Referring to Q-Day, the day when quantum computers are powerful enough to break our current encryption, Arthur Herman, senior fellow at the Hudson Institute, once wrote the following: “Q-Day is the term some experts use to describe when large-scale quantum computers are able to factorize the large prime numbers that underlie our public encryption systems…” Ironically, the phrase “Q-Day” was also used for the testing of the first atom bomb in 1945.
Today, most of the world s digital communications rely on standardized encryption to protect against classical (the computers we currently use today) computing attacks. This encryption, sometimes referred to as public-key encryption, PKI (Public Key Infrastructure), RSA (Rivest Shamir Adleman) or ECC (Elliptic Curve Cryptography), is based on a single transaction of factoring a large number. This mathematical equation is all that stands between our data and our adversaries. For example, the numbers three and five multiply into the number fifteen and thus they are the factors. Factoring refers to being able to find two numbers that multiply into a much larger number. With large numbers it is a difficult and largely impossible task for classical computers to figure out; for example, 14,378,234 has factors of 806 × 17839. So far, all public-key encryption schemes have done an adequate job of protecting our data and communications, and we have also been able to increase the size of the numbers to be factored (also known as the key sizes) to stay ahead of the curve.
However, quantum computers are good at factoring large numbers. Quantum computers operate by using subatomic properties such as superposition, entanglement, and interference which enable a quantum computer to scale very rapidly, at an exponential rate. As a result, quantum computers have the power to crack encryption and solve the factoring problem. The fact is that we know mathematically from Peter Shor’s algorithm that quantum computers will absolutely break our current encryption unless we upgrade. What does that mean for the United States?
How Can Q-Day Happen?
When a sufficiently powerful quantum computer comes online (these can be referred to as cryptographically relevant quantum computers or CRQCs), whoever has access to such a computer will be able to decrypt any previously encrypted data. As an example, if an attacker has stolen and locally stored encrypted military secrets on their local servers—a practice referred to as steal now, decrypt later (or SNDL) that we know is happening today—and these secrets are protected only by public-key encryption using the factoring that we discussed above, they will be decrypted by a CRQC. That attacker will now be able to decrypt all of that stored data and make use of it for whatever purposes they choose. Additionally, the same attacker could use that CRQC to attack communications that are currently occurring over the internet via the airwaves. The same powerful CRQC could be used to eavesdrop or steal data from radio transmissions, fiber transmissions, or any other communications that are using PKI. So, if that attacker has listening devices in a variety of geographic areas or regions, they could effectively unlock any data in transit moving over those communications lines.
When Will Q-Day Happen?
No one knows the exact date when Q-Day will happen. Some are predicting it will be around 2030, some say it will never happen, and others are estimating that we could have a CRQC in two to three years. We know that nation-states are investing billions of dollars in quantum computing, and it is estimated that China is spending upwards of $15 billion to build a quantum computer just to crack PKI. This effort utilizing over 1,000 programmers and scientists is formidable and should not be underestimated.
Our own government has been concerned and is now acting to mitigate the threat and consequences of a CRQC. The National Institute of Standards and Technology (NIST) has been studying and finalizing quantum-resistant algorithms. Recently the White House issued a “Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems” which mandates that “Within 180 days of the date of this memorandum (Jan. 19, 2022), agencies shall identify any instances of encryption not in compliance with NSA-approved Quantum Resistant Algorithms…” Additionally, the United States Innovation and Competition Act of 2021 allocates over $12 billion, and contains specific language and funding for “quantum cryptography and post-quantum classical cryptography.”
Do not be fooled by what you see in the news or in public-facing articles. You can be sure that a nation-state attacker is not going to announce that they have a CRQC capable of dissolving PKI. Their incentive is to stay underground, harvesting as much data as they can before anyone notices.
Possible Q-Day Scenarios
So, what could happen if a U.S. adversary fully utilized a powerful quantum computer? We could see massive amounts of data being stolen and decrypted, financial system collapses, energy grid hacks, and even control over major military systems. The fact is that we are all leaving ever-increasing digital footprints and every company and government agency on this planet utilizes increasing amounts of digital capabilities and assets. Everything we do has a digital trace, and all data is now flowing and openly accessible though current standard encryption. Imagine if all that data was available to whoever had access to a CRQC? The power they would have would be so great that it is hard to imagine the damage that would be done and the global power that would be held.
Arthur Herman (mentioned above) conducted two formidable studies on what a single, successful quantum computing attack would do to both our banking systems and a major cryptocurrency. A single attack on the banking system by a quantum computer would take down Fedwire and cause $2 trillion of damage in a very short period of time. A similar attack on a cryptocurrency like bitcoin would cause a 90 percent drop in price and would start a three-year recession in the United States. Both studies were backed up by econometric models using over 18,000 data points to predict these cascading failures.
Another disastrous effect could be that an attacker with a CRQC could take control of any systems that rely on standard PKI. So, by hacking communications, they would be able to disrupt data flows so that the attacker could take control of a device, crashing it into the ground or even using it against an enemy. Think of the number of autonomous vehicles that we are using both from a civilian and military standpoint. Any autonomous devices such as passenger cars, military drones, ships, planes, and robots could be hacked by a CRQC and shut down or controlled to perform activities not originally intended by the current users or owners.
In their fictional book 2034: A Novel of the Next World War, Admiral James Stavridis and Elliot Ackerman portray a scenario where China can hack into U.S. military systems and shut down the global positioning system, weapon systems, and communications. This renders the U.S. military helpless and Chinese submarines simply destroy the U.S. Navy’s entire fleet in the South China Sea with uncontested torpedoes. In the book, all the U.S. military’s assets cannot communicate, and we are sitting ducks allowing China to create some significant destruction in the mainland United States. While not specifically mentioning a CRQC as the tool of destruction, it is completely within reason to think that a quantum computer powerful enough to crack all encryption and communications would be able to create this scenario.
Preparation Starts Now
So, with the above near-term threat, what can we do now to protect ourselves against such disasters?
First, I recommend that leadership, whether government, commercial or other, begin to look at existing cryptographic systems to understand where digital vulnerabilities exist. In many cases with large enterprises and government agencies, the cryptographic upgrade process from PKI to post-quantum cryptography (PQC) to protect systems could take years. PQC refers to the implementation of software-based cryptography and systems that are resistant to quantum attacks. Even with CRQCs, both communications and data would be resilient to quantum attacks since they use much more complex algorithms and systems than our standard PKI, which uses factoring. This move from PKI to PQC will be the largest upgrade cycle in computer history, and all public-key encryption needs to change to provide a completely quantum resilient ecosystem. Data in transit and at rest, and all devices will need to upgrade to PQC, which will reduce or mitigate the ability for quantum computers to crack encryption. Enterprise and government agencies can start now by testing PQC to understand how it works in their environments. Companies today provide PQC that can be tested in an enterprise or via the cloud. It is vital that all company leaders start the process of understanding how to move to a PQC world—the future of U.S. national security depends on it.
Skip Sanzeri has been an entrepreneur since 1986 and currently is the Founder, Board Chair, CRO and COO at QuSecure, a top post-quantum cyber-security company using post-quantum cryptography and quantum key distribution to help secure the US military, government and commercial businesses. Founder and Board Chair Quantum Thought a leading venture studio focused on quantum computing applications and is also the Founder and Partner at Multiverse Capital. Skip is a co-author of “Quantum Design Sprint: A Workbook for Designing a Quantum Computing Application and Disruptive Business Model.”