Nilesh Dhande

# Quantum Computing's Crystal Ball: Unravelling Threats and PQC Shield

**Introduction**

In the realm of technology, we humans are constantly pushing the boundaries of what is possible. One such frontier that has been gaining momentum is quantum computing. Unlike classical computers that rely on bits to represent data as either 0 or 1, quantum computers use quantum bits or qubits, which can exist in multiple states simultaneously. This revolutionary technology promises tremendous computational power, tackling complex problems that were once deemed unsolvable. However, quantum computing also brings forth potential threats to cybersecurity. In this blog, we will explore the implications of quantum computing threats and the significance of Post-Quantum Cryptography (PQC) in safeguarding our digital future.

**What the heck is a ****quantum computer****?**

We are familiar with ZEROs and ONEs and that the bit can exist in either of the states at any given point in time. But, QuBits can exist in multiple states simultaneously is a little counterintuitive.

**Let's look at an interesting experiment: "****Schrödinger's Cat - The Thought Experiment".**

Imagine a sealed box containing a cat, a vial of poison, a radioactive atom, and a Geiger counter (a device that detects radioactivity). The setup is designed in such a way that if the Geiger counter detects radiation from the radioactive atom, it will release the poison, and the cat will be killed.

Now, in classical physics, we know that the cat must be either alive or dead inside the box, regardless of whether we observe it or not. However, in the realm of quantum mechanics, things get more intriguing.

**Enter Quantum Superposition**

In the quantum world, the particle can exist in multiple states simultaneously which means that the atom is radioactive and non-radioactive at the same time, which means the Geiger counter is also at both the states which in term means the cat is dead, and alive at the same time till someone opens the box and observe.

**The act of observation**

The moment we open the box and observe the cat, the qubit collapses into one of its possible states: either 0 (alive) or 1 (dead). This phenomenon is known as wave function collapse, and it's a fundamental aspect of quantum mechanics.

Before observation, the qubit was in a probabilistic state, existing in a combination of possibilities. However, the act of observation forces the qubit to "choose" one state over the other, and we see either a live cat or a dead cat, not both.

This example emphasizes the unique and mind-bending nature of quantum mechanics, which forms the foundation of quantum computing, a cutting-edge technology with the potential to revolutionize computing and solve problems that were once deemed impossible.

**The humongous power of quantum computer**

We used to use 32-bit machines earlier and nowadays all of us are using 64-bit machines which are theoretically double powerful since one can perform 64-bit operations in parallel. Say we have 64 Qubit of quantum-computer it can represent a specific quantum state that can be expressed as a combination of 2^64 (or 18,446,744,073,709,551,616) classical bits. This means a 64-qubit quantum computer can simultaneously process an exponentially large amount of information compared to classical computers.

To give you an idea of the magnitude of 2^64, it is approximately 18.4 quintillion, which is an astronomical number. This vast computational power is what makes quantum computers potentially capable of solving certain complex problems much faster than classical computers.

It's important to note that the number of qubits alone does not necessarily determine the overall computational power of a quantum computer. Other factors, such as qubit quality, error rates, and quantum error correction, play crucial roles in the effectiveness of quantum computation. As quantum technologies progress, larger and more reliable quantum computers will be developed, bringing us closer to fully realizing the potential of quantum computing. (*for interested readers - ** A brief history of quantum computers*).

**Quantum Computing Threats to Cryptography**

Quantum computing poses significant threats to classical cryptographic systems that are widely used today to secure our digital communication, data, and transactions. The main threat comes from a specific quantum algorithm called Shor's algorithm, which has the potential to break certain widely-used cryptographic schemes. Let's explore some of the key threats:

1. Factoring Large Numbers:

Many cryptographic algorithms, such as RSA (Rivest-Shamir-Adleman), rely on the difficulty of factoring large numbers into their prime factors. Classical computers struggle with large numbers, and this forms the basis of RSA's security. However, Shor's algorithm, when executed on a large enough quantum computer, can efficiently factorize large numbers, rendering RSA vulnerable. As a result, the security of encrypted data and digital signatures using RSA would be compromised.

2. Discrete Logarithm Problem:

Cryptographic schemes based on the discrete logarithm problem (e.g., Diffie-Hellman key exchange and Digital Signature Algorithm) are also threatened by quantum computing. Quantum computers can use Shor's algorithm to solve the discrete logarithm problem efficiently, which would undermine the security of these cryptographic systems.

3. Elliptic Curve Cryptography (ECC):

ECC is widely used for key exchange and digital signatures due to its relatively smaller key sizes and equivalent security compared to RSA. However, quantum computers can break ECC using Shor's algorithm as well, leading to the compromise of encrypted communication and digital signatures.

4. Impact on Digital Signatures:

Digital signatures are essential for ensuring the authenticity and integrity of digital messages and transactions. Quantum computers, if sufficiently powerful, could forge digital signatures by breaking the underlying cryptographic algorithms. This would enable attackers to impersonate others and carry out fraudulent activities.

5. Retroactive Cryptanalysis:

Even if encrypted data is collected and stored today, a future quantum computer could potentially decrypt it retroactively once the system is built and deployed. This is a serious concern for data protection and privacy, as sensitive information that was previously thought to be secure could become exposed.

**Why should we worry right now?**

Even though quantum computers with the power to attack today's cryptography "may" *(**Chinese researchers claim to find way to break encryption using quantum computers - *__link__*)* not exist today, there are rapid advancements in the quantum computing field. "Harvest now, attack later" is the worry point as discussed in point 5 above where the attackers might harvest the data right now and attack when its feasible.

**So, how should enterprises prepare for the quantum future?**

**Awareness and Education:**Governments, organizations, and individuals must be aware of the potential threats that quantum computing poses to traditional cryptographic systems. Initiatives to educate the public about the importance of PQC and the urgency of transitioning to quantum-resistant algorithms are essential.**Identity, Prioritize, and Act:**Identify the critical digital assets, prioritize which assets must be secure against the threat, and start preparing with post-quantum security technologies.**Employ PQC:**Post-Quantum Cryptography (PQC) is the field of cryptography where algorithms are safe from quantum computing attacks.**Migration Strategies:**Organizations need to devise migration strategies to transition from current cryptographic systems to quantum-safe alternatives seamlessly. This process may involve updating software, hardware, and infrastructure.

**Fortytwo Labs** has built a quantum-safe digital trust platform based on its post-quantum cryptographic algorithms. The platform is being used by Defense, Banking and ITeS companies in a variety of use cases including password-free digital identity, multi-factor authentication, secure messaging, securing data, privacy & consent.

**Conclusion:**

Quantum computing has the potential to revolutionize various fields, but it also presents serious threats to classical cryptographic systems that protect our digital infrastructure. Shor's algorithm, with its ability to efficiently solve certain mathematical problems that underlie classical cryptographic schemes, is the main cause for concern. To ensure data security and privacy in the era of quantum computing, the development and adoption of quantum-resistant cryptographic systems, known as Post-Quantum Cryptography, are crucial.