Why Y2Q and the Quantum Threat are Coming Much Sooner Than you Think

Why Y2Q and the Quantum Threat are Coming Much Sooner Than you Think
Share on facebook
Share on twitter
Share on linkedin
Share on email

In Quantum Tech Pod Episode 26, Quantropi CTO Michael Redding argues that Y2Q is coming much sooner than many might think. Y2Q (also sometimes called Q-Day) is the date when quantum computers will defeat public-key cryptography.

Even NATO and the White House recently started preparing for Y2Q and NIST just announced its first four quantum-resistant cryptographic algorithms.

When will Y2Q arrive?

So when will quantum computers be able to break the cryptography we use today? The opinions of experts vary considerably.

According to the 2021 Quantum Threat Timeline Report (January 2022), cybersecurity experts appear to be more or less confident that quantum computers will be able to break RSA-2048 within 15 years. The Cloud Security Alliance (CSA) is more pessimistic – they estimate that Y2Q will arrive on April 14, 2030.

However, CSA’s estimates are nowhere as pessimistic as the results of a very recent global survey of security professionals carried out by Dimensional Research and sponsored by Cambridge Quantum. The survey results were published in February 2022. Of the surveyed 614 security professionals, 61% think that quantum attacks will neutralize current encryption tech within just 2 years. 28% think that current encryption technologies will be compromised within 3-5 years.

Truth be told – no one can tell when Y2Q will come. However, certain factors incline us to believe that the quantum threat will become a reality much sooner than many might be thinking.

Here’s why.

Why Y2Q is coming sooner than you think

One of the difficulties of predicting the date of Y2Q is that technology often doesn’t develop linearly – it develops in “fits and starts” including sudden periods of exponential growth.  Across many domains, the better a technology gets, the faster we see further improvements to it.  As momentum and investment build, research breakthroughs can cause technology to shoot forward at much higher rates than we may otherwise predict.

This extends to quantum computing as well. While we can look back at how fast quantum computers have developed so far and extrapolate our observations into the future, we also need to factor in the unexpected (but highly anticipated)  leaps in technology and innovative approaches that will exponentially accelerate progress in quantum computing achievements.

At the highest level, the global investment of billions of dollars annually in quantum research is why Y2Q will likely be here sooner than later. This leads us to go a little bit deeper and give more specific reasons as to why Y2Q is getting very close, very fast.

Quantum computing technology is becoming more efficient

The RSA (Rivest-Shamir-Adleman) public-key cryptosystem is widely used to protect cryptographic keys in transit today. RSA uses keys of varying lengths – from 100 to 4096 bits – with 2048 bits being the minimum key length recommended by NIST since 2015.

How many qubits are necessary to break RSA-2048?

For physical (noisy) qubits, estimates range from tens of millions to a billion, according to Michele Mosca – the father of quantum computing efforts at the University of Waterloo, Ontario. However, in May 2019, a pair of researchers from Google and the KTH Royal Institute of Technology (Stockholm, Sweden) described a method of factoring 2048-bit RSA integers in just 8 hours using only 20 million physical qubits.

Now, we are quite far from 20 million physical qubits. The likes of Google are planning to build a quantum computer with 1,000,000 physical qubits only by 2030.

However, in March 2022, Microsoft demonstrated the physical foundations of a topological qubit. Microsoft views topological qubits as the way to build a quantum machine that is more stable and more scalable than computers that rely on other types of qubits. Microsoft’s research into topological qubits may significantly accelerate the development of large-scale quantum machines that are powerful enough to break RSA.

The bottom line for all this is as follows – even though quantum computers aren’t yet large enough to break encryption algorithms like RSA, technological advancements might allow researchers to accelerate the development of quantum computers. With that in mind, expert opinions that quantum computers will neutralize classical cryptography within 2-5 years don’t sound that far-fetched.

Shor’s algorithm might not be the only way to break encryption

Currently, the ability of quantum computers to break public-key encryption is based on Shor’s algorithm. However, who said that Shor’s algorithm is the way to crack encryption algorithms?

In 2019, Chinese researchers turned the integer factorization problem into an optimization task. They used the D-Wave 2000Q quantum annealer – a quantum machine specialized in optimization problems – to factor the integer 376289 with just 94 qubits. Further optimizations allowed the researchers to factorize the much larger number 1005973 with only 89 qubits.

