BRUSSELS — The European Union wants to speed up quantum computing, but cybersecurity officials warn that it comes with a gargantuan risk: an impending quantum security doomsday.
The European Commission on Wednesday warned that Europe has fallen behind the United States and China in rolling out the technology, in a new quantum strategy aimed at drawing investment and turning the bloc’s know-how into an economic advantage.
Quantum computing is seen as the next frontier in technology. Its capabilities surpass those of existing supercomputers, enabling it to solve problems in areas ranging from drug discovery to battery technology, as well as communications and navigation tech for defense and space.
However, it also presents a big problem for cybersecurity.
Modern-day digital communications, internet traffic and data collections are secured using a system called public key cryptography, which relies on complex mathematics that regular computers can’t solve. But quantum computers — which are many times more powerful than today’s computers — could crack those codes easily, experts have warned.
“Everything breaks,” said Nigel Smart, a professor with the computer security and industrial cryptography department at KU Leuven, a Belgian university. “Your phone, the internet, everything breaks. Not break as in doesn’t work, breaks as in, it’s not secure.”
Once quantum computers reach the inflection point, it would effectively mean that most of today’s data zooming around on internet wires would be readable to anyone tapping in.
A particularly eerie problem is what’s known as “store now, decrypt later,” where threat actors — notably intelligence agencies — take data that’s encrypted with public key cryptography, retain it and then unlock it once quantum computing technology is sufficiently advanced.
The challenge for European countries will be to defend themselves against these emerging threats — or else fall prey to foreign spooks, cyber crooks and hackers.
The European Union warned in its quantum strategy on Wednesday that the bloc is at risk of seeing promising homegrown quantum tech firms falling into the hands of foreign players.
Europe is the global leader in the number of scientific publications on the technology, but private investment has mostly gone elsewhere: Europe attracts only 5 percent of global private quantum funding, compared to over 50 percent by the U.S. and 40 percent by China, according to the EU’s calculations.
The details of the strategy were first reported by POLITICO.
2030 deadline
In parallel with the Commission’s grand plan to speed up on quantum, European authorities have been developing guidelines to mitigate the risks of encryption being broken.
Cybersecurity authorities released a roadmap last month to transition to post-quantum cryptography, a type of algorithm that could resist quantum computers. It suggested that EU countries protect critical infrastructure with post-quantum cybersecurity by the end of 2030 — a deadline first reported by POLITICO.
The dates proposed by European cyber officials roughly aligned with those put forward by the United States, the United Kingdom and Australia.
U.S. tech giant IBM, a frontrunner in quantum tech, recently announced it expects to have the first workable quantum computer by 2029. That underlines the urgency of securing critical data.
“The fact that we have this roadmap now and that all of the EU member states agreed on this … I think this is really a big step,” said Stephan Ehlen, a cryptography expert at the German cybersecurity agency and one of the authors of the roadmap.
But making a plan is just the start.
“This is not only about these algorithms, it’s a huge migration problem … It affects billions and billions of systems,” said Bart Preneel, a cryptographer also from KU Leuven. “It’s a very complex problem that you cannot solve in a few A4s.”
It’s also a problem that hits home with national governments and their security and intelligence services. Several European governments have imposed export restrictions on quantum technology; the real concern for governments is whether their own communications are affected, and whether “everything they’re doing can be exposed,” Preneel said.
Some experts have downplayed a doomsday scenario for quantum, arguing that even if computers are developed that can break modern encryption, it still requires a significant amount of work and money to do so.
The EU has no excuse not to push on, said Manfred Lochter, another official at the German cyber agency. “If you don’t have access to quantum technologies, then you’re lost.”
The post Quantum tech is coming — and with it a risk of cyber doomsday appeared first on Politico.
