News, news analysis, and commentary on the latest trends in cybersecurity technology.
Quantum Computing Advances in 2024 Put Security In Spotlight
The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?
December 27, 2024
The quest to create a useful quantum computer reached a significant milestone at the end of 2024 with Google's announcement of its Willow chip. The chip promises reduced noise and fewer errors as the number of qubits grows — a necessary step to advance toward advanced quantum computing. Despite some debate on when these systems will actually become available, experts still advise making plans and migrating to post-quantum technologies.
The shift from today's technology, where adding more qubits adds more noise, to a future where increasing the number of qubits exponentially reduces the amount of noise — an achievement known as "threshold scalability" — conquers a major impediment to quantum computers. Creating a 1,000-qubit quantum computer requires foundational advancements beyond today's noisy intermediate-scale quantum (NISQ) computers to create reliable logical qubits that can be used in easily scaled architectures.
The Google announcement marks "a significant leap forward," says Karl Holmqvist, founder and CEO at Lastwall, an identity services provider focused on quantum resilience.
"Companies should be starting to get concerned about a usable quantum computer now," Holmqvist says. "This is not because there is proof of a cryptographically relevant quantum computer yet. It is because there are active campaigns that are currently taking place to capture encrypted data and store it until there is a system that can break our asymmetric encryption."
The threat posed by quantum computers seems to be becoming more real every day. In addition to Google's Willow chip announcement, Microsoft announced in November that it had reached a 24-qubit milestone with Atom Computing using lasers, while Japanese researchers from the Riken Quantum Computer Research Center announced a "general-purpose" optical quantum computer.
The future implications could be dire. The Hudson Institute, a free-market think tank, warns that quantum computers pose a systemic cyber-risk to financial systems; it published two papers describing risks of disruption to the US financial system and cryptocurrencies.
Less Than a Decade Away?
Quantum computing is one of those technologies that many have perennially predicted is only a decade away. Currently, the median estimate among experts is that within 15 years, a quantum computer will be able to break RSA-2048 in 24 hours, according to the "Quantum Threat Timeline Report 2024."
The middle-of-the-road estimate of when quantum computers will pose an encryption threat is less than 15 years. Source: Global Risk Institute
While many experts see the possibility of a useful quantum computer in less than a decade — based on three key areas: hardware progression, error correction, and algorithm development — useful quantum computers still have a long way to go before they become possible. For example, while Google's work on Willow is a major step toward making error correction — mainly a theoretical field before this decade — more achievable in larger quantum computing chips, achieving this step is just the second milestone out of six listed on its quantum computer road map.
In addition, gauging the risk is difficult, with terms such as "threshold scalability" and "quantum supercomputers" muddying the waters, says Rebecca Krauthamer, co-founder and CEO of QuSecure.
"There's so much complicated vocabulary when it comes to quantum, the thing that people need to look out for is when they start seeing quantum computers beginning to solve problems that they recognize," Krauthamer says. "So whether it's improved battery technology, or route optimization for self-driving cars, or optimized portfolio management, or breaking encryption — that's the time everybody should have already migrated to post-quantum technologies, and not just post-quantum but crypto-agile management of cryptography."
Yet the lack of significant benefits for the private sector could put a damper on development. The Boston Consulting Group, for example, points out that quantum computing programs have had difficulty converting effort into value.
"Quantum computing today provides no tangible advantage over classical computing in either commercial or scientific applications," BCG stated in a July analysis. "Though experts agree that there are clear scientific and commercial problems for which quantum solutions will one day far surpass the classical alternative, the newer technology has yet to demonstrate this advantage at scale."
Experts Still Urge Preparation
In addition, the point at which nation-states could use quantum computers to break encryption could be sooner, increasing the risk for some industries. Quantinuum, for example, accelerated its road map for fully fault-tolerant quantum computing to 2030 and warns that quantum secure solutions will likely be necessary before 2035.
"Given where we stand today, the need to complete migration to PQC [post-quantum computing] to effectively protect sensitive data needs to be prioritized," says Duncan Jones, head of cybersecurity for Quantinuum.
Quantinuum expects incremental advances in the next few years. That includes improvements in error correction and qubit scaling, continued research into applications such as quantum decryption, and, as a result, greater adoption of PQC technologies, such as post-quantum encryption, quantum key distribution, and quantum random number generation (QRNG), says the company's Jones.
"Organizations implementing quantum-safe strategies today should focus on PQC migration while ensuring their cryptographic foundations are as strong as possible through the use of QRNGs," he says. "This approach provides immediate security benefits while preparing for future quantum-safe technologies."
Google acknowledges that while its error correction breakthrough is significant, there is a difference between theory and practice.
"We still have a long way to go before we reach our goal of building a large-scale, fault-tolerant quantum computer," two members of the Google Quantum AI team stated in a blog post. "The engineering challenge ahead of us is immense."
About the Author
You May Also Like