Quantum Security: Preparing for a Post-Quantum World

So, welcome uh for the last talk before the the big break today. Uh we already had two quite different talks and I suppose we will end up with the third one before the the larger break. Um so, uh welcome Nick. Um I think we are going to take a deep dive in quantum security. So, the stage is yours. Good luck. Thank you. [Applause] Yes. Uh good morning everyone. Um nice time slot just before lunch. So I hope you can all make it 45 minutes. Um yes. Today we're going to talk about quantum security and what that exactly is and means for our field. Um I think there are a lot of different innovations. Not this one.

They're two the same. Nice. Okay. Okay, now I have the correct one. Um, so quantum security and before I start diving into quantum security and all its different concept, uh, one of the brilliant physicists of the last century said, I think I can safely say that nobody understands quantum mechanics. There was Richard Feman and if Richard already said that he didn't understand quantum mechanics, then I probably don't, which means you probably won't either. So the pressure is off. Okay, that makes it a bit more easy. But it's my task today to ensure that I can understand these concept to you in plain language using metaphors and we will just go through it uh right before

lunch. Um so my name is Nick. Uh I work as a security architect for a uh small cyber security firm called Netscaper. I'm also associated to the lecturer of cyber security from the Utre University of Applied Scientists. And my fields of