How to prepare for a secure post-quantum future

How quantum computing works

It's important to understand the science behind quantum technology. Classical computers rely on bits, which can represent either a one or a zero, analogous to an on/off switch. Meanwhile, the quantum bits (qubits) used in quantum computers exploit the principles of quantum mechanics to exist in a superposition state.

A qubit can be a one, zero or both simultaneously until measured. Qubits can also be entangled together at a quantum level, whereby the superposition of one depends on the other. This combination of superposition and entanglement enables quantum computers to explore a vast number of possibilities concurrently. Imagine solving a maze: A classical computer explores each path one by one, while a quantum computer could explore all paths simultaneously. This enables people to significantly accelerate solving for specific problems.

Quantum computers won't replace classical computing, however, as it can't make every computation faster. Still, where a suitable quantum algorithm can be written to solve a problem by exploiting qubits and entanglement, the increased speed can be revolutionary. Two such mathematical problems are factoring large primes and computing discrete logarithms, the difficulty of which forms the basis for our current generation of public key cryptography.

The creation of a cryptographically relevant quantum computer with sufficient power to run Shor's algorithm means both problems can be solved exponentially faster than on a classical computer and thus circumvent cryptographic controls.

With large-scale quantum computers potentially online by as early as 2030, the National Security Agency, Cybersecurity and Infrastructure Security Agency and NIST released a joint advisory in August 2023 that called for organizations to begin developing quantum-readiness roadmaps, conducting inventories, applying risk analysis assessments and engaging vendors to future-proof systems against quantum threats.

It underscored why early planning is necessary, highlighting how the lifecycles of most systems in operation today extend into quantum environments and how adversaries could target data with long secrecy lifetimes to carry out harvest now, decrypt later attacks.

How quantum computing impacts cryptography

During a panel discussion at the 2024 World Economic Forum, IBM leaders warned that quantum could create "a cybersecurity Armageddon" environment in the years to come. But is that doomsday narrative our actual reality? If we collectively choose to ignore the threat, then maybe.

But, if we take our heads out of the sand and perform some sensible steps, then probably not. After all, it will be a long time until the average advanced persistent threat group or ransomware operator has access to a quantum machine capable of doing anything of cryptographic relevance. Nation-state adversaries will be the first to leverage cryptographically relevant quantum computers over the next decade, and they're likely to keep that a secret for as long as possible to extend the operational life of such a powerful capability.

That doesn't diminish the importance of preparing your cyberdefenses for the post-quantum era -- especially if nation-states are a realistic part of your threat model. It's important to begin facilitating widespread shifts from classical algorithms to PQC designed to withstand quantum-powered attacks. NIST's first set of standardized PQC algorithms, initially announced in 2022, are slated to be finalized this year, and more are expected to follow. Adopting these algorithms across your security environment will be critical.

While migrating to full PQC is the ultimate end goal, getting there will encompass a long and complicated journey spanning a decade or more and involving several different stakeholders. It's a marathon, not a sprint. Facilitating PQC migration requires effective collaboration among government bodies, global software system developers and cybersecurity leaders to align industry standards and build unified lines of defense.

Those efforts are already underway, and organizations should also be initiating their own programs for the transition to quantum-resistant algorithms now. The sooner you start the journey, the easier it will be.

How to start your post-quantum journey

Preparing for the post-quantum era depends upon a firm commitment to conducting a comprehensive cryptographic inventory by scanning your organization's entire IT infrastructure and cloud services to identify all systems and applications that rely on cryptography. The assessment should include servers, databases, communication channels, email systems, VPNs and security tools.

Each identified system's specific cryptographic algorithms should be documented, ideally including details like key lengths, cipher schemes and implementation library. This provides a baseline for planning your PQC migration and comes in handy the next time a nonquantum cryptographic vulnerability emerges, such as the next Heartbleed.

Once you've conducted a detailed inventory, it's crucial to prioritize migration efforts because you can't do everything at once. Risk assessment becomes paramount. The potential impact of a successful quantum attack on each cryptographic application needs to be analyzed. This enables updates to be prioritized based on the sensitivity of the data they protect, the longevity of that sensitivity and the potential consequences of a breach.

Next comes the migration work itself. For cloud services or third-party software, you need to influence your vendors to adopt NIST-recommended post-quantum algorithms. For in-house applications, the remediation falls to your own development teams. This is a good opportunity not just to implement a stronger algorithm, but also consider if any aspects of the systems can be rearchitected or reengineered to deliver crypto-agility -- the ability to make any further future cryptographic changes a simpler process.

Migrating to PQC is a difficult task, so it makes sense to consider how you can reduce the number of systems needing migration in the first place. Update your procurement requirements to mandate that suppliers commit to adopting quantum-resistant cryptography within an appropriate time frame. This builds a strong commercial incentive for vendors to play a crucial role in the post-quantum journey. For vendors, post-quantum security should be seen as a product differentiator.

The role of quantum security expertise

As with any emerging technology, education and expertise play a key role in effectively navigating the security implications of the post-quantum era. Vendors are already claiming they have best-in-class products that offer a magic bullet for combating quantum-based threats. A solid understanding of post-quantum cryptography helps to determine which vendor's claims present value to an organization and which are expensive distractions. This is one of the reasons I transformed my own PQC learning journey last year into a short series on YouTube.

Skilled practitioners are a cornerstone of any effective security strategy. To navigate the post-quantum landscape, organizations need to identify or upskill individuals with expertise in quantum security principles who can facilitate collaboration with standards bodies, analyze potential quantum threats and help develop comprehensive quantum security roadmaps. Staying informed about advancements in post-quantum security standards is also crucial, as is the ability to communicate those advancements and roadmaps with nonsecurity and senior stakeholders.

Finally, adopting a zero-trust security mindset can contribute to post-quantum resilience. Layering defenses from the inside out under the assumption that a security breach will occur doesn't stop an adversary from bypassing cryptographic protections with a quantum computer, but it does help prevent one breach from leading to a catastrophic incident.

Andy Smith is principal security architect for BP, where he draws on his strengths and background in security architecture and engineering to focus on securing emerging technologies and developing security strategies for complex businesses.