US and China race to shield secrets from quantum computers

US and China race to shield secrets from quantum computers

In February, a Canadian cybersecurity firm delivered an ominous forecast to the U.S. Department of Defense. America’s secrets – actually, everybody’s secrets – are now at risk of exposure, warned the team from Quantum Defen5e (QD5).

QD5’s executive vice president, Tilo Kunz, told officials from the Defense Information Systems Agency that possibly as soon as 2025, the world would arrive at what has been dubbed “Q-day,” the day when quantum computers make current encryption methods useless. Machines vastly more powerful than today’s fastest supercomputers would be capable of cracking the codes that protect virtually all modern communication, he told the agency, which is tasked with safeguarding the U.S. military’s communications.

In the meantime, Kunz told the panel, a global effort to plunder data is underway so that intercepted messages can be decoded after Q-day in what he described as “harvest now, decrypt later” attacks, according to a recording of the session the agency later made public.

Militaries would see their long-term plans and intelligence gathering exposed to enemies. Businesses could have their intellectual property swiped. People’s health records would be laid bare.

“We are not the only ones who are harvesting, we are not the only ones hoping to decrypt that in the future,” Kunz said, without naming names. “Everything that gets sent over public networks is at risk.”

Kunz is among a growing chorus sounding this alarm. Many cyber experts believe all the major powers are collecting ahead of Q-day. The United States and China, the world’s leading military powers, are accusing each other of data harvesting on a grand scale.

The director of the Federal Bureau of Investigation, Christopher Wray, said in September that China had “a bigger hacking program than every other major nation combined.” In a September report, China’s chief civilian intelligence agency, the Ministry of State Security, accused the U.S. National Security Agency of “systematic” attacks to steal Chinese data.

The National Security Agency declined to comment on China’s accusation.

More is at stake than cracking codes. Quantum computers, which harness the mysterious properties of subatomic particles, promise to deliver breakthroughs in science, armaments and industry, researchers say.

Opinion is divided on the expected arrival of Q-day, to be sure. It’s still relatively early days for quantum computing: So far, only small quantum computers with limited processing power and a vulnerability to error have been built. Some researchers estimate that Q-day might come closer to the middle of the century.

No one knows who might get there first. The United States and China are considered the leaders in the field; many experts believe America still holds an edge.

As the race to master quantum computing continues, a scramble is on to protect critical data. 

Washington and its allies are working on new encryption standards known as post-quantum cryptography – essentially codes that are much harder to crack, even for a quantum computer. Beijing is trying to pioneer quantum communications networks, a technology theoretically impossible to hack, according to researchers. 

The scientist spearheading Beijing’s efforts has become a minor celebrity in China.

Quantum computing is radically different. Conventional computers process information as bits – either 1 or 0, and just one number at a time. Quantum computers process in quantum bits, or “qubits,” which can be 1, 0 or any number in between, all at the same time, which physicists say is an approximate way of describing a complex mathematical concept.

These computers also exploit a mysterious property of quantum mechanics known as entanglement. Particles such as photons or electrons can become entangled so that they remain connected, even when separated by huge distances. Changes in one particle are immediately reflected in the other. The properties of qubits and entanglement are fundamental to quantum computers, say physicists and computer scientists, potentially allowing calculations to be carried out that would be impractical on today’s large supercomputers.

Business consultants forecast this processing power will deliver hundreds of billions of dollars in extra revenue by the middle of the next decade. Even before these computers arrive, some are predicting that advances in quantum technology will sharply improve the performance of some military hardware.

Quantum technology “is likely to be as transformational in the 21st century as harnessing electricity as a resource was in the 19th century,” said Michael Biercuk, founder and chief executive officer of Q-CTRL, a quantum tech company that was established in Australia and has major operations in the United States.

It was the codebreaking possibilities of quantum computing that sparked the field’s surge in progress in recent decades, said Q-CTRL’s Biercuk, an American who is a professor of quantum physics at the University of Sydney and a former consultant to the U.S. Defense Advanced Research Projects Agency, the Pentagon’s innovation incubator. The U.S. government saw it as a “big opportunity ” in the 1990s and has been funding research ever since, he said.

In his briefing for the Pentagon, QD5’s Kunz cited what he called one of the most successful harvest now/decrypt later operations ever: the Venona project.

Launched in 1943, Venona was a 37-year U.S. effort to decipher Soviet diplomatic communications collected by the Americans during and after World War Two. U.S. codebreakers, aided by allies, were able to decrypt more than 2,900 cables from thousands of messages sent by Soviet intelligence agencies between 1940 and 1948, according to CIA documents.

The cables revealed extensive Communist intelligence operations against the United States and its allies. The code-cracking coup led to the discovery of Soviet penetration of the Manhattan Project, the top-secret program to build the first atomic bombs, and the existence of the Cambridge Five, a group of top British civil servants spying for Moscow, the CIA documents show.

