THE CUTTING EDGE: Quantum Cybersecurity (This premium content first appeared in the Nov. 17 issue of Inside Security.)
Large-scale quantum computers will massively expand computing power, which can be harnessed to improve cybersecurity and undermine it.
Quantum computers harness the characteristics of quantum particles to process data in dramatically new ways. These characteristics can be employed to improve security for critical data.
For example, quantum random number generators can be used to boost the strength of encryption by exploiting the inherent randomness in quantum physics. These enhanced number generators can produce a billion true random numbers per second.
In addition, quantum computing can be harnessed to improve key exchanges by using a distinct characteristic: the act of looking at a quantum particle changes it. This is known as quantum key distribution.
For example, quantum effects can be used on a laser to send the key over a fiber optic cable. Any attempt by a hacker to intercept the key will leave fingerprints, enabling the compromised keys to be discarded. The retained keys can be used to provide strong data protection.
Other quantum cybersecurity technologies include quantum digital signatures, quantum coin flipping, quantum money, quantum private information retrieval, secure multiparty computation, and position verification.
Uses Cases for Quantum Networking
The Quantum Internet Alliance is working on developing quantum networking. Use cases include:
- Secure communication using quantum key distribution.
- Clock synchronization.
- Advantages for classic problems in distributed systems, such as achieving consensus and agreement about data distributed in the cloud.
- Sending exponentially fewer quantum bits than classical bits to solve distributed computing problems.
- Secure access to a powerful quantum computer using only very simple quantum devices.
- Combining small quantum computers to form a larger computing cluster.
While there are many potential advantages to quantum computing, its power could be used to undermine current methods of encryption. Organizations need to be prepared to harness the power of quantum computing to improve cybersecurity and prevent quantum computing from undermining current encryption techniques.
IBM recommends that enterprises take a number of steps to prepare for the quantum computing era:
- Identify, retrain, or recruit individuals with the necessary quantum security skills.
- Determine where quantum security methods should be used throughout the enterprise by assessing security exposure in the following areas:
- Symmetric encryption algorithms: At least double the key sizes currently being used in symmetric encryption algorithms.
- Asymmetric encryption algorithms: Identify where asymmetric algorithms are in use today and plan to switch to post-quantum alternatives.
- Hashing algorithms: Assess the output sizes being used and plan to use larger sizes.
- Keep current on the advances in quantum security standards and security solutions, such as lattice-based approaches, code-based cryptography, and multivariate cryptography.