For many years, the theoretical possibility of quantum computing was akin to the theoretical existence of black holes and time travel. However, the age of quantum computing is drawing ever closer.
But what is quantum computing? I claim to be no expert but, put simply, every computer whether auto-piloting an aircraft or controlling the temperature in your fridge is computing something. What differentiates quantum computers is the use of atomic particles to form quantum bits, or qubits for short, as opposed to silicon-based transistors. This makes them exponentially more powerful. Studies show that a single 60-qubit quantum computer would outperform today’s most powerful machines without getting anywhere close to their maximum capability.
At the end of last year, IBM announced it was going to launch a 20 qubit computer and that researchers had built a 50 qubit prototype. With Google hot on IBM's heals, it is only a matter of time that quantum becomes a reality.
So what does this mean in the world of cybersecurity? Quantum computing has the potential to disrupt our traditional methods of delivering data privacy. All traditional methods of data encryption are at risk, which could have a huge impact.
Whether you are paying for goods through Apple Pay, purchasing goods online, authorising a user or creating VPNs, you are using systems that have all been built on cryptography. The mathematics in cryptography today use such complex algorithms and large numbers that statistically it means they are unbreakable or would take so long (hundreds of years) to crack that the data is irrelevant. However, put a quantum computer in front of hackers and it may just take minutes.
Before we all decide to give up now, in reality, we probably won’t see mainstream quantum computers until the next decade. However, today's public key cryptography is still not proven to be secure against quantum based mathematical attacks. So, what should we be worried about?
The largest concern is based around two scenarios. The first is the 'download now, decrypt later' attack vector. This means that encrypted, sensitive data can be downloaded now and analysed offline when a quantum computer appears.
The second is regarding long term storage of sensitive data, which a number of companies need to do due to certain compliance mandates, for up to 10 years. If this data is secured using today’s cryptographic algorithms, it becomes insecure once a quantum computer appears.
The good news is that a number of crypto providers are aware of what the future may hold and are adopting quantum-safe cryptography techniques. You just need to make sure you are using one of them for securing your sensitive data today, for what might come in the future, thus taking that quantum leap (sorry I couldn't resist the pun!).