The West’s breakthrough was the realization that the Soviets had misused so-called one-time pads: a time-tested form of encryption in which a secret key is used to encode a message sent between parties. 

The method got its name because in its earliest forms, keys were printed on a pad whose pages each contained a unique code; the top page was ripped off and destroyed after a single use. The Soviets blundered by printing and using duplicate pages in one-time pads for a limited time. 

This allowed allied analysts to painstakingly decrypt some of the messages years later, according to the CIA documents.

To be truly unbreakable, cybersecurity experts say, a one-time-pad key must be a set of random numbers equal to or bigger than the size of the message – and used only once. The party receiving the message uses the same secret key to decrypt the message. The method was invented more than a century ago, and for decades was used for secret messages by most major powers. But technical factors made it too unwieldy for mass, secure communication in the modern era.

Instead, most communications today are secured with what is known as public key infrastructure (PKI), a system developed in the 1970s to enable encryption on a mass scale.

PKI enabled the rise of the internet economy and open telecommunications systems. The passwords to email accounts, online banking and secure messaging platforms all rely on it. PKI is also critical to most government and national security communications.

Security provided by PKI stems essentially from hiding information behind a very difficult math problem, Biercuk said. The most widely used algorithm that creates and manages that difficult math problem used for encryption is known as RSA, from the surname initials of its inventors: the computer scientists and cryptographers Ron Rivest, Adi Shamir and Leonard Adelman. What may be about to change is that these problems will be a cinch for quantum computers to solve.

“If you have a computer for which that math problem is not very hard,” Biercuk said, “all of that is at risk.”

Montreal-based QD5, the privately held company where Kunz is executive vice president, is taking a different approach to post-quantum cryptography. It has developed an advanced version of the one-time pad: a device, the Q PAD, which it claims customers can use to conduct communications on existing networks that will remain uncrackable forever. Pentagon officials peppered Kunz and colleagues with technical questions about the technology in February, but noted the informational session didn’t necessarily signal an intent to buy the Q PAD system.

The Defense Information Systems Agency did not respond to requests for comment.

In an interview, Kunz, a former Canadian soldier, said he first learned about one-time pads while serving with a reconnaissance unit.

“It is very simple and straightforward,” he said. “Every time you used one of those sheets of paper, you would have to destroy it. If you only have those two keys, and follow the rules,” a message may be intercepted, but the enemy “will never be able to break it.”

QD5 has overcome some of the limitations of the original one-time pad, said Chief Technology Officer Gary Swatton. One hurdle to mass use of the method was the need to generate enough sets of truly random numbers to supply modern communications networks with encryption. Before quantum technologies emerged, this took considerable time and effort.

Now, specially designed semiconductor chips and hardware, called quantum random number generators, can exploit the truly random nature of subatomic quantum particles to generate number sets in large volumes, according to researchers. “Technology has caught up and is solving these problems,” Swatton said.

Other companies hope to seize on demand for better security. SandboxAQ of Palo Alto, California, a spin-off from Google owner Alphabet, has a division to help clients tackle the threat from quantum computing and leverage the benefits of this powerful technology. 

Even if Q-day is a decade or more away, “it’s imperative that organizations begin preparing for the migration to post-quantum cryptography now,” said Marc Manzano, SandboxAQ’s general manager of quantum security.

Some anticipate upheaval. Skip Sanzeri, founder and chief operating officer of quantum security company QuSecure in San Mateo, California, says “the entire internet and the devices connected to it” will be affected. The World Economic Forum has estimated that 20 billion devices will have to be upgraded or replaced to meet quantum security standards in the next two decades.

“This is going to be a $100 billion or trillion-dollar upgrade,” Sanzeri says.

While quantum computing threatens to upend existing security measures, the physics behind this technology could also be exploited to build theoretically unhackable networks.

In a quantum communications network, users exchange a secret key or code on subatomic particles called photons, allowing them to encrypt and decrypt data. This is called quantum key distribution, or QKD. It is one of the fundamental properties of quantum mechanics that can ensure secure communications. Any attempt to monitor or interfere with these quantum particles changes them, physicists explain. 

That means any attempt to intercept the communications is immediately detectable to users. If the communicating parties receive an uncorrupted encryption key, they can be confident that their subsequent communications will be secure.

With quantum networks, “our technical security comes from the laws of physics,” says physicist Gregoire Ribordy, chief executive officer of ID Quantique (IDQ), a privately held Swiss company that provides quantum communications technology. “Interception of the communications is just not possible without leaving a trace.”

Quantum communications is an area where China is spending big. The technology has the potential to safeguard Beijing’s data networks, even if Washington and other rivals are first to reach Q-day.

President Xi Jinping stressed the “strategic value” of quantum technology in a 2020 speech to top Chinese leaders, the official Xinhua news agency reported. Under Xi, China has set clear targets to dominate quantum science. It is spending more than any other country on quantum research by some estimates. In an April report, McKinsey & Company estimated that Beijing had announced a cumulative $15.3 billion in funding for quantum research, more than quadruple the equivalent U.S. figure of $3.7 billion.

