Keeping classified information secret in a world of quantum computing – Bulletin of the Atomic Scientists
By the end of 1943, the US Navy had installed 120 electromechanical Bombe machines like the one above, which were used to decipher secret messages encrypted by German Enigma machines, including messages from German U-boats. Built for the Navy by the Dayton company National Cash Register, the US Bombe was an improved version of the British Bombe, which was itself based on a Polish design. Credit: National Security Agency
Quantum computing is a technology that promises to revolutionize computing by speeding up key computing tasks in areas such as machine learning and solving otherwise intractable problems. Some influential American policy makers, scholars, and analysts are extremely concerned about the effects quantum computing will have on national security. Similar to the way space technology was viewed in the context of the US-Soviet rivalry during the Cold War, scientific advancement in quantum computing is seen as a race with significant national security consequences, particularly in the emerging US-China rivalry. Analysts such as Elsa Kania have written that the winner of this race will be able to overcome all cryptographic efforts and gain access to the state secrets of the losing government. Additionally, the winner will be able to protect its own secrets with a higher level of security than contemporary cryptography guarantees.
These claims are considerably overstated. Instead of worrying about winning the quantum supremacy race against China, policy makers and scholars should shift their focus to a more urgent national security problem: How to maintain the long-term security of secret information secured by existing cryptographic protections, which will fail against an attack by a future quantum computer.
The race for quantum supremacy. Quantum supremacy is an artificial scientific goalone that Google claims to have recently achievedthat marks the moment a quantum computer computes an answer to a well-defined problem more efficiently than a classical computer. Quantum supremacy is possible because quantum computers replace classical bitsrepresenting either a 0 or a 1with qubits that use the quantum principles of superposition and entanglement to do some types of computations an order of magnitude more efficiently than a classical computer. While quantum supremacy is largely meant as a scientific benchmark, some analysts have co-opted the term and set it as a national-security goal for the United States.
These analysts draw a parallel between achieving quantum supremacy and the historical competition for supremacy in space and missile technology between the United States and the Soviet Union. As with the widely shared assessment in the 1950s and 1960s that the United States was playing catchup, Foreign Policy has reported on a quantum gap between the United States and China that gives China a first mover advantage. US policy experts such as Kania, John Costello, and Congressman Will Hurd (R-TX) fear that if China achieves quantum supremacy first, that will have a direct negative impact on US national security.
Some analysts who have reviewed technical literature have found that quantum computers will be able to run algorithms that allow for the decryption of encrypted messages without access to a decryption key. If encryption schemes can be broken, message senders will be exposed to significant strategic and security risks, and adversaries may be able to read US military communications, diplomatic cables, and other sensitive information. Some of the policy discussion around this issue is influenced by suggestions that the United States could itself become the victim of a fait accompli in code-breaking after quantum supremacy is achieved by an adversary such as China. Such an advantage would be similar to the Allies advantage in World War II when they were able to decrypt German radio traffic in near-real time using US and British Bombe machines (see photo above).
The analysts who have reviewed the technical literature have also found that quantum technologies will enable the use of cryptographic schemes that do not rely on mathematical assumptions, specifically a scheme called quantum key distribution. This has led to the notion in the policy community that quantum communications will be significantly more secure than classical cryptography. Computer scientist James Kurose of the National Science Foundation has presented this view before the US Congress, for example.
Inconsistencies between policy concerns and technical realities. It is true that quantum computing threatens the viability of current encryption systems, but that does not mean quantum computing will make the concept of encryption obsolete. There are solutions to this impending problem. In fact, there is an entire movement in the field to investigate post-quantum cryptography. The aims of this movement are to find efficient encryption schemes to replace current methods with new, quantum-secure encryption.
The National Institute of Standards and Technology is currently in the process of standardizing a quantum-safe public key encryption system that is expected to be completed by 2024 at the latest. The National Security Agency has followed suit by announcing its Commercial National Security Algorithm Encryption Suite. These new algorithms can run on a classical computera computer found in any home or office today. In the future, there will be encryption schemes that provide the same level of security against both quantum and classical computers as the level provided by current encryption schemes against classical computers only.
