The Critical effects of Quantum Computing to our Cybersecurity

Quantum computing has been categorised as one of the most promising areas of theoretical computer science and advanced physics over the last few years. Previous empirical research has explored the utility of quantum power to combat cyber-attacks. The main idea of a quantum mechanism is the ability to solve problems in physics, mathematics and cryptography, in a time consistent manner, that are considered quite complex to classical machines to do so (Knill, 2010). It is stated that the theory and experimental research have been introduced in early 1959 when Freyman (1982) firstly noticed that classical machines weren’t efficient enough to perform quantum mechanical effects (Rieffel and Polak, 2000). After years of speculation and research, the first polynomial time quantum algorithm was developed by Shor (1997) and quantum machines have finally obtained its relevance in the field (Rieffel and Polak, 2000). The algorithm invited by Shor was the ground breaker of quantum physics blending with computer science. According to the mathematics behind Shor’s algorithm (1997), a random guess (N) is produced by the computer, attempting to find or even match similarity of factors of N to crack the encryption. For any pair of numbers that do not share a factor, if multiplying by itself enough times and adding or subtracting 1 to it, it can lead to a whole number that could have some share factors with the number previously attempted (N). It is believed that Shor had composed the algorithm bearing in mind that high-speed computation was needed to execute to its full capacity. Quantum computation can perform such algorithm unbelievably fast due to its quantum principles and therefore, if maliciously operated, cybersecurity experts are considering it to be a catastrophic level-threat to the cyberspace.

Despite to its potential exploitation, the development of quantum computers can lead to major advances in distinct fields such as medicine, artificial intelligence, machine learning and more critically, cyber security. As a result of this, many countries all around the world have launched national quantum technologies programs, in a billion scale, including but not limited to Australia, Canada, China, Japan, Netherlands, Russia, Singapore, U.K. and U.S (Wallden & Kashefi, 2019). Further, in many of those countries mentioned, large enterprises such as IBM, Intel and Google have implemented their own quantum computer systems and quantum microchips as part of their research (Keplinger, 2017). Currently, there are many engineering challenges when building theses machines. Firstly, qubits must be prevented from decoding rashly and this is one of the reasons why quantum scientists must mitigate the qubit’s interaction with the external world. This is then accomplished by literally cooling down the qubits to a low state to avoid thermal noise and other miscalculations. It is also worth to mention the five categories that compounds the hardware of one of these machines which include photon, atom trap, nuclear magnetic resonance (NMR), quantum dot, and superconductor-based designs (Walker, 2017). While quantum computing promises to improve security by systematising some aspects of defense, severe caution is necessary for the deployment and use of these systems. To support this statement, society nowadays still have been witnessing cyber-attacks compromising data assets, involving denial of service and computer fraud, regardless of the countermeasures applied in one’s cyber defense strategy. It is more than clear that large enterprises and even small businesses fear a data breach attack to avoid a business disruption.

Classical computing highly differs to quantum machines in terms of processing power. Quantum information is first processed and manipulated making the use of quantum qubits whereas classical computing uses bits and decisions are limited to 0’s or 1’s. A qubit is defined as a quantum system that possess two distinct configurations corresponding to the bit values 0 and 1. (Knill, 2010). However, its difference remains in the ability to perform the superposition principle. The qubit’s condition can vary to any possible combination of the two manipulated values, at the same time, making its processing power 2n times faster than classical computing (Keplinger, 2017) The outcome of superposition is represented by a richer and broader algorithm to solve a particular problem. Such algorithm could, in relevance to cyber security and machine learning, provide an elegant solution to unencrypt anything as well as facilitate password cracking in the least amount of time. Theoretically, this could be achieved by making use of qubits in superposition that run numerous times, and with those random results, appropriate statistical evaluation is necessary in order to be decreased to a single value (Keplinger, 2017).

Based on this possibility, the science of safe exploiting quantum mechanical assets to perform cryptographic tasks is classified as quantum cryptography. Firstly, cryptography is established to maintain confidentiality and integrity in the communication between two or more parties. It is designed due to the fact that a system can never be completely secure and proper cyber security attempts to mitigate all possible risks and therefore reducing the likelihood of a threat from occurring. Based on this statement, encryption itself is not a guarantee of protection; but rather a method of reducing the likelihood of exposing sensitive data. A secure example of quantum cryptography is quantum key distribution, which is carried out by the entanglement principle, performing it as a resource for unlocking the power of quantum communication between different parties. The communication is then established by a shared key, equipped with verification procedures against man-in-the-middle and eavesdropping attacks (Vlachou, Krawec, Mateus & Paunković, 2018). Quantum secret sharing protocols allow detecting such attacks and luckily do not require data encryption. This is classified as a step ahead over classical sharing. Likewise, the quantum stream cipher and quantum digital signatures also provide a higher security level than classical schemes (Korchenko, Vasiliu & Gnatyuk, 2010). Besides, quantum digital signature is also considered much more secure as it uses the quantum one-way function. The communication via quantum mechanisms is accomplished by a secret key encoded by blocks of qubits, which is sent via a qubit channel. (Korchenko, Vasiliu & Gnatyuk, 2010). However, since it is still under development, there are some drawbacks. For instance, researches acknowledged that storing such blocks of qubits will require mechanisms to have a large amount of quantum memory.

