NEW YORK — The race to protect the world’s digital infrastructure from quantum computing threats is accelerating, as researchers and technology companies warn that so-called “Q-Day” — the point at which quantum computers can break current encryption standards — may arrive sooner than previously expected, according to a report,
CNN reported that experts have warned about the potential risks posed by quantum computing since the 1990s, but new estimates from Google suggest quantum computers could crack some encrypted systems by 2029, shortening the timeline many cybersecurity specialists had anticipated. The revised estimate has increased pressure on governments, financial institutions and technology companies to transition toward post-quantum security standards.
“It’s the day when people, perhaps adversaries, will have access to a quantum computer that can break cryptographic codes that are in use,” Michele Mosca, cofounder and CEO of cybersecurity company evolutionQ, told CNN. Mosca has coauthored the Quantum Threat Timeline Report, published by the Global Risk Institute in Toronto, since 2019.
As CU Daily readers read here earlier, two people with PenFed Credit Union earlier warned credit unions to be aware of the risks from quantum computing. And in part one of this two-part series, Nvidia announced what it called the first open-source family of quantum AI models aimed at accelerating the development of practical quantum computing systems.
The ‘Moment’
As CNN explained, Q-Day would mark the moment when quantum computers become capable of rapidly breaking encryption algorithms used to secure financial transactions, medical records, emails, location histories and cryptocurrency wallets. Mosca warned that adversaries may already be conducting so-called “harvest now, decrypt later” operations, in which encrypted information is stolen and stored until quantum technology advances enough to decode it.
“At that game-changing turning point, ‘everything’s safe — safe, safe — and then suddenly it’s not safe. It’s a very drastic jump,’” Mosca told CNN.
Mosca, who also serves as a professor at the Institute for Quantum Computing at the University of Waterloo, coauthored the Quantum Threat Timeline Report published by the Global Risk Institute in Toronto. CNN reported the latest edition of the report, released March 9, concluded that a cryptographically relevant quantum computer was “quite possible” within 10 years and “likely” within 15 years, based on input from 26 experts.
“Many organizations may be unaware that they are currently exposed to an intolerable level of risk that requires urgent action,” the report authors wrote, according to CNN.
Caution from Google
CNN reported that Google said in a March 25 blog post that it is targeting 2029 “to secure the quantum era” using post-quantum cryptography, while cloud computing company Cloudflare has announced a similar timeline.
The report explained that modern internet security relies heavily on cryptographic systems such as RSA encryption, which depends on the mathematical difficulty of factoring extremely large numbers. Quantum computers, however, process information differently by using “qubits,” which can simultaneously represent multiple states through a principle known as superposition.
CNN also reported that one of the biggest technical hurdles facing quantum computing developers is improving the stability of qubits, which typically require ultra-cold, high-vacuum environments to function without excessive errors.
A New Discovery
According to CNN, researchers from Google, the University of California Berkeley, Stanford University and the Ethereum Foundation recently published research suggesting future quantum computers may require far fewer qubits than previously believed to break elliptic curve cryptography, or ECC, which secures many cryptocurrencies and blockchain technologies.
Google said the research identified an approximately 20-fold reduction in the number of physical qubits needed to solve the mathematical problems underlying ECC encryption, according to CNN.
The research has not yet been peer-reviewed, but Catherine Mulligan, a research fellow at Imperial College London, described it to CNN as a “warning shot,” particularly for the cryptocurrency sector, where decentralized governance can complicate security upgrades.
Government Standards
CNN noted that governments including the United States and the United Kingdom have already begun publishing standards for post-quantum cryptography, while some organizations are also exploring quantum key cryptography, which secures communications through the laws of physics rather than mathematical complexity alone.
