term lifespans.
Quantum safe encryption and innovation in the military should be a priority of all major national governments. Quantum devices could reduce military dependence on space-based satellite systems for critical position, timing and navigation in GPS-denied environments. The Pentagon’s Mike Griffin, Under Secretary of Defense for Research & Engineering, testified before the U.S. Congress earlier this year that that there’s “justifiable optimism that quantum clocks, magnetometers and inertial navigation sensors could be available in just a few years.” The Defense Department’s work with the National Science Foundation, the intelligence community and others is focused mainly on deployment of quantum clocks and development of sensors.
The U.S. Naval Research Laboratory announced in June that it developed a new technique that squeezes quantum dots to emit single precision photons (particles of light) and tune the wavelength of the quantum dots. This technique could accelerate the development of quantum information technologies for computation, communications and sensing, including ‘neuromorphic’ brain-inspired computing based on a network of tiny lasers.
The Challenge of China
As a leader in the development of quantum computing for military applications, China is raising the risk of a global quantum arms race. It launched the world’s first quantum satellite as part of a “megaproject” in 2016, thereby positioning a key building block for a secure quantum communications network. The U.S. Defense Department sees recent Chinese advances in military spending and technology, including quantum communications and computing, as a distinct threat to national security. Improved detection of stealth weaponry and submarine navigation are among the more specific concerns. This competition in the quantum field represents another major global technology race running in parallel to the global technology race around terrestrial commercial 5G networks.
A Pentagon official recently gave a speech at the Center for Strategic and International Studies in Washington in which he warned that China’s plan for quantum technology, including standards setting, has implications for U.S. national security. He urged greater USG cooperation with its allies and more investment in R&D on quantum computing, along with other new technologies.
A significant theme in Europe, meanwhile, is that all groups, including research institutions, academia, industry, other enterprises and policy makers should work together to bring quantum technologies from the lab to the market. The so-called Quantum Flagship of Europe is striving to make it a dynamic and attractive region for innovative research, business and investment in quantum technologies.
Quantum Security Conclusion
Advances in quantum technology are accelerating currently, though the field of scientific study dates back to the late 1990s. Along with exciting new capabilities that will serve humanity in general, quantum computing also ushers in an era of expanded risks to businesses trying to protect their commercial data, and to governments trying to protect their civilian databases and military secrets. Quantum hacking threats will drive a whole new level of digital IT security measures, including post-quantum encryption, authentication and data hygiene among those who are smart and proactive enough to embrace them.
Those who haven’t yet considered the issue or haven’t planned out their path to quantum-proof cryptographic protocols implementation may find themselves caught with their proverbial pants down. They might be forced to undertake immense, expensive, difficult and perhaps unsuccessful efforts to limit their exposure to mainstream quantum computing capacity. For those working with programs and architecture which will be foundational and last many years in their service of technological infrastructure such as the 5G networks, or critical infrastructure cyber-physical systems, have to be more aware of the issue than almost any others in the technology field for they will have the most to lose and have the most difficult time in limiting their exposure once quantum computing arrives.
Marin Ivezic
For over 30 years, Marin Ivezic has been protecting critical infrastructure and financial services against cyber, financial crime and regulatory risks posed by complex and emerging technologies.
He held multiple interim CISO and technology leadership roles in Global 2000 companies.