Google's Willow chip poses no immediate risk, but time to build quantum resilience

Google recently unveiled a quantum computing chip called Willow. In the works for a decade, Willow achieves two major goals, which have given it a distinctive edge above existing solutions. 

First, Willow can reduce errors as the number of qubits increases. Qubit is a basic unit of information in quantum computing; equivalent to a bit in the case of classical computers. With this, Willow is demonstrated to crack a 30-year-old challenge in quantum error correction.

Secondly, Google showed that the chip was able to perform a standard benchmark computation in under five minutes. The same computation would take one of today’s fastest supercomputers 10 septillion (10^25) years — a number that vastly exceeds the age of the Universe.

Though still in the experimental stage, the emergence of such a powerful quantum solutions has raised questions about its potential impact on the cybersecurity and its ability to break modern encryption, undermining critical infrastructure and networks.

It may be noted that Google has denied Willow chip’s capability to break modern cryptography. Speaking to a news website, Google Quantum AI director and COO Charina Chou said that while the company claims it can solve a computing challenge in record time, Google has only produced 105 physical qubits worth of that computing power and it would need millions to crack the codes.

In Willow chip’s context, there is a mention of Shor’s algorithm which refers to future quantum computing computers’ ability to factor large numbers quickly, resulting in risk to online security protocols. Speaking to TechCircle, Shantanav Chakraborty, faculty at Center for Quantum Science and Technology at IIIT Hyderabad, said that Shor’s algorithm requires an enormous number of qubits to perform meaningful computations at a scale where it could threaten RSA encryption, a widely used cryptography technique today.

“Currently, we are far from achieving the number of logical qubits needed for such a feat. So, it’s safe to say that we are not close to reaching that stage. Additionally, there are post-quantum cryptographic schemes designed to protect against potential quantum attacks. It’s possible that classical computers, equipped with these post-quantum schemes, could offer robust protection against future quantum threats,” he said. 

Despite these reassurances, the advent of powerful quantum computers like Willow underscores the urgency for transitioning to post-quantum cryptography. This transition is essential to safeguard sensitive information against future quantum threats. The National Institute of Standards and Technology (NIST) released finalised algorithms in 2024 to guide the development of quantum-safe cryptographic standards.

Quoting US’ preparedness in quantum safe encryption, Ajai Chowdhry, Chairman of the Mission Governing Board for the National Quantum Mission (NQM) in an earlier interaction with TechCircle called for stricter protocols. 

“We must start working to make India quantum secure in the next two to three years,” he said. “BFSI (banking, financial services and insurance) being a critical sector, banks and the RBI (Reserve Bank of India) must take a leadership position here, followed by securing electric grids and defense establishments.”

Even before Willow, experts have believed that quantum computers could dent existing systems of encryption. “Quantum computers can break encryption methods at an alarming speed, rendering ineffective encryption tools that are widely used today to protect everything from banking and retail transactions to business data, documents, email and more,” a KPMG report stated. The report also quoted KPMG’s own study, which found that many businesses it surveyed are extremely concerned about quantum computing’s potential to break through their data encryption.

While echoing general consensus about current quantum techniques to be inadequate to pose serious threats, Devroop Dhar, co-founder of consulting firm Primus Partners said that organisations can take two main steps to ensure security borders are more secure.

“First, ensure that their current systems are robust and free from vulnerabilities, safeguarding against present-day threats. Second, while quantum threats are still some time away and won’t emerge overnight, companies must proactively work toward making their systems quantum-resilient."

"This can be achieved by adopting quantum-resilient encryption methods, such as integrating advanced cryptographic algorithms into the code, and implementing quantum-resilient authentication techniques," he added.