Because quantum key distribution enables senders and receivers to detect eavesdroppers, analysts have claimed that the ability of the recipient and sender [to] determine if the message has been intercepted is a major advantage over classical cryptography. While eavesdropper detection is an advancement in technology, it does not actually provide any significant advantage over classical cryptography, because eavesdropper detection is not a problem in secure communications in the first place.
When communicating parties use quantum key distribution, an eavesdropper cannot get ciphertext (encrypted text) and therefore cannot get any corresponding plaintext (unencrypted text). When the communicating parties use classical cryptography, the eavesdropper can get ciphertext but cannot decrypt it, so the level of security provided to the communicating parties is indistinguishable from quantum key distribution.
The more pressing national security problem. While the technical realities of quantum computing demonstrate that there are no permanent security implications of quantum computing, there is a notable longer-term national security problem: Classified information with long-term intelligence value that is secured by contemporary encryption schemes can be compromised in the future by a quantum computer.
The most important aspect of the executive order that gives the US government the power to classify information, as it relates to the discussion of quantum computing and cryptography, is that this order allows for the classification of all types of information for as long as 25 years. Similarly, the National Security Agency provides guidelines to its contractors that classified information has a potential intelligence life of up to 30 years. This means that classified information currently being secured by contemporary encryption schemes could be relevant to national security through at least 2049and will not be secure in the future against cryptanalysis enabled by a quantum computer.
In the past, the United States has intercepted and stored encrypted information for later cryptanalysis. Toward the end of World War II, for example, the United States became suspicious of Soviet intentions and began to intercept encrypted Soviet messages. Because of operator error, some of the messages were partially decryptable. When the United States realized this, the government began a program called the Venona Project to decrypt these messages.
It is likely that both the United States and its adversaries will have Venona-style projects in the future. A few scholars and individuals in the policy community have recognized this problem. Security experts Richard Clarke and Robert Knake have stated that governments have been rumored for years to be collecting and storing other nations encrypted messages that they now cannot crack, with the hope of cracking them in the future with a quantum computer.
As long as the United States continues to use encryption algorithms that are not quantum-resistant, sensitive information will be exposed to this long-term risk. The National Institute of Standards and Technologys quantum-resistant algorithm might not be completedand reflected in the National Security Agencys own standarduntil 2024. The National Security Agency has stated that algorithms often require 20 years to be fully deployed on NSS [National Security Systems]. Because of this, some parts of the US national security apparatus may be using encryption algorithms that are not quantum-resistant as late as 2044. Any information secured by these algorithms is at risk of long-term decryption by US adversaries.
Recommendations for securing information. While the United States cannot take back any encrypted data already in the possession of adversaries, short-term reforms can reduce the security impacts of this reality. Taking 20 years to fully deploy any cryptographic algorithm should be considered unacceptable in light of the threat to long-lived classified information. The amount of time to fully deploy a cryptographic algorithm should be lowered to the smallest time frame feasible. Even if this time period cannot be significantly reduced, the National Security Agency should take steps to triage modernization efforts and ensure that the most sensitive systems and information are updated first.
Luckily for the defenders of classified information, existing encryption isnt completely defenseless against quantum computing. While attackers with quantum computers could break a significant number of classical encryption schemes, it still may take an extremely large amount of time and resources to carry out such attacks. While the encryption schemes being used today can eventually be broken, risk mitigation efforts can increase the time it takes to decrypt information.
This can be done by setting up honeypotssystems disguised as vulnerable classified networks that contain useless encrypted dataand allowing them to be attacked by US adversaries. This would force adversaries to waste substantial amounts of time and valuable computer resources decrypting useless information. Such an operation is known as as defense by deception, a well-proven strategy to stymie hackers looking to steal sensitive information. This strategy is simply an application of an old risk mitigation strategy to deal with a new problem.
