The huge leap in computing performance from quantum computing poses a threat to traditional security, but there are steps you can take to guard against the quantum future

Quantum computing still sounds like the realm of science fiction. The promise is that quantum computing can perform calculations over a hundred million times quicker than the fastest current supercomputer. This will have hugely positive implications for solving the big problems in science.

But it has a darker side effect: encryption that would have taken thousands of years to crack with conventional computers could be dispatched in a matter of minutes â€“ or even seconds. The implication today is that adversaries are currently able to hoover up and store data, which they can attack with a quantum computer in years to come. Some commercial and personal data will remain sensitive far into the future. So, it’s worth future-proofing data to withstand quantum computing attacks.

## How quantum computing works

The increased performance of quantum computing compared to existing ‘Von Neumann’ machines is such a massive leap that one could easily be forgiven for not believing it’s real. But the speed is a by-product of how quantum computing works, which is markedly different. Traditional computer chips are still based around the computing concept devised by John Von Neumann and published in 1945. In this system, each operation is performed sequentially, by being read from the input device, worked on logically, and then output again back to storage.

Even massively parallel supercomputers function in this way. If they are performing thousands of operations at the same time, each one is still executed sequentially by the CPU core. GPUs are simpler than CPUs, but they contain sequential units too, albeit with much greater parallelisation of lots more units. Traditional computing also works with bits, which have two states – usually represented as 0 and 1. The input will be one state, and after operation the output will be the same or the other state. As problems get more complex, with more possibilities to calculate, breaking these into individual sequential calculations can mean they go well beyond the capabilities of current architectures.

This is not how quantum computers work. Rather than containing lots of individual computing cores to run sequential operations on single bits in parallel, a quantum computer works on the probability of an objectâ€™s state before it is measured. Known as a qubit, these states are undefined properties of an object prior to detection, such as the polarisation of a photon or spin of an electron. Because these quantum states donâ€™t have a clear position before measurement, they mix many different possible positions at once, rather than just two.

However, despite being undefined until measured, these mixed states can be ‘entangled’ with those of other objects in a mathematically related way. By applying the mathematics of this entanglement to an algorithm, complex problems can be solved in essentially one operation. On the one hand, this can be used for very difficult science such as predicting multiple particle interactions in a chemical reaction or creating security codes that are much more difficult to break than current ones. But conversely, they can also be used to crack existing codes that would have been impossible to breach with current computer technology, because they can run through lots of possible solutions at once.

Putting this in perspective, a conventional computer would take around 300 trillion years â€“ 22,000 times the age of the universe â€“ to crack the ubiquitous 2,048-bit RSA encryption. But a quantum computer with 4,099 qubits would require just 10 seconds, using Shorâ€™s Algorithm, which is designed to find the prime factors of an integer used in encryption keys. Itâ€™s clear that there is a danger looming for many forms of cryptography. For example, the ubiquitous SSL and TLS used for encrypting web connections employ 2,048-bit RSA keys and would therefore be vulnerable to being breached by a quantum computer.

## How fast are current quantum computers?

The good news is that we were not at this stage just yet. While 4,099 qubits donâ€™t sound like a lot when we now have 64-core processors executing more than 3 billion operations per second per core, itâ€™s still more than the most potent current quantum computer. IBMâ€™s Eagle, unveiled at the end of 2021, only has 127 qubits. Googleâ€™s Sycamore only has 53 qubits, the University of Science and Technology of Chinaâ€™s Jiuzhang has 76 cubits, and most quantum processors (QPUs) have fewer than 50 qubits. There are â€˜quantum annealingâ€™ processors from D-Wave with up to 5,760 qubits, but these require a limited set of possible outcomes, and canâ€™t run the Shorâ€™s Algorithm required to break encryption.

Development is moving forward, however. Xanadu plans to launch a 216-qubit QPU called Borealis in 2022, and IBM aims to hit 433 qubits in 2022 with Osprey, followed by 1,121 qubits with Condor in 2023. So while traditional encryption remains safe for now, it will not be the case for much longer. IBMâ€™s roadmap, for example, is aiming for 4,158 qubits by 2025, making it likely that cracking 2,048-bit RSA virtually in real time will be possible before 2030, which is the final year when NIST originally reckoned it would still be secure. You may not be able to go out and buy a quantum computing desktop computer by 2030 â€“ D-Waveâ€™s first commercially available quantum computer cost $15 million when it shipped in 2017. Prices will fall, but it is only likely to be large companies and countries that have QPUs for years to come. However, not all those countries will have our best interests at heart, so the danger is looming.

## Hardening cyber security against quantum computing

Fortunately, there is time to get ready for the threat; for example, by using security products based on post-quantum cryptography. These products can protect your sensitive data today and future-proof it against attacks from quantum computers.

Current encryption algorithms use either integer factorisation, discrete logarithms, or elliptic-curve discrete logarithms, all of which Shorâ€™s Algorithm can defeat using a quantum computer. Post-quantum cryptography switches to alternative approaches that are not vulnerable to quantum computing. Research is still in its infancy based around six primary methods, but there are already products appearing that employ the technology. One example isÂ QST-VPN, based on the OpenVPN library but with post-quantum secure algorithms protecting user data. The server software is provided via the AWS cloud, with clients for Windows, MacOS and a wide range of Linux distributions, and offers an opportunity for businesses to begin bolstering their security now, rather than after the quantum horse has bolted.

Quantum computing has massive potential to revolutionise how fast we can perform calculations. Like every new technological development, this has both good and bad implications. But now that we know whatâ€™s in store for cyber security â€“ in the not-too-distant future â€“ we can at least prepare, so that the beneficial potential of quantum computing prevails over the more nefarious possibilities.