Building a fully functional quantum computer is one of the most exciting scientific and technical challenges of our times. Attaining this long strived-for goal is likely to have a significant positive impact on areas of science such as artificial intelligence and bioinformatics.
Quantum computers will be able to solve certain particularly demanding problems faster than conventional computers. However, there is no expectation that quantum computers will be used as general-purpose computers to replace traditional computers. Instead, they will be used to supplement traditional computers and for processor-intensive problems that it is currently impossible to solve.
Quantum computer technology has advanced in leaps and bounds in recent years. It is already possible to interface with quantum computers from the Internet, enabling knowledgeable enthusiasts to develop and test out new quantum algorithms.
Although quantum computing is ushering in a new paradigm in complex computing problem resolution, by its very nature it also creates a new security risk. The cryptographic procedures that are relevant to real-world use are based in part on mathematical problems that are designed so that traditional computers cannot solve them efficiently. However, quantum computers can crack these procedures efficiently, making traditional computers useless for real-world use because the authenticity, confidentiality and integrity of the encrypted data stored on them can no longer be guaranteed.
At present we can only speculate on when quantum computers powerful enough to crack current cryptographic procedures will be available. Estimates range from 10 to 30 or more years. One of the factors in assessing the power of a quantum computer is the number of qubits (quantum bits) it has. The greater the number, the greater the computer’s performance. However, creating physical qubits is a major challenge. Current physical qubits are prone to disruption, and further research is needed to increase qubit quality or develop fault-tolerant procedures that compensate for the unreliability. There are also other associated research fields, such as improving refrigeration technology or the technology that allows quantum computers to communicate with external systems.
Although scientists still have a long way to go and it will be some time before powerful quantum computers are available, there are already several cryptographic procedures for conventional computers that are regarded as quantum-safe, in other words secure against attacks from quantum computers. They are based on difficult problems for which there are no known efficient quantum solutions.
Following a long standardisation process, the US National Institute of Standards and Technology (NIST) published three quantum-safe cryptographic standards on 13 August 20241. These lay the foundation for uniform implementation of the new procedures. Researchers from Switzerland were also involved in developing these standards.
Some traditional IT systems, such as those in power stations and production facilities, have a very long life cycle. It is possible that systems currently in use today may still be in service in virtually unchanged form when powerful quantum computers are available. As such, they represent a security risk.
The same applies to encrypted data. To ensure legal compliance, some data banks have to be archived for ten or more years. As a result, these could be susceptible to attack by quantum computers. Once powerful quantum computers become available, these systems and data would have to undergo a risk analysis and be either manually replaced or made quantum-safe, depending on the analysis.
Bitcoin is another relevant example. The cryptography used by the Bitcoin network is not quantum-safe either. Here again, new solutions are needed.
In view of the potential availability of powerful quantum computers, it is recommended that organisations review their safety requirements for data banks and systems with a long use period. The risk assessment will determine the timelines for the roll-out of quantum-safe procedures, the foundation for doing so being provided by an inventory of the cryptographic procedures.
Development or procurement projects for new software solutions should comply with the principles of cryptographic agility or with quantum-safe cryptography standards. This means either adopting new, quantum-safe cryptography standards straight away or ensuring that the cryptographic algorithms in use can be easily replaced by quantum-safe alternatives.
National Institute of Standards and Technology (NIST): First 3 Finalized Post-Quantum Encryption Standards: https://csrc.nist.gov/Projects/post-quantum-cryptography www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards
National Cybersecurity Center of Excellence: Migration to Post-Quantum Cryptography: https://www.nccoe.nist.gov/sites/default/files/2023-08/quantum-readiness-fact-sheet.pdf
Umberto Annino, Microsoft | Raphael Reischuk, Zühlke Engineering AG | Bernhard Tellenbach, armasuisse | Andreas Wespi, IBM Research
Endre Bangerter, BFH | Alain Beuchat, Banque Lombard Odier & Cie SA | Matthias Bossardt, KPMG | Dani Caduff, AWS | Adolf Doerig, Doerig & Partner | Stefan Frei, ETH Zurich | Roger Halbheer, Microsoft | Katja Dörlemann, Switch | Pascal Lamia, BACS | Martin Leuthold, Switch | Hannes Lubich, Board of Directors and Consultant | Luka Malisa, SIX Digital Exchange | Adrian Perrig, ETH Zurich | Ruedi Rytz, BACS | Riccardo Sibilia, DDPS | Daniel Walther, Swatch Group Services
