Loading...

It's time for India to adopt quantum-safe cryptography

It's time for India to adopt quantum-safe cryptography
Loading...

Quantum computers are maturing quickly — perhaps even faster than we could have predicted just five years ago. We see quantum technology’s rapid pace of development as an important opportunity: We believe these machines are going to solve important problems in research and industry, which could revolutionize fields from materials and drug discovery, to finance and machine learning. But this rapid development also brings about an important consideration: The encryption schemes we use today to safeguard sensitive data — such as our financial and health records — could be made obsolete in a world where future quantum computers reach their full potential. 

As we work to bring about quantum-centric supercomputing, we’ll need to ensure that each facet of the computing workflow can protect future systems and data from the ‘harvest-now, hack-later’ that’s already happening. This is especially critical for governments, and highly regulated industries such as financial services, healthcare and telco. In fact, anyone responsible for securing data or digital infrastructure will need to take steps today to make themselves quantum safe. Waiting is just not an option. 

Why quantum-safe matters 

Loading...

According to IBM’s 2022 Cost of a Data Breach Report, 83% of organisations worldwide have experienced more than one data breach in their lifetime,. According to the same report, organizations in India on average reported 29,500 breaches (between March 2021-March 2022). Organizations in India, including both government and private institutions that hold sensitive data, need to immediately start implementing quantum-safe protocols.  

Governments across the world are concerned that bad actors are positioning themselves to take advantage of next-generation code-breaking tools. Attackers could be stealing and hoarding large tranches of encrypted data, unreadable with contemporary tools, with the intent to decrypt it once better quantum technology becomes available. Organizations may have already experienced breaches that they will not know about for many years, creating an uncertain security and liability environment. We may not know exactly when it will be possible to breach today’s encryption, but one thing is clear: any data that falls into the wrong hands before an organisation transitions to quantum-safe protocols should be considered already lost.  

Setting the standards 

Loading...

Organisations cannot afford to wait and it is already possible to start using secure cryptography. In July 2022, the U.S. Government’s Department of Commerce’s National Institute of Standards and Technology (NIST) announced four quantum-safe protocols as their “post-quantum cryptographic standards,” which they expect to finalize in the next couple years.  

While securing critical Indian data with quantum-safe cryptography will be important, there is also a huge opportunity here for Indian engineers and the IT industry. India’s IT industry received its biggest boost when the Y2K problem happened at the turn of the millennium. Companies around the world scrambled to fix the date change problem that could have potentially cripple industries, ranging from finance and airlines to mining on January 1, 2000. In many cases it required going through thousands and millions of lines of code to fix the bug. This needed trained programmers. And the Indian software industry seized the opportunity.  

Fixing the “YQK” problem — this time, the “Q” stands for “quantum,” — presents an even bigger opportunity for India. This is the time for decisive action from the Indian standards organisations, industry and government, to both address the challenge and to figure out ways in which the Indian IT industry can contribute and take advantage. 

Loading...

Don’t wait 

With so-called ‘quantum advantage’ on the horizon, business leaders should be preparing for how their industry could benefit. But they should also understand the risk of future fault-tolerant quantum computers on the horizon, and explore available solutions based on quantum-safe cryptography standards, such as the IBM hybrid cloud system z16, that will protect their data and classical systems.  

In conclusion, any computer system that will have to operate securely without major modifications over a period of years — the computer in your next car, or embedded in a satellite, for example — will need to be quantum secure well in advance of the threat. Can you afford to wait?

Loading...
Author

Amith Singhee and L.V. Subramaniam


Amith Singhee is Director, IBM Research India and L.V. Subramaniam is Senior Manager AI and IBM Quantum Ambassador at IBM Research India.


Sign up for Newsletter

Select your Newsletter frequency