Pete Ford: Backward-Compatible Post-Quantum Communications
Q-Day will arrive when a quantum computer can decipher the asymmetric encryption protecting our vital systems.
Our current encryption standards protect our bank accounts, financial markets, and most of our infrastructure, not to mention the logistics/supply-chain management system in the US Defense Department. But what happens when quantum computers can decipher the current asymmetric encryption protecting our vital systems? “Quantum-Day,” or Q-Day, may happen sooner than scientists predict, and it will act as a “dirty bomb” on information architecture.For standard encryption, Q-Day will occur when a 4,099 coherent qubit machine can complete the nonpolynomial hard factoring on which today’s encryption relies. A quantum computer of this magnitude is not available yet, so the world’s encrypted data is relatively safe. However, a global race is underway to get there.
Most computing experts agree our world is already in the “Quantum Decade,” during which governments, businesses, and entrepreneurs will gain value from quantum advances. The opportunities are dizzying as tech companies race to bring quantum computing to commercial products. In late 2021, IBM trumpeted its plan to complete a 1,000-qubit computer by 2023. Numerous others have made subsequent announcements about even larger quantum processors.
These advances push for quantum advantage, meaning the time when a quantum computer exceeds the computing power of today’s supercomputers. However, as computer scientists acknowledge, most projects are closer to quantum practicality. Quantum practicality (sometimes called quantum utility) is when a quantum machine can outperform traditional computers of comparable power under similar conditions. Regardless of what this Quantum Decade brings, it will force changes to exist systems and break several stable information paradigms that lack resilience.
Because of this, the United States — and indeed, every nation — needs backward-compatible quantum resilience now. The US Defense Department awards contractors who develop or maintain backward system hardware and software interfaces compatibility. These contracts bring new capabilities to older systems or remedy is known limitations for legacy systems (for example, hardening them for continued use). Any post-quantum communication solution that isn’t profoundly backward compatible cannot scale in deployment quickly enough and will leave the US vulnerable on Q-Day.
Legacy Systems Open up Vulnerabilities
With this requirement in mind, it’s worth asking how we’re doing. Is the US ready for Q-Day? Can we get there from here? The most straightforward answer comes from following the money. Since 1990, each US government executive branch department has been required to produce an annual financial statement. For the Defense Department, the details of its most recent audit point to these new systems and legacy systems being material weaknesses, although the audit does not mention which systems those are. This is mainly because we rush to advocate for innovation but pay for it slowly and reluctantly.
The financial and time cost of updating old software is significant in both the commercial and government worlds. For the US Government, these obligated stable (sunk) prices are lagging each fiscal year, according to the audit agency; they are inadequately funded and falling further behind the innovation curve. This is a big drawback for warfighters. The top two were legacy systems and configuration management of the 28 material weaknesses identified in the “The fiscal Year 2021 DoD Agency Financial Report” (up from 26 in the prior year’s report).
Senior Vice President of Federal Operations, QuSecure
#technology, #cybersecurity, #cyberdefense #ciso, #quantumcomputing, #cyberattacks, #quantum, #cto, #cisos, #technologynews, #quantumtechnology, #quantumphysics, #cybersecuritythreats, #ctos, #quantumtechnologies, #cyberresiliency, #quantumtech, #quantumsecurity, #quantumcommunication, #quantumsoftware, #quantumiscoming