The researchers stated that factorizing 1005973 using Shor’s algorithm would require 41 universal qubits, which universal quantum computers weren’t able to achieve with acceptable accuracy back in 2019. The IBM Q System One (January 2019) could theoretically factor up to 10-bit integers, while the D-Wave at the time had a thousand-fold advantage in factorization problems.

This study shows that we can reframe the integer factorization problem to solve it more efficiently with a fewer number of qubits. Not only that, but it also demonstrates that quantum annealers are a potential tool for breaking public-key encryption.

2 More Reasons Why You Should Transition to Quantum-Safe Protection Now

The advancements we’ve just talked about might shorten the time left until Y2Q. However, tech developments aren’t the only reason to start thinking about upgrading to quantum-safe protection. Even if we completely disregard research into quantum computing, there are 2 more reasons why switching to quantum-secure data protection soon is a very good idea.

1. Hackers might be collecting your data now to crack it tomorrow

If you keep your data encrypted (as you should), data theft might not be a huge deal for you. Hackers are very unlikely to be able to brute-force your encryption defenses no matter how much computing power they throw at them.

Your encrypted data is safe – but only for now.

Hackers might not be able to crack classical encryption algorithms today, but what will happen when they get their hands on a powerful quantum computer? That’s right, they will be able to easily break through your data defenses.

Recall all the instances when your data has been leaked or stolen. All that data might be sitting in some hacker group’s data center right now, waiting to be cracked. Every piece of data that’s been stolen over the years is a ticking time bomb. When that bomb blows up – that is, when hackers get access to quantum computers – your business secrets will no longer be secret. Your proprietary source code, financial records, client information – hackers will be able to access it all.

Although we don’t know for sure if hackers are indeed following the “steal now, crack later” strategy, it would be safe to assume that they do. We have to think about the worst-case scenarios to be able to protect ourselves from future threats. So if you have data that needs to remain protected for 10 or 20 years, you should start thinking about quantum-secure protection right now.

It may take a very long time for you to switch to quantum-secure protection

How much time would it take for you to quantum-proof your IT infrastructure? The transition might take from months to years, depending on the scope of the changes.

The move to quantum-proof cryptography is a multi-step process. It incorporates understanding your current cryptographic tools, identifying your most vulnerable and valuable assets, and updating your cryptographic policies to include quantum-proof measures. You will also need to decide which enterprise quantum-safe solution to use, which may require months of consultations with different vendors.

After these steps are completed, you will need to start the actual deployment of quantum-secure cryptography. Although software-based platforms like QiSpace™ are easy to deploy via programming APIs and software updates, rolling out a new cryptography stack across an enterprise will take time. And then, you will need to introduce your staff to your updated cryptography tools and the new cybersecurity policies.

The scope of the transition can be enormous. In the worst-case scenario, it may take you years to transition your IT infrastructure to quantum-secure cryptography. The main issue and question here is as follows – do we have years until Y2Q? The answer is that we don’t know for sure.

Crypto Agility as the Answer to Long-Term Cybersecurity Challenges

Cryptographic agility is the way to address cybersecurity challenges in the long run. Although using cutting-edge technology to protect data today is a great start, you should also be proactive and plan your cybersecurity policies with the future in mind.

As a SaaS platform of quantum-secure solutions, Quantropi’s QiSpace™ offers an immense degree of agility to enterprise customers. Quantropi’s portfolio isn’t set in stone and will adapt as cybersecurity standards change and as new threats emerge. Not only does QiSpace™ offer state-of-the-art protection against quantum threats today, it will continue to be a leading force in the industry tomorrow.

To learn more about our quantum-secure solutions, don’t hesitate to get in touch with our experts!

Share on facebook
Share on twitter
Share on linkedin
Share on email

Marco Pagani

Marco Pagani began his long and successful career as a senior executive in Ottawa’s high-tech sector in 1985, with Nortel Networks (then Bell-Northern Research). He rose across two decades to become president of several Nortel Business Units, managing more than 2,000 employees and over $1 billion in revenue. Having gone on to advise numerous organizations, as well as guide a range of companies through complex, critically necessary turnarounds, he is particularly respected for placing a strong emphasis on ethics and corporate governance in building the culture of the corporate and not-for-profit organizations he leads and supports.

