This year for the first time, quantum technology seemed to be on the minds of many attending the recent RSA conference in San Francisco. Several quantum cyber-security companies were present on the trade show floor, a conference panel was dedicated to the topic, and the theme came up in some of the conference discussions.
One thing that came out of these discussions is that quantum technology can be both a threat and an opportunity for security. As this type of technology moves into the mainstream, it’s important to gain an understanding of both of these facets.
On the threat side, there is a growing, tangible awareness of the vulnerability of conventional cybersecurity to the processing capabilities of future quantum computers. Simply put, current strategies for sharing encryption keys rely on the difficulty in factoring a large multiplication back into its prime constituents, a problem that is beyond the reach of classic computers in a reasonable time frame. Once quantum computers mature, they will be able to crack this mathematical challenge very quickly, making one of the main foundations of our current security vulnerable. Real concern about quantum computers is growing among large enterprises, financial institutions and government agencies, who are looking for ways to prepare for this challenge in a timely manner, before quantum computers become mainstream.
Now, for the plus side…First and foremost, quantum technology is already delivering security enhancements today through quantum random generic avodart 5mg number technology, and promises to provide commercial quantum computer-resistant key distribution capabilities in the near future. Even without the threat of quantum computers, poor quality or insufficient quantity of random numbers are a security risk. Surprisingly, generating high quality random at high rates is quite a hard problem, to which quantum technology provides a powerful solution. Quantum physics is fundamentally random, so quantum solutions are a natural choice in random number generator design. This inherent randomness of quantum has been put to use to deliver commercial quantum random generators that produce the highest quality random, at high rates and cost effectively, effectively putting this issue to rest. These quantum random solutions are starting to be integrated into security infrastructure for the cloud, finance and beyond, a trend that is expected to increase over the coming years. As a bonus, the use of longer, higher quality keys was identified by the NSA as being one of the strategies to protect data from the threat of quantum computers, so using a high quality quantum random number generator enables companies to get a head start in that direction.
On the key distribution topic, quantum computers will not be able to compromise keys that are shared using quantum key distribution (QKD), since this is proven secure by the laws of quantum physics. QKD allows strong symmetric encryption keys, or even one time pads, to be securely shared without relying on more vulnerable Public Key techniques. This is a developing technology with challenges to overcome, but commercial implementations are beginning to roll out, and development under way will transition its capability beyond point to point fiber connections to free space and ultimately mobile devices. Certainly worth watching.
With all this talk of quantum, it’s important to remember that quantum cybersecurity alone is not a silver bullet for security. To achieve iron-clad protection, a CISO should take an integrated, layered approach using a variety of tools and solutions such as robust key and policy management, the use of Hardware Security Modules and more. However, as quantum-based cybersecurity demonstrates its capability to improve security, it’s only a matter of time before we see its greater adoption, allaying at least in part those concerns about our quantum future.