A key driver of China’s quantum tech quest is Pan Jianwei, a physicist who has achieved celebrity status in China along with praise and support from the ruling Communist Party.

Pan, 53, is a professor at the University of Science and Technology of China, the country’s premier quantum research outfit. In 2011, he was elected to the Chinese Academy of Sciences, an honor given to scientists who have made important advances in their fields.

Pan in media interviews has said he wants to make China a leader in quantum technology while building an internet secure from cyberattacks. This would serve vital strategic purposes, security experts say. It would protect the Chinese leadership and military from hacking, especially in a conflict. A quantum-fortified internet could protect vital infrastructure and the vast surveillance network the Communist Party has built to stamp out any challenge to its monopoly on power, they say.

Pan did not respond to requests for an interview.

Pan’s career highlights how the absorption of foreign technology has been crucial to China in quantum and other tech fields.

He studied for his doctorate in Vienna with renowned physicist Anton Zeilinger. Zeilinger shared the 2022 Nobel Prize in Physics for his work on quantum mechanics. Pan later moved to the University of Heidelberg, where he still maintains close links, before returning home in 2008.

Zeilinger did not respond to a request for comment.

Back in China, Pan led a team that recorded a milestone in 2016 with the launch of Micius, the world’s first quantum satellite, which was used to establish secure communications links with ground stations in China.

The following year, his team and researchers in Austria used Micius to hold the world’s first quantum-encrypted teleconference, connecting Beijing and Vienna. Pan also led a team that has reportedly built a similarly unhackable ground-based network in China linking the cities of Beijing, Jinan, Shanghai and Hefei.

Pan was one of the architects of a concerted campaign to deploy Chinese scientists to leading quantum labs around the world, with the goal of jump-starting domestic development when these researchers returned home, according to a 2019 report by Strider Technologies, a Salt Lake City-based strategic intelligence startup.

Some of those researchers, including Pan, benefited from substantial foreign government funding while studying abroad, the report found. “From that regard it has been wildly successful,” Strider Technologies Chief Executive Officer Greg Levesque said of the Chinese strategy in an interview with Reuters. “But I don’t know if they are going to win it,” he added. “It seems some U.S. companies are making some really big leaps.”

Despite China’s apparent lead in official funding, some researchers say America remains the overall quantum leader thanks to its private sector technology innovators, government labs, university researchers and collaborating allies. And Washington is moving to restrict U.S. investment in China’s quantum capabilities.

In August, President Joe Biden signed an executive order directing the U.S. Department of the Treasury to regulate U.S. investments in quantum computing, semiconductors and artificial intelligence. An annex to that order named China as a country of concern, along with its special administrative regions of Hong Kong and Macau. That could lead to bans on investment in Chinese production of quantum technologies and equipment.

China’s Ministry of Foreign Affairs did not respond to a request for comment.

Globally, government security agencies and the private sector are working on strategies to beat quantum computers. In August, the U.S. National Security Agency and other agencies urged the public and companies to adopt new measures to safeguard their communications with post-quantum cryptography.

After extensive evaluation, the U.S. National Institute of Standards and Technology (NIST) last year selected four so-called post-quantum cryptography (PQC) algorithms – new encryption standards that some cyber experts believe will provide long-term security. U.S. government agencies next year are expected to issue a new standard for post-quantum cryptography, Biden disclosed in a May memo. NIST said in August that it’s working on standardizing these algorithms, the final step before making these tools widely available for organizations to upgrade their encryption.

SandboxAQ’s Manzano said his company is working with some of the world’s biggest companies and government agencies to integrate the coming PQC cryptography algorithms into their systems. Sanzeri said QuSecure, too, is working with government and private clients to upgrade to PQC.

Not everyone agrees the new algorithms will offer reliable security. Kunz told Reuters that eventually the new cyphers could be compromised as quantum computers improve. “The problem is that PQC is not unbreakable,” he said. “It does not solve the harvest now, decrypt later problem.”

IDQ’s Ribordy said that today’s classical computers also might be able to crack these new codes. The complex math problems at the heart of PQC are “so new” that they have not been studied very extensively, he noted.

A spokesperson for NIST said the agency “has confidence in the security of the PQC algorithms selected for standardization, (or) else we wouldn’t be standardizing them. The algorithms have been studied by experts, and went through an intensive evaluation process.” He added that it was not inevitable or even a “safe assumption” that they would be broken.

The National Security Agency declined to comment on the PQC algorithms, referring Reuters to information on its website about quantum computing and post-quantum cryptography.

In the meantime, one challenge for the keepers of digital secrets is that whenever Q-day comes, quantum codebreakers are unlikely to announce their breakthrough. Instead, they’re likely to keep quiet, so they can exploit the advantage as long as possible.

“We won’t necessarily know” when the codes are broken, Kunz told the Pentagon panel. “We will probably find out the hard way,” he said. “But what we can expect is that they will be broken.” — Reuters