Quantum computing will have an impact on national security, just not in the way that some of the policy community claims that it will. Quantum computing will not significantly reduce or enhance the inherent utility of cryptography, and the outcome of the race for quantum supremacy will not fundamentally change the distribution of military and intelligence advantages between the great powers.
Still, the United States needs to be wary of long-term threats to the secrecy of sensitive information. These threats can be mitigated by reducing the deployment timeline for new encryption schemes to something significantly less than 20 years, triaging cryptographic updates to systems that communicate and store sensitive and classified information, and taking countermeasures that significantly increase the amount of time and resources it takes for adversaries to exploit stolen encrypted information. The threats of quantum computing are manageable, as long as the US government implements these common-sense reforms.
Editors Note: The author wrote a longer version of this essay under a Lawrence Livermore National Laboratory contract with the US Energy Department. Lawrence Livermore National Laboratory is operated by Lawrence Livermore National Security, LLC, for the US Department of Energy, National Nuclear Security Administration under Contract DE-AC52-07NA27344. The views and opinions of author expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC. LLNL-JRNL-799938.
- How Nvidia co-founder plans to turn Hudson Valley into a tech powerhouse greater than Silicon Valley - New York Post - May 22nd, 2024 [May 22nd, 2024]
- Aramco signs agreement with Pasqal to deploy first quantum computer in the Kingdom of Saudi Arabia - Aramco - May 22nd, 2024 [May 22nd, 2024]
- Exploring new frontiers with Fujitsu's quantum computing research and development - Fujitsu - May 22nd, 2024 [May 22nd, 2024]
- Glimpse of next-generation internet - Harvard Office of Technology Development - May 22nd, 2024 [May 22nd, 2024]
- The quantum internet is fast becoming a real thing - RedShark News - May 22nd, 2024 [May 22nd, 2024]
- Ripple publishes math prof's warning: 'Public-key cryptosystems should be replaced' - Cointelegraph - May 22nd, 2024 [May 22nd, 2024]
- Explore the Growing Role of Linux in Quantum Computing - ITPro Today - May 22nd, 2024 [May 22nd, 2024]
- The commercialisation of quantum science in pharma - pharmaphorum - May 22nd, 2024 [May 22nd, 2024]
- Quantum computing breakthrough could happen with just hundreds, not millions, of qubits using new error-correction ... - Livescience.com - May 1st, 2024 [May 1st, 2024]
- History Shows How to Win the Quantum Computing Race - TIME - May 1st, 2024 [May 1st, 2024]
- 3 Quantum Computing Stocks That Could Be Multibaggers in the Making: April Edition - InvestorPlace - May 1st, 2024 [May 1st, 2024]
- Hunting for quantum-classical crossover in condensed matter problems | npj Quantum Information - Nature.com - May 1st, 2024 [May 1st, 2024]
- RIKEN Selects IBM's Next-Generation Quantum System to be Integrated with the Supercomputer Fugaku - IBM Newsroom - May 1st, 2024 [May 1st, 2024]
- Y2K was a flop. But Q-Day could really screw us over - Sydney Morning Herald - May 1st, 2024 [May 1st, 2024]
- The $1 Billion Bet on Quantum Computers That Process Light - DISCOVER Magazine - May 1st, 2024 [May 1st, 2024]
- Unveiling the Universe's Secrets: A Quantum Leap With AI at CERN - Indiana Daily Student - May 1st, 2024 [May 1st, 2024]
- Enhancing Quantum Error Correction Effectiveness - AZoQuantum - May 1st, 2024 [May 1st, 2024]
- Quantum computing explained and what's different about PsiQuantum - The Australian Financial Review - May 1st, 2024 [May 1st, 2024]
- Australia to fund $620M quantum computer claimed to be first at 'utility-scale' - The Register - May 1st, 2024 [May 1st, 2024]
- Quantum-proofing passwords and artwork with DNA encryption - Advanced Science News - May 1st, 2024 [May 1st, 2024]