Nick Kuang

As VP Corporate Services, Nick plans, directs and coordinates a wide range of activities aimed at achieving Quantropi’s vision of the Quantum Internet. He has a keen interest in transformative technologies and the possibilities they offer for bettering our everyday lives. A pharmacist by training, Nick nurtures teams with a focus on integrity and collaborative effort, coupled with strong attention to detail. With prior experience in a successful biotech start-up developing point-of-care test kits, he enjoys the fast pace and challenge of the start-up environment.

Dr. Randy Kuang

Randy holds a doctorate in quantum physics. His research findings have been published in top international journals and named “Kuang’s semi-classical formalism” by NASA in 2012. With a career spanning IT, including with Nortel as senior network researcher & developer, he co-founded inBay Technologies in 2009, serving as CTO of the cybersecurity platform. As the first recipient of a patent for two-level authentication (2011), Randy is a prolific inventor, with 30+ U.S. patents in broad technology fields, such as WiMAX, optical networks, multi-factor identity authentication, transaction authorization, as well as concepts, technologies and industrial applications for quantum key distribution.

Cory Michalyshyn

Cory brings a breadth of experience to the Quantropi team, working fractionally with multiple SaaS technology companies as CFO, and as the CFO with Celtic House Venture Partners. Prior to these roles, Cory was CFO and COO at Solink, and played a lead role in the metrics-led pivot to a direct-sales SaaS model, followed by multiple VC-backed funding rounds and their recognition as one of the fastest growing start-ups in Canada. He qualified as a CPA while serving technology, VC & PE-fund clients at Deloitte, and earned his Bachelor of Commerce at Queen’s University.

Ken Dobell

Ken leads marketing strategy at Quantropi. In high demand as a consultant with 25 years’ experience in performance media and an award- winning creative background, he has completed successful transformations, (re)branding and product development mandates with KPMG, Keurig, Fidelity, Eddyfi, Coveo, and more, and provides digital advice to the CMA. Previously, Ken pivoted an offline advertising brokerage to a leading-edge, data-driven performance agency as President of DAC Digital, held a progression of international leadership roles with Monster.com, pioneered a range of multi-channel initiatives as VP Marketing with a global franchisor, and introduced a mobile-first programmatic media offering to Canada within WPP.

Raj Narula, P.Eng.

A seasoned technology executive, business builder and angel investor, Raj has held operational and advisory roles in Recognia (Trading Central), Belair Networks (Ericsson), March Networks (Infinova), Sandvine (Procera), Neurolanguage (ADEC), Bridgewater Systems (Amdocs), Vayyoo (Cafex), TenXc (CCI), 1Mobility (Qualys) and others. Having divided his time among North America, EMEA and Asia-Pac for over 20 years, Raj speaks several languages. He grew up in Asia, Europe, South America and Canada, and holds a B.Eng degree in Mechanical Engineering from the University of Ottawa. He is also a co-founder and Charter Member of the Ottawa chapter of TiE (the Indus Entrepreneur).

Michael Redding

Before joining Quantropi, Mike was Managing Director and co-founder of Accenture Ventures, where he grew a global portfolio of strategic partnerships and 38 equity investments in emerging technology startups.

During his nearly 30 years with Accenture, he incubated and launched technology innovations for enterprises across multiple geographies and industries. Ever-passionate about bold ideas with game-changing results, he speaks frequently on the impact of emerging technology on large organizations.

With a bachelor’s degree in Electrical Engineering and Computer Science from Princeton, and a Master’s in Biomedical Engineering from Northwestern, Mike is a former member of the Board of Directors for the Accenture Foundation and Board Observer for startups Maana and Splice Machine.

Alex He

Alex is a product-oriented project manager who bridges the gaps between the company’s engineering and commercial teams. He has over ten years of experience in the analysis, design and development of enterprise-class applications, with a particular focus on creating optimal user experiences (UX). Ever passionate about cybersecurity solutions that can deliver solid security without unreasonably sacrificing customer convenience, Alex is the lead inventor of a registered patent on user interface security. He is committed to helping ensure that the Agile software engineering team at Quantropi delivers consistently high-quality, high crypto-agility cybersecurity solutions for next-generation communications.

