Governments are looking for ways to avert the quantum encryption apocalypse

The United States is heading toward a quantum computing future, but until it’s there, it’s unclear if all the investment and time spent preparing the nation’s cybersecurity will pay off.

The big picture: Experts have long feared that quantum computing could allow adversaries and foreign hackers to crack the otherwise unbreakable encryption standards that protect most online data, leaving everything from online payment systems to government secrets vulnerable.

• While a quantum computer isn’t expected until 2030 at the earliest, updating current encryption standards will take just as long, creating a high-stakes race filled with unanswered questions for national security officials. and cybersecurity.

As international scientists, scholars and policy makers attended the first-ever Quantum World Congress conference in Washington this week, alarmism around the future of secure data has been undermined by fundamental questions about what quantum computing will mean for the world.

• “We don’t even know what we don’t know about what quantum can do,” said Michael Redding, chief technology officer at Quantropi, during a panel on cryptography at the Quantum World Congress.

Catch up fast: While classical computers rely on a binary of ones and zeros to perform calculations, quantum computing exploits the principles of quantum physics – which holds that a particle can be in two places at once – to perform more complex calculations than a conventional computer could ever do.

• These calculations include breaking down the equations that underpin the encryption standards that protect most online data today.

Threat level: It is believed that some governments have already started stealing encrypted secrets from enemies now, so they can unlock them as soon as quantum computing becomes available.

• “This is the biggest national security economic issue we have ever faced as a Western society,” Denis Mandich, chief technology officer at Qrypt and former US intelligence official, told the conference this week. . “We don’t know what will happen if they really decipher, operationalize and monetize all the data they already have.”

Between the lines: It is difficult, if not impossible, to guarantee that the new post-quantum cybersecurity protocols that governments and researchers are developing will be able to push back the quantum: it is difficult to prepare for a technology that does not yet exist.

• Current research projects on how to modernize encryption are based on and building on information about how adversaries have broken current encryption algorithms in past attacks.

The plot: This does not prevent the United States from investing even more resources in the development and protection against quantum computing.

Yes, but: Much post-quantum encryption research is happening in parallel with quantum development projects, so researchers have a more informed understanding of what they might be protecting against.

• “The way to do things efficiently is to do things in parallel and have the different components talk to and guide each other,” David Awschalom, director of the Chicago Quantum Exchange and principal investigator at the National Laboratory for Science, told Axios. ‘Argonne.

And after: All eyes are on the Commerce Department’s National Institute of Standards and Technology as it prepares to release a second set of post-quantum encryption tools for security experts to test and analyze.

• Companies should also consider hiring quantum-specific security teams who can start modernizing their systems for a post-quantum world, Redding said.

Sign up for the Axios Cybersecurity Codebook newsletter here.