- Quantum Computer-Powered Pangenome Research Could Lead to Personalized Medicine, Disease Outbreak Tracking - The Quantum Insider - May 1st, 2024 [May 1st, 2024]
- ATSE Welcomes Large Quantum of Technology Investment for Queensland - AZoQuantum - May 1st, 2024 [May 1st, 2024]
- Future Made in Australia: Only quantum physics can explain the weird investment in Californian quantum computing ... - The Australian Financial Review - May 1st, 2024 [May 1st, 2024]
- Mind-bending maths could stop quantum hackers, but few understand it - The Conversation - May 1st, 2024 [May 1st, 2024]
- US Leads in Steady Rise of Patents Covering Key Quantum Performance Measures - The Quantum Insider - May 1st, 2024 [May 1st, 2024]
- Rigetti Computing to Report First Quarter 2024 Financial Results and Host Conference Call on May 9, 2024 - GlobeNewswire - May 1st, 2024 [May 1st, 2024]
- $1 billion for Australian project to build first useful quantum computer - Sydney Morning Herald - May 1st, 2024 [May 1st, 2024]
- The Top 3 Quantum Computing Stocks to Buy in April 2024 - InvestorPlace - May 1st, 2024 [May 1st, 2024]
- Quantum computing: How an expat Aussie-founded company convinced the government to invest $1b - The Australian Financial Review - May 1st, 2024 [May 1st, 2024]
- How Quantum Computers Could Illuminate the Full Range of Human Genetic Diversity - Singularity Hub - May 1st, 2024 [May 1st, 2024]
- Picking a winner in quantum is bold to say the least - The Australian Financial Review - May 1st, 2024 [May 1st, 2024]
- PsiQuantum to Receive USD620M Investment from Australian Government - FinSMEs - May 1st, 2024 [May 1st, 2024]
- The mind-bending maths that could stop quantum hackers - The Hindu - May 1st, 2024 [May 1st, 2024]
- Federal and Queensland governments bet big on US-based PsiQuantum in $940 million deal to bring quantum ... - Startup Daily - May 1st, 2024 [May 1st, 2024]
- Rigetti Computing Launches the Novera QPU Partner Program - GlobeNewswire - May 1st, 2024 [May 1st, 2024]
- Crossing the Quantum Threshold: The Path to 10,000 Qubits - HPCwire - April 15th, 2024 [April 15th, 2024]
- Quantum Leap: Google's Sycamore and the New Frontier in Computing - WebProNews - April 15th, 2024 [April 15th, 2024]
- Advancing to an Era of Quantum Readiness - yTech - April 15th, 2024 [April 15th, 2024]
- Google's Sycamore and the Quantum Supremacy Milestone - yTech - April 15th, 2024 [April 15th, 2024]
- Encryption shield installed to protect Chinese quantum computer from attack - South China Morning Post - April 13th, 2024 [April 13th, 2024]
- America is the undisputed world leader in quantum computing even though China spends 8x more on the technology ... - Fortune - April 13th, 2024 [April 13th, 2024]
- Breakthrough promises secure quantum computing at home - University of Oxford - April 13th, 2024 [April 13th, 2024]
- Is Nvidia Also the Best Bet in Quantum Computing Right Now? - The Motley Fool - April 13th, 2024 [April 13th, 2024]
- SEEQC Receives Award from the US Department of Energy to Produce Amplifiers for Fundamental Physics Research ... - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- The experimental demonstration of a verifiable blind quantum computing protocol - Phys.org - April 13th, 2024 [April 13th, 2024]
- Future quantum computers will be no match for 'space encryption' that uses light to beam data around with the 1st ... - Space.com - April 13th, 2024 [April 13th, 2024]
- Why quantum computing is a threat to encryption, and what to do about it - New Hampshire Business Review - April 13th, 2024 [April 13th, 2024]
- The 3 Best Quantum Computing Stocks to Buy in April 2024 - InvestorPlace - April 13th, 2024 [April 13th, 2024]
- Researcher: The quantum computer doesn't exist yet, but we are better understanding what problems it can solve - Tech Xplore - April 13th, 2024 [April 13th, 2024]
- New bill would greatly expand Defense Department quantum efforts - Defense One - April 13th, 2024 [April 13th, 2024]
