Quantum security (or post-quantum security) means being resistant to the cyber threat posed by quantum computers. Highly powerful, with the ability to simulate highly complex systems and interactions, quantum computers will yield monumental benefits to society, enabling significant advancements in the spheres of healthcare, AI, drug discovery, logistics, and much more. At the same time, the game-changing capabilities of quantum computers to quickly factor prime numbers and break the foundations of public key cryptography, will provide an easy avenue for criminals and other adversaries to steal data and exploit companies, governments and individuals. While no one can say for sure when a ‘cryptographically relevant’ quantum computer will come online, we know that with the billions being channelled into quantum computing research at the national level, it is simply a matter of months or years before a quantum computer with 4000 error-corrected qubits (the number required to factor RSA-2048) will come online.

To achieve quantum security today, a cryptographic system that works seamlessly with current computers and technology, yet protects against the quantum computing threat, is needed.

Store Now, Decrypt Later (SNDL) is a common cyber attack where a bad actor will harvest an encrypted data source with the expectation of being able to decrypt it in the future. Once decrypted, the data will then be distributed or sold on the dark web, compromising the confidentiality and integrity of digital assets and information. For sensitive data with a long shelf life – such as health records, bank account information, PII, and national security intelligence – it is important that such data is properly encrypted today. This will prevent it from being harvested today and rendered human-readable before its relevance runs out. By upgrading to quantum security today, this threat will be avoided, and sensitive data will remain protected in the future.

NIST has initiated a process to standardize post-quantum cryptographic algorithms.

In January 2022, President Biden signed into effect an executive order giving government agencies six months to identify and put in place a plan to upgrade systems to quantum resilient cybersecurity. It is now law, and highly regulated industries, especially those that contract with the government, will follow suit.