Quantum computing 101
How quantum computers work and why we should start worrying about quantum cryptography now
It is a common fallacy that quantum computers are faster than classical computers and it is easy to see where the idea comes from. After all, as processors have shrunk in size, computing has become quicker, which has led some to assume that quantum computers must be even faster because they work with subatomic particles. The truth is that quantum computers are not really faster, but rather do things in a different way thanks to the quantum properties of superposition, entanglement and interference.
The computers we have today store data using bits, which have two states — either on or off — represented as a 1 or a 0. They perform a Boolean function: a sort of binary logic, commonly seen in advanced search engines, that works with modifiers such as ‘AND’ or ‘NOT’. The transistor receives two incoming signals and depending on what it encounters, sends out a new electrical signal.
Computer scientists describe classical bits as “discrete”, which is the opposite of continuous. To compute more efficiently, they use a method called parallel processing, which involves splitting a computation into parts that can be executed simultaneously on different processors attached to the same machine.
Quantum computing replaces binary bits with qubits that have more states that are changing continuously. Qubits can take infinitely different values, which means they can be on, off or somewhere in between all at the same time. Superposition enables qubit-based computers to carry out far more calculations at the same time, effectively taking parallel processing to the nth degree.
When qubits become entangled, they share all the possible combinations of the quantum states of the individual qubits, substantially boosting computational power in the process.
A by-product of superposition, quantum interference determines the computer’s function by exploiting the probabilistic behaviour of particles and waves. Notoriously difficult to explain, interference is usually demonstrated using the double-slit experiment, in which single photons are beamed through two slits on a screen. Furthermore, in the experiment, the act of observing the photons appears to affect their behaviour. The implication is that quantum computers may be virtually unhackable, as any attempt to eavesdrop would probably corrupt the data.
What is a quantum computer?
There is no single way to build a quantum computer. Among the technologies used are trapped ions, silicon quantum dots, topological qubits, diamond vacancies and photonics. They all have different strengths and weaknesses. At present, the most prevalent are gate-based computers using superconducting loops. They work in a similar way to classical computers and build on the existing semiconductor industry.
The main challenge is increasing the small number of qubits possible today to an industrial scale, which is difficult because it is a struggle to keep qubits in their quantum state. The qubits only function “coherently” when they are cooled down to mere thousandths of a degree above absolute zero, which also protects them from the destabilizing effects of radiation, light, sound, vibrations and magnetic fields. They are also prone to errors. Only when it is possible to increase the number of qubits will we have computers powerful enough to run quantum algorithms such as Shor’s “decryption” algorithm. Until then, the focus is on developing meaningful algorithms for today’s Noisy intermediate-scale quantum (NISQ) technology.
Computers based on quantum annealing take a radically different approach. Quantum annealers run adiabatic quantum computing algorithms. Instead of allowing the entanglement of all qubits, they create an environment where only restricted, local connections are possible. When they attain superposition, they can be used to mediate and control longer-range coherences. This makes them suitable for a much narrower range of tasks, such as solving optimization problems — i.e. choosing the best solution from all feasible solutions.
Quantum annealers have already been used to solve such problems in the domains of finance and the aerospace industry, among others, with potential users limited only by the upwards of 10 million dollars cost of a quantum annealer device. As with gate-based quantum computing, decoherence is a major challenge for quantum annealers and they too require massive refrigeration units. The limited number of tasks that quantum annealers can perform means, for example, that they are also unable to run Shor’s algorithm.
It may take another 10 to 15 years before fully functional quantum computers become a reality. There is even talk of a quantum internet, with photons carried through fibre optic cables. Whatever happens, though, and however long it takes, it is clear that the cryptography that underpins internet communications and much of our critical infrastructure will be vulnerable to quantum crime.
Protecting critical infrastructure
Mobile phone calls, messaging and online banking all rely on complex mathematical algorithms to scramble information in order to protect it from malicious hackers, spies and cybercriminals. It is no exaggeration to say that there would be no confidentiality or security online without encryption and that many of the operations we take for granted today would no longer be feasible. Faced with increasing cyber-attacks against critical infrastructure — including but not limited to power utilities, transport networks, factories and the health care industry — encryption is evolving to meet the threat.
The most prevalent system nowadays is called public key encryption. It works by giving users two keys: a public key, shared with everyone, as well as a private key. The keys are large numbers that form part of an intricate mathematical algorithm that scrambles a user’s messages. The sender encrypts a message by using the receiver’s public key in order that only the intended recipient can unlock it with her or his private key. Even though the public key is freely available, the numbers involved are sufficiently large to make it very difficult to reverse the encryption process with only the public key.
The power of quantum cryptography
As computers become more powerful, however, and in the face of rogue states with the technology resources to pose a more serious threat, cryptographers are turning away from mathematics and looking to the laws of quantum mechanics to achieve greater security. Wikipedia defines quantum cryptography as “the science of exploiting quantum mechanical properties to perform cryptographic tasks.”
That is because quantum cryptography, like quantum computing, is based on the behaviour of quantum particles. For example, an encryption system called quantum key distribution (QKD) encodes messages using the properties of light particles. The only way for hackers to unlock the key is to measure the particles, but the very act of measuring changes the behaviour of the particles, causing errors that trigger security alerts. In this way, the system makes it impossible for hackers to hide the fact that they have seen the data.
Now is the time to act. The threat is so great that scientists are urging organizations to start looking at and adopting quantum resilient encryption systems. Quantum computers may not be ready for another decade, but quantum cryptography is already here.
Standardization work at the IEC
The IEC and ISO have set up a working group (WG 14) in their joint technical committee (JTC1) to identify the standardization needs of quantum computing.
It is hoped that their work can support the evolution of quantum computing by providing a foundation of already defined systems and processes. Such a foundation would enable developers to focus their attention on the higher-level challenges, rather than starting their projects from scratch. A standard on quantum computing terminology and vocabulary could be delivered as early as next year.
ISO/IEC JTC 1/ Subcommittee 27 (SC 27) is currently looking at ways to develop quantum-resilient cryptography. SC 27 is best known for the ISO/IEC 27001 cybersecurity standard.
IEC TC 86 prepares standards for fibre optic systems, modules, devices and components intended primarily for use with communications equipment. Their work covers terminology, characteristics, related tests, calibration and measurement methods, as well as functional interfaces, optical, environmental and mechanical requirements to ensure reliable system performance.