- The VC View: Quantonation's Deep Dive into Funding Quantum Start-ups - HPCwire - April 13th, 2024 [April 13th, 2024]
- Guest Post: What You Need to Know to Build a Quantum Implementation Roadmap With The Arrival of Quantum Error ... - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- Quantum rush: Denver-Boulder area aims to be the Silicon Valley of the future - CNBC - April 13th, 2024 [April 13th, 2024]
- Qubit Pharmaceuticals Partners With The PINQ Platform to Use Quantum Computers to Accelerate Pharmaceutical ... - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- Microsoft says it's cracked the code on an important quantum computing problem - The Verge - April 13th, 2024 [April 13th, 2024]
- Guest Post: Errare Quantum Est - But We Are Learning to Grapple With It - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- Sejong City, Korea Advanced Institute of Science and Technology and QuEra Computing Partner to Drive Quantum ... - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- Princeton University Researchers Make Breakthrough in Connecting Distant Quantum Devices - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- This University in New York Is the First With a Full-Fledged Quantum Computer - PCMag - April 13th, 2024 [April 13th, 2024]
- 'Solving Problems, Building Bonds': A Q&A With QuEra Team on Participating in Quantum Computing Challenges - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- D-Wave Gaining Momentum with Quantum Computing Innovation - yTech - April 13th, 2024 [April 13th, 2024]
- UAE, Saudi Arabia And Qatar Spearheading Quantum Computing Development in The Middle East - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- Harry Buhrman Joins Quantinuum as Chief Scientist for Algorithms and Innovation - The Quantum Insider - April 13th, 2024 [April 13th, 2024]
- New Oxford research promises secure quantum computing in the home - RedShark News - April 13th, 2024 [April 13th, 2024]
- Dr Chris Ballance, quantum computings up-and-coming star - University of Oxford - April 13th, 2024 [April 13th, 2024]
- Advancing science: Microsoft and Quantinuum demonstrate the most reliable logical qubits on record with an error rate ... - Microsoft - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum say theyve ushered in the next era of quantum computing - TechCrunch - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum report a way to turn down the noise in quantum computing - GeekWire - April 4th, 2024 [April 4th, 2024]
- Practical quantum computing is coming in 3 to 5 years, but will be cloud based, NSA official predicts - Nextgov/FCW - April 4th, 2024 [April 4th, 2024]
- Quantinuum Partners with Microsoft in New Phase of Reliable Quantum Computing with Breakthrough Demonstration ... - PR Newswire - April 4th, 2024 [April 4th, 2024]
- Microsoft's latest breakthrough in quantum computing: What it means - The National - April 4th, 2024 [April 4th, 2024]
- Rising Confidence in Quantum Computing: D-Wave Quantum's Stock Value Climbs - yTech - April 4th, 2024 [April 4th, 2024]
- Hot Stocks: The 3 Best Opportunities for Investing in Quantum Computing - InvestorPlace - April 4th, 2024 [April 4th, 2024]
- Why Quantum Computers Will Never Break Bitcoin - Palm Beach Research Group - April 4th, 2024 [April 4th, 2024]
- Quantum error correction used to actually correct errors - Ars Technica - April 4th, 2024 [April 4th, 2024]
- Redefining Quantum Communication: Researchers Have Solved a Foundational Problem in Transmitting Quantum ... - SciTechDaily - April 4th, 2024 [April 4th, 2024]
- Quantum Computing Leaps Forward with Groundbreaking Error Correction - yTech - April 4th, 2024 [April 4th, 2024]
- It's time for colos and wholesalers to start looking at quantum computing customers - DatacenterDynamics - April 4th, 2024 [April 4th, 2024]
- How Are Universities Preparing for Quantum Computing? - Government Technology - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum boast quantum computing breakthrough - DIGIT.FYI - April 4th, 2024 [April 4th, 2024]