Editor’s note: The ISACA China Hong Kong Chapter hosted a recent webinar on the topic “Quantum Threat: Risks and Response.” The event, moderated by Michael Yung, strategic advisor, Google Cloud, featured panelists Andrew Cheung, president/CEO, 01 Communique Laboratory Inc., Samuel Sinn, partner, digital transformation advisory services, PwC China and Hong Kong, William Gee, advisor, innovation and digitalisation, PwC China and Hong Kong, and Welland Chu, alliance director, Thales. The webinar included more than 130 online and onsite participants from a variety of backgrounds, including government officials, regulators, large corporates, and more. Below is a summary of the insights shared from the panel:
Michael: Quantum computing promises to change the world through many groundbreaking applications. At the same time when the world is already grappling with cybersecurity issues daily, such as data breaches, ransomware and more, will the arrival of quantum computers make matters worse?
With the focus on the quantum threat, our expert panel will share with us their views as well as how we shall respond to this threat. We will discuss the following topics:
- What is quantum computing?
- Implications to today’s cybersecurity practices and why these matter?
- Who is most at risk and how can we implement Post-Quantum Cryptography (PQC) in the real world?
- What can corporate leaders do today to mitigate the risks and what solutions are available now?
What is quantum computing?
Samuel: Classical computers are fundamentally based on the on/off states of switches called bits, while quantum computing is based on the nature of quantum entanglement and superposition. In simple terms, quantum computers allow on/off at the same time so that it is behaving like having millions of classical computers working in parallel to collectively solve the same problem.
Alongside any huge breakthrough in technology brings new risk: Quantum computing, with its unique powers, will render today’s encryption technologies obsolete. Since these encryption technologies formed the security bedrock of all digital activities today, our day-to-day functions such as financial transactions, money transfers, data protection, etc., would be impacted.
There is no 100 percent secure encryption in the world; we consider an encryption algorithm “safe” if the time required to break it is longer than the average lifespan of a human. With quantum computing, many of the encryption algorithms we rely on today would become unsafe overnight.
Andrew: Today’s encryption is based on prime number factorization, which is easy one way but extremely difficult in reverse. It just takes milliseconds to multiply two very large 250-digit prime numbers to give a very large semi-prime number, but it will take over 150 years to do the reverse to brute force all the combinations. In the last 40-plus years, the strategy to keep ahead of advances in computation power is simply to extend the key size. The emergence of quantum computing made this approach ineffective: regardless of the key size, quantum computers can reduce the time to crack certain encryption algorithms from hundreds of years to merely seconds.
Implications and why we should care now
Welland: In 2019 Google reported that its 53-qubit Sycamore processor had completed in 3.3 minutes a task that would have taken a traditional supercomputer at least 2.5 days. In 2021, IBM announced Eagle, a 127 qubits processor, and that by 2023 a quantum processor with >1,000 qubits would be available. Major technology providers like Microsoft and Amazon have also started to offer quantum computers and simulators on their cloud services platforms. The global enterprise quantum computing market is estimated to grow at a CAGR >33%, reflecting the resources that are being directed into this field.
William: The race to “quantum supremacy” will significantly compress the development timeframe of quantum computers, and the availability of quantum computing capability in the cloud will not only further advance developments but also mean that bad actors could also easily access this technology. While there is still debate over when “Q-Day” will arrive, this is becoming less relevant when increasingly hackers adopt a “grab and wait” strategy by simply stealing the data first and decrypting once they can get hold of the cracking tools.
Who is most at risk and how we should implement PQC?
William: Asymmetric cryptographic systems are most at risk, implying that today’s public key infrastructure that form the basis of almost all of our security infrastructure would be compromised. That being said, the level of risk may be different depending on the data to be protected – for instance, a life insurance policy that will be valid for many years to come; a smart city that is built for our next generation. Similarly, the financial system, both centralized and decentralized, may have different vulnerabilities. For this reason, post-quantum security should be addressed as part of an organization’s overall cybersecurity strategy. It is of such importance that both the C-suite and the board should pay attention.
While blockchain-based infrastructures are still considered safe, being largely hash-based, transactions are digitally signed using traditional encryption technologies such as elliptic curve and therefore could be quantum-vulnerable at the end points. Blockchain with quantum-safe features will no doubt gain more traction as NFTs, metaverse and crypto-assets continue to mature.
Finally, the unique features of quantum computers is such that one would not use these for tasks such as word processing, thus implying that classical computers and quantum computers will likely co-exist for some time, making it even more important for everyone to address this quantum threat.
Welland: Companies and experts in the cybersecurity space have joined forces to combat this imminent threat. One aspect to note is the time needed to standardize cryptography in a global context: many of our audience may still remember the duration and effort taken to migrate 3DES to AES two decades ago!
It may be decades before the community replaces most of the vulnerable public-key systems currently in use today with new post-quantum cryptography. In the cybersecurity world, we should establish a robust set of preventive controls from enhancing awareness to taking a range of precautionary, detective and corrective measures so as to minimize the impact of the quantum threat.
What can be done today and what solutions are available?
Andrew: Many international organizations such as The National Institute of Standards and Technology (NIST); European Telecommunication Standards Institute (ETSI); PQCrypto; SAFEcrypto; and CREST Crypto-Math have been taking actions to find and recommend the next generation of cryptographic systems that are safe against quantum computers.
NIST started in 2016 with five categories of technology and a total of 82 candidates. Earlier in July, NIST announced the first four candidate algorithms that have been selected for standardization and four additional algorithms will continue into the next round. The final announcement of NIST PQC standard will likely to be in 2024.
It is important to note that the single most important factor on the robustness of an encryption method is how long it has been time-tested without a cracking theory because all encryption algorithms are safe until such a cracking theory is discovered.
Given the pace of technological advancement, going forward, “crypto-agility” – the ability of an organization to change cryptographic algorithms quickly to adapt to evolving security landscape – will be critical. A handful of forward-thinking companies have been taking meaningful actions by creating the API and solutions based on the remaining candidates of NIST. This means, on day 0 when NIST announces the final recommendations, there will be a solution that companies can use the next day, rather than having to wait another few years for the tools to be developed.
Final thoughts
Andrew: There are quantum-resistant solutions available today that comply with industry standards such as PKCS#11, OpenSSL, but are not yet openly endorsed. This is still way better than standing naked in front of the quantum threat.
Samuel: Business leaders should address the quantum threat at the earliest opportunity. Rapid transition to new information security technologies are unrealistic as much of our infrastructure and network systems today are interconnected, often on a global level. Responding to the quantum threat will require significant infrastructural, cultural and procedural change, as well as funding on a scale that has not seen since the Y2K threat.
Welland: Stay agile and be flexible. Ensuring adequate protection for the future while complying with today’s standard is crucial for any business to keep up with compliance and regulatory requirements. There is a need to deploy applications and network equipment that are able to accommodate both pre-quantum and post-quantum cryptography at the same time, with the ability to switch swiftly to a different algorithm as the need arises.
William: Know your data and information assets that you need to protect, and take a risk-based approach to achieve a balance between cost and security. Plan ahead while remaining flexible as preparations need to be highly responsive and dynamic given the pace of technological advancement.