Artificial Intelligence | Big Data | Cybersecurity/Trust | Emerging Trends | Infrastructure
March 28, 2017

Quantum computing: New threats require new security approaches

By Frederic Werner

Artificial Intelligence (AI) is becoming smarter, faster, and more humanlike thanks to the inevitable rise of quantum computing.

“While today’s computers can find patterns buried in vast amounts of existing data, quantum computers will deliver solutions where data may be incomplete or patterns cannot be seen because the number of exploration paths to get to the answer are too enormous ever to be processed by classical computers. Thus, quantum computers may be used to solve complex problems in medicine, discovering new materials, or optimizing logistics problems whilst minimizing our carbon footprint,” says Neil Sahota, Business Development Leader for IBM Watson.

However, quantum computing will pose new risks. Using the properties of subatomic particles to process and store information, quantum computers will be able to quickly break current methods of encryption by specifically cracking the key generation algorithms. That means any data that is currently stored is already vulnerable to future quantum hackers.

Everything from credit card numbers, bank accounts, health files, tax records, corporate data and top-secret messages are all vulnerable to future hackers using quantum computers. Future networked cars and other devices that are connected to the Internet of Things and receive over-the-air software updates will also be vulnerable to quantum hackers.

‘Harvest and decrypt’

How quickly will quantum computing become available? Google and NASA already have working prototypes with the D‑Wave 2000 and IBM has a new cloud-based quantum computer that anyone can sign up to use. There is now a consensus among some of the biggest players in technology, including Google, Amazon and Microsoft, that quantum computers will be a commercial reality by 2026.

Although the mainstream use of this type of computing power is still many years away, telecoms operators are already implementing new quantum encryption algorithms to safeguard against the future.

In a process called “harvest and decrypt,” certain organizations are collecting vast amounts of encrypted information today and stashing it in data centers, waiting for the day when quantum computers can break it all open.

“You can use the old, secret information to predict future plans and the thinking is: capture now, decrypt later,” said Jaya Baloo, KPN’s Chief Information Security officer as she presented a keynote on the risks of quantum computing at the ITU Global Standards Symposium.

“As an industry we’ve only got five years to get a solution in place, get technology that is tested and accepted and start upgrading all of our critical infrastructure so it will be quantum safe,” said Baloo.

Quantum security solutions

So what can be done against this distant but real threat? The most common quantum-based encryption utilizes a technology called quantum key distribution, which can be implemented on existing fiber-optic connections. Companies with global infrastructure will need four to five years to plan for and deploy quantum-resistant software that protects their data. This is something that KPN’s Jaya Baloo has already been preparing for. KPN has just implemented a quantum-encrypted connection between its datacenters in Rotterdam and The Hague. KPN will also work on implementing longer encryption keys and post-quantum encryption methods.

Other telecoms providers and equipment vendors have launched similar pilots. The Republic of Korea’s SK Telecom announced that it is running five quantum-enabled encryption tests across the country. Huawei recently launched a quantum technology research group that focuses on quantum key distribution and plans on including this technology as an optional add-on to its standard telecommunication products. Huawei is also working on a field demonstration with BT of a prototype of its quantum key distribution system, to take place in the fall of 2017. Subsequent demonstrations with Telefonica and Deutsche Telecom are also being considered.

Telecoms providers are not the only ones worried about data security in a post-quantum world. The US National Institute of Standards and Technology issued a report that called on institutions to implement ’quantum-resistant’ encryption algorithms to protect their data as research around quantum computing accelerates. The European Commission announced it will release €1bn to support quantum technology research across the European Union called ’Flagship’. Last year, the National Security Agency (NSA) in the United States said it would transition its computers to quantum-resistant algorithms “in the not too distant future.”

The future of quantum computing presents a catch-22.

Quantum computing is likely to power future AI systems and holds enormous promise, but it could also be very dangerous in the wrong hands. While not everyone is ready to embark on a quantum cryptography journey, there are some steps that one can take to prepare for the future.

Frederic Werner
Senior Communication Officer, ITU, Telecommunication Standardization Bureau.
  • Was this article Helpful ?
  • yes   no
© International Telecommunication Union 1865-2017 All Rights Reserved.
ITU is the United Nations' specialized agency for information and communication technology. Any opinions expressed and statistics presented by third parties do not necessarily reflect the views of ITU.