Linking back to a cyber-security perspective, quantum microchips are already possibly being explored by sophisticated hacktivists and black hats. Perhaps it is time to large cyber organizations start investing on the countermeasures to be ready to combat a quantum-crime, which capability could be but not limited to crack hashes in a very short time (Keplinger, 2017). Prime factoring mathematical problems are the foundation of RSA encryption and are solely intended to be extraordinarily challenging to the human brain to solve. Nevertheless, as mentioned previously, quantum power has extended its ability to solve such problems by making use of the Shor’s algorithm (1997). Despite the possible threats of RSA exposure, quantum systems could also potentially threat VPN services as encrypted traffic, packages and files are vulnerable to a quantum decryptor, if maliciously used by an attacker (Keplinger, 2017). Therefore, it is arguable that a quantum machine could generate an extensive set of vulnerabilities to security mechanisms, additionally, since cyber-attacks are carried out by using the same technological infrastructure, if, in a near future, quantum computers are available to society, this could lead to a serious threat to national and global security as encrypted secrets from countries, large enterprises or financial systems may be in high risk to be exploited (Herman, 2019). As of this moment, classical computers do have full control of banking systems as well as aircrafts and nuclear reactors, which automation is measured on the level of IT security (Korchenko, Vasiliu, & Gnatyuk 2010). However,  there are some countermeasures that may be beneficial to cryptanalysts and security experts to prevent future attacks from happening. According to Musca’s research (2016) the term “quantum safe” cryptography involves protocols that resists developing quantum attacks and its main function is to operate on conventional information and communication technologies. Hence it consists in additional quantum cryptography protocols that are resistant to mathematical cryptanalysis related attacks. Nevertheless, it  requires access to a quantum communication channel such as optical fibre or perhaps an open communication. Notably, the fully description and comprehension of this cryptographic tool would also be highly beneficial to implement protection against other new possible threats coming from the quantum field.

According to Arslan et al (2018) literature, quantum computers provide both positive and negative effects in regard to security mechanisms. Initially, in relation to cryptocurrency, the public key that encrypts data is not secure and it is being used in internet protocols such as SSL and SSH (Arslan et al, 2018). Further, the authors argue that quantum computers may have the ability to create reliable cryptocurrency systems and design proper protocols infrastructure to work along quantum power. As attackers and computer systems are continuously evolving in both hardware and software, the correlation between the growing computational model such as quantum technology and cyber security should be carefully examined. Quantum cybersecurity is therefore defined as the “field that studies all aspects affecting the security and privacy of communications and computations caused by the development of quantum technologies” (Wallden & Kashefi, 2019). Quantum technologies are not meant to be seen as a resource for malicious hackers; though it could serve them well if availability is granted. Rather, security experts must implement the technology to discover new possible vulnerabilities and then mitigate them. Wallden and Kashefi (2019) have conducted an empirical research based on a simulation in which they focus on the possible effects that quantum technologies have for cryptographic attacks and other attacks that exploit vulnerabilities of the new quantum hardware. Their results imply that quantum computers may become an eminent threat for cyber security and cryptosystems. The authors have concluded that dealing with this threat is crucial in a timely manner. Such condition can be achieved by fully securing classical protocols against quantum-technology-equipped adversaries (Wallden & Kashefi, 2019). Finally, quantum mechanisms may also highly benefit cyber security methods. Quantum devices will be able to maximise security by achieving certain tasks such as the extension of cryptography. The authors suggested that since quantum mechanisms will soon play a vital role of our future network, new methods must be implemented with the use of quantum machines to be ahead of malicious adversaries. As the advance in the quantum field progresses, hackers are also planning ahead. Research conducted by Musca (2018) suggests that malicious adversaries are currently conducting attacks with the sole intention of steal encrypted data, and cautiously waiting for quantum gadgets to be available for them, and therefore that stored data will unencrypt keys in a manner of seconds. In order to avoid a possible quantum disruption in a near future, large corporations owning quantum machines should invest in proper cyber security defenses to address this possible threat of a global magnitude. Identifying potential risks associated with the advance of quantum cryptography is fundamental to create efficient countermeasures. Quantum cryptography could have a negative impact on products, services and business functions that usually rely on security protocols. Areas such as cloud computing or services such as secure web browsing; TLS/SSL, Security emails, PKI certificates and many more. Plus, with the presence of quantum computers fully functioning in a near future, we can expect public key cryptographies such as DSA, ECDH and DH no longer secure. Further complications may have an impact on hash functions such as SHA-128 and SHA-3 requiring longer outputs. Lastly, quantum technology may also appose as a threat to big data. More specifically, quantum crypto-currency is a trending-term that is soon predicted to cause disruption to the blockchain methods of this era.

In conclusion, quantum research and development has proved to be promising and highly beneficial to society in the next following years. Hence, cyber security must be implemented in every stage of the development of such technology; whether quantum power falls into the wrong hands or not, quantum scientists must be aware of its magnitude and therefore implement a highly protected research environment, in order to mitigate risks of exposure. Additionally, throughout its research, cyber security experts must work together along quantum cryptanalysts to develop efficient countermeasures to combat a possible quantum threat in a near future.