The impact of quantum computing on cybersecurity

The cybersecurity landscape is ever-evolving. Cyber attacks are increasing year on year – up 38% from 2021 to 2022 – and so cybersecurity professionals have an increasing need to remain agile to outsmart and block hackers and ransomware gangs. With quantum computing on the horizon, this industry faces additional challenges to security, but could also be faced with possible opportunities.

Quantum computing, which harnesses the principles of quantum mechanics, introduces a paradigm shift in computing power, potentially revolutionising the way algorithms, cryptographic methods, and sensitive data are handled. 

We explore the impact of quantum computing on cybersecurity in this blog, delving into the vulnerabilities it exposes, the advancements in post-quantum cryptography, and the strategies required to mitigate the risks associated with this quantum threat.

The vulnerabilities of current encryption methods

Classical computers, which dominate the current computing landscape, rely on cryptographic algorithms for secure communications and the protection of sensitive information. The advent of quantum computing however, introduces the risk of these algorithms being decrypted swiftly, jeopardising the confidentiality of data. 

One of the key challenges lies in the widespread use of public-key cryptography, particularly in securing online communication and transactions. Systems like the Rivest-Shamir-Adleman (RSA) algorithm and the Diffie-Hellman key exchange are foundational to secure online activities, but both face the risk of being compromised by quantum computers, potentially exposing vast amounts of sensitive information. 

Understanding quantum computing

Quantum computing leverages qubits – short for ‘quantum bits’ – which can exist in multiple states at the same time simultaneously thanks to the phenomenon of superposition. 

Unlike classical computers that use bits to represent either 0 or 1, qubits enable a quantum machine to process vast amounts of information in parallel. This unprecedented computing power has the potential to break current cryptographic algorithms, especially those relying on the difficulty of factoring large numbers, such as the RSA algorithm which protects sensitive data through encryption and decryption using a private and public key pair.

Shor’s algorithm, named after and created by American mathematician Peter Shor in 1994, is a breakthrough in quantum computing. It is a quantum algorithm with the capability to efficiently factorise large numbers which can crack RSA and compromise the security of widely used encryption keys. While a quantum computer which is stable enough to run Shor’s algorithm doesn’t yet exist, we can’t be certain when that day might arrive.

This poses a significant risk to the security of sensitive information, making current cryptographic methods vulnerable to cyber attacks by quantum machines.

The race for quantum-safe cryptography

Recognising the imminent threat quantum computing may have on cybersecurity, the US National Institute of Standards and Technology (NIST) has initiated efforts to develop post-quantum cryptographic (PQC) standards which are planned for release in 2024. In the UK, the National cybersecurity Centre (NCSC) which is run out of the country’s intelligence, security and cyber agency, has published a whitepaper to help organisations prepare for the migration to PQC. They believe this migration to be the best mitigation against the threat of quantum computers.

PQC aims to design algorithms that can withstand attacks from both classical and quantum computers. Cryptographic algorithms which are deemed to be quantum-resistant are crucial for the future of cybersecurity.

The NIST’s involvement in standardising quantum-safe cryptographic methods signifies the urgency of addressing the quantum threat. Not only are these threats a concern for businesses and supply chains globally, but there are also profound implications of quantum computing on national security. The potential for quantum attacks creates a risk to critical infrastructure, military communications, and other elements integral to a nation’s security.

Cybersecurity professionals and researchers in academia and industry globally are actively working towards creating encryption methods that can protect sensitive data against the formidable computing power of quantum machines.

The positive possibilities of quantum key distribution (QKD)

QKD uses components of quantum mechanics to provide a secure communication method between two parties. Using a cryptographic protocol, it enables the two parties to encrypt and decrypt messages using a shared random secret key. Any third party trying to gain knowledge of the key can be detected by the implementation of a communication system that spots eavesdroppers, a feature not provided in standard cryptography, ensuring confidentiality of information exchanged.

While QKD provides hope for a positive possibility of quantum mechanics, the US National Security Agency (NSA) has outlined some technical limitations that must be overcome before it can be defined as a totally secure option. These include:

• QKD is only a partial solution as it doesn’t provide a means to authenticate the transmission source.
• It requires special purpose hardware equipment which lacks flexibility for upgrades or security patches, and cannot be implemented in software, as a service on a network, or into existing network equipment.
• Infrastructure costs and insider threat risks are increased as QKD networks necessitate the use of trusted relays.
• Securing and validating QKD is a challenge, as the hardware used can introduce new vulnerabilities.
• The risk of denial of service is increased due to the sensitivity to an eavesdropper.

The future of quantum computing

As we grapple with the uncertainties introduced by quantum computing, the development and integration of quantum-resistant technologies become paramount.

Leading tech giants such as IBM and Microsoft are investing heavily in quantum computing research. Their efforts focus on developing quantum-resistant algorithms, exploring the potential of quantum machine learning, and addressing the cybersecurity threats posed by quantum computers. 

Quantum-resistant algorithms and cryptographic methods are essential components in securing the cyber landscape of the next decade. The collaboration between industry leaders and researchers is pivotal in staying ahead of cybercriminals and threat actors who may exploit quantum vulnerabilities. 

Learn skills in cybersecurity that will accelerate your career

If you’re looking to future-proof your career, take a step into cybersecurity by studying a master’s degree. Abertay University has been recognised as an Academic Centre of Excellence in cybersecurity Education by the UK Government’s National cybersecurity Centre, and will teach you all the up-to-date skills and knowledge you need to get ahead in this exciting field.

On the online MSc Computer Science with Cyber Security programme, you will develop a specialist understanding of techniques that can be used to improve resilience to a data breach, and will explore threat modelling techniques to understand a system’s weak points.

The degree is taught part-time and has six start dates a year, making it flexible to fit around your current commitments.