Tina Wang

Tina develops websites and participates in a range of different projects, using new frameworks for front-end UI, along with Vuejs, Angula, Beego, Ruby on Rails, and Electron. She developed Quantropi’s desktop CipherSpace application by integrating Electron, Webassembly and Go, to ensure a good user experience, as well as perfect operating system compatibility. She is also part of the dynamic and efficient QKD-NODE project team. Tina is always looking for new ways to increase her knowledge, improve her technological proficiency and enhance her strong execution and implementation skills. Prior to Quantropi, Tina served as a full-stack web developer at Sunny Future, where she maintained a WordPress home site and managed the release of new content for the company.

Talk To Us

Bond Vo

Bond Vo is the Business Analyst of Quantropi. Along with Quantropi, Bond has been dynamic in accordance with a fast and evolving startup environment and is responsible in a wide range of areas including market research, funding, and more involved in the controller roles to oversee day to day accounting operation as well as build financing models and budget to achieve company’s ultimate goals/objectives. Bond has applied best practices consistently and successfully supports equity, debt, and non-dilutive funding for Quantropi since joint the team. He earned a Bachelor of Commerce concentrated in Finance from Carleton University. Outside of his professional career, Bond also participated in volunteer for the Vietnamese Immigration Student Association (VISA) to help and support students as well as newcomers in Canada.

Pauline Arnold

As James Nguyen’s EA, Pauline Arnold brings more than 40 years of experience in complementary customer service and administrative roles. Prior to Quantropi, she served 20 years as Branch Manager and an assistant in investments, and over 20 years at Metropolitan Life Canada in various aspects of the insurance sector – assisting clients, management and colleagues to complete tasks, solve problems, address questions and achieve goals. She also worked part-time for Royal Lepage Performance for 5+ years as a receptionist & admin, and for 5 years was chair of the TKFG’s charity golf tournament.

Dafu Lou

Dafu is Quantropi’s Director of engineering. Prior to Quantropi, he served as a technical leader at Irdeto, a world-leading provider of digital platform security software, where he was responsible for white-box cryptography, cloaked CA secure core, and iOS/android application protection services, among others. Prior to Irdeto, Dafu served as a senior software engineer at SecureNex Systems, where he led the implementation of an SSL-VPN solution and ECC-based secure data storage & PKI. He earned his Ph.D. in electrical engineering from the University of Ottawa in 2009. Dafu is also a part-time professor, teaching VLSI, Cryptography and other subjects at uOttawa.

Christopher McKenzie

With his extensive experience in software development and strong analytical skills, Chris can handle the entire end-to-end software development life cycle. Prior to Quantropi, he served as Director of Product Development at Sphyrna Security, Inc., where he managed the delivery of security compliance automation and data diode appliance products, and as Commercial Software Development Manager at Cord3, Inc., where he managed the development of an advanced data access policy management product. Chris graduated from Computer Science at Algonquin College and the Ottawa School of Arts in 1998. Read less

Eric Chan

Eric Chan a.k.a. EEPMON is a Crypto / Digital Artist with 15 years in the industry – and Quantropi’s Creative Emissary. His hybrid fractal/digital creations have been seen in fashion, comics to museums and has exhibited worldwide. EEPMON’s collaborations include Canada Goose, MARVEL, Snoopy, Microsoft Xbox, Canada Science & Technology Museum and was a TEDx performing artist. In 2018 he represented Canada on its first Creative Industries Trade Mission led by Canada’s Minister of Heritage and serves on the Canadian Museums Association‘s Board of Directors. At the same time, he is currently completing his Master of Information Technology – Digital Media at Carleton University. 

Patricio Mariaca

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum quis mauris justo. Vestibulum vel nulla vel tortor dignissim auctor. Donec porta semper lacus, id mollis metus pretium at. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam malesuada ullamcorper metus, eget facilisis tortor posuere sed.

James Nguyen

Prior to leading Quantropi, James was Chief Investment Officer & VP Asia Operations for a group of private and public real estate, mining, energy storage, graphene technologies and manufacturing interests, where, in his responsibilities for strategy, banking and global expansions, he secured large-scale investments and partnerships for commercializing graphene applications across multiple industries. A graduate of Carleton in Economics, he previously achieved success managing a mid-market portfolio (professional services, public sector, Asian markets) at RBC for over a decade. James has been on the HKCBA board, held advisory positions with technology start-ups and gives back as volunteer, fundraiser and mentor.