Quantum Computing — Security Risks
What is Quantum Computing?
Imagine your everyday computer as a regular superhero solving problems step by step. It uses tiny switches called bits, which can only be “on” (1) or “off” (0). Now, picture a quantum computer as a magical superhero with superpowers! Instead of bits, it uses qubits, which can be “on,” “off,” or both at the same time — like a spinning coin that’s both heads and tails. This mind-bending ability is called superposition.
But wait, there’s more! Quantum computers also have another trick up their sleeve: entanglement. Qubits can become interconnected in such a way that the state of one instantly influences the other, even if they’re far apart. Think of it as two best friends who always know what the other is thinking. These powers allow quantum computers to solve incredibly complex problems much faster than regular computers.
Awesome Things Quantum Computers Can Do (Use Cases)
1. Finding Hidden Treasure (Optimization Problems)
Imagine a treasure hunt with millions of hiding spots. A regular computer checks one spot at a time, but a quantum computer can check many spots simultaneously! This ability is revolutionizing areas like route optimization for delivery trucks, airlines, and supply chains.
2. Creating New Medicines (Drug Discovery)
Quantum computers help scientists virtually mix “ingredients” to test billions of combinations and discover cures for diseases faster. It’s like building the perfect medicine with LEGO blocks in record time.
3. Predicting Weather (Simulations)
Weather forecasting involves recreating the Earth’s entire weather system. Quantum computers can simulate these complex systems with unparalleled accuracy, helping us prepare better for hurricanes, droughts, and other natural phenomena.
4. Exploring Space (Material Design)
Designing rockets and spacecraft requires super-strong materials. Quantum computers can rapidly test countless material combinations to create stronger, lighter, and safer components for space exploration.
5. Breaking Secret Codes (Cryptography)
Quantum computers can solve the toughest math puzzles that underpin today’s encryption. While this opens up exciting possibilities, it also poses significant risks to online security.
Security Risks of Quantum Computing
Quantum computing’s incredible capabilities come with serious security challenges. Here are some key risks:
1. Breaking Encryption
Today’s encryption methods act as secret locks for sensitive data, like passwords and online banking. Regular computers would take thousands of years to crack these locks, but quantum computers could do it in minutes.
2. Harvest Now, Decrypt Later
Hackers might steal encrypted data today and save it until quantum computers become powerful enough to decrypt it. This puts sensitive information like financial records or confidential communications at risk.
3. Fake Identities
Quantum computers could forge digital signatures, making fake emails or documents appear authentic. Imagine receiving a fake email that seems to be from your best friend or trusted source.
4. Outdated Security
Systems using old or weak encryption methods would be easy targets for quantum-powered attacks, making it critical to upgrade our security systems.
Preparing for a Post-Quantum World
Quantum computing’s potential to break current cryptographic systems is a significant threat. Public-key algorithms like Diffie-Hellman (DH), Elliptic Curve Cryptography (ECC), and RSA, which secure most of our digital communications, will become vulnerable.
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and National Institute of Standards and Technology (NIST) are urging organizations to start planning for the transition to post-quantum cryptographic (PQC) standards now.
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST) created this factsheet to inform organizations — especially those that support Critical Infrastructure — about the impacts of quantum capabilities, and to encourage the early planning for migration to post-quantum cryptographic standards.
Current Efforts:
Organizations like Palo Alto Networks are actively contributing to projects like NIST’s NCCoE (National Cybersecurity Center of Excellence) to develop solutions for a quantum-secure future. For instance, their firewalls can detect, log, and block unsanctioned post-quantum ciphers to ensure network visibility and protection.
The Quantum Threat and What to Do Now
The most immediate danger is Harvest Now, Decrypt Later attacks. Long-lived data — like government secrets or medical records — could be stolen and decrypted years later when quantum computers become practical. To mitigate these risks, organizations should take the following steps:
1. Harden VPN Connections
- Upgrade to Suite-B-GCM-256 cipher suites as per RFC 6379 to secure IPsec connections.
- Avoid weaker algorithms like 128-bit AES, which are vulnerable to quantum attacks.
- Use larger RSA key sizes (e.g., 4K RSA) and migrate to stronger certificates.
- Implement post-quantum standards like RFC 8784, RFC 9242, and RFC 9370 for IKEv2 VPNs.
2. Strengthen SSL/TLS Connections
- Upgrade to TLSv1.3 with Perfect Forward Secrecy (PFS) ciphers.
- Use hardened client-to-server VPN sessions for additional protection.
- Support post-quantum desktop applications for secure reverse proxies.
