Cybersecurity: how to deal with the quantum threat?

The realization of the first quantum computers and the discovery of Shore’s algorithm have cast a chill in the world of cybersecurity. Current encryption methods will not stand up to future quantum computers and reinventing encryption for this new era is becoming urgent. Cybersecurity and quantum threat, where are we?

By David Mahdi, Director of Strategy at Sectigo

In recent years, quantum computing has found itself in the spotlight. This technology is based on the principles of quantum physics to perform calculations in an unprecedented, faster and above all more powerful way in terms of data processing, especially when it comes to cryptography.

Due to its ability to simultaneously solve several complex problems, much faster than traditional computers, quantum computing would have many cases of potentially revolutionary applications: chemical and biological engineering, Artificial Intelligence or even financial modelling… But like all new technologies, quantum computing opens a Pandora’s box, and not all possibilities are necessarily auspicious.

Providential or apocalyptic technology?

For about 50 years, the public key infrastructure (PKI) system has been the cryptographic basis for businesses to secure their electronic devices, as well as the people who use them. But the future shaped by quantum computing means that the existing cryptographic algorithms, which today ensure the confidentiality and security of data, will be very easily hacked, and will thus become obsolete within a few years according to international experts.


At a time when quantum technologies are still in their infancy in the professional world, how to estimate the seriousness of the risks for the security of data and access to digital identities?

Think of the amount of encrypted data managed by an international company, a bank, a hospital or even a State. The volumes of personally identifiable information (PII) and sensitive medical information, not to mention the number of electronic devices required, are incalculable. Yet the very essence of quantum computing is thatan encrypted message can be deciphered in less than a week, while the average computer would need about 300 million years!

The potential impact of a cryptographic breach of this magnitude would be immense. In this case we would even speak of a “quantum apocalypse”…

To prepare for this eventuality, organizations need to adopt new approaches to protecting their data now. In the United States, the NIST (National Institute of Standards and Technology) launched the race for new post-quantum cryptographic standards in 2016; the results of the first selected algorithms were released this summer. A standardization of standards is therefore to be expected by 2024.

The future: a hybrid model

Today, data protection is mainly ensured by encryption. This is based on the use of cryptographic technologies, which are themselves based on digital certificates. Capable of establishing a bond of trust between the user or machine and the organization to which they are attached, certificates provide proof of the authenticity of each identity.

In the future, one of the main protection solutions would rely on post-quantum public key cryptography technology. This will perform the same function as these traditional digital certificates, with one (crucial) difference: it would use an adapted cryptographic protocol based on new algorithms not solvable by a quantum computer.


But the problem does not end there. Indeed, quantum computers will not quite replace traditional binary computers, at least not initially. Rather, the two architectures will continue to exist in parallel: binary computing would serve a number of tasks (such as consuming video content), while quantum computing would tackle specific use cases where they offer better performance (such as processing complex mathematical operations).

Organizations will therefore need to have the capacity to deploy hybrid certificates, possessing both traditional keys and signatures and others suitable for quantum security. This kind of hybrid approach will allow organizations to transition from traditional public-key cryptography to post-quantum cryptography in a seamless way, avoiding any doomsday attack scenario.

Fortunately, these solutions are already in development. In addition, companies can now start investing in the first quantum migration projects that will be necessary in the coming years, starting with the strengthening of their encryption technologies. Because despite appearances, time is running out to anticipate this breakthrough innovation… And its consequences!


We would love to give thanks to the writer of this article for this awesome web content

Cybersecurity: how to deal with the quantum threat?

You can find our social media profiles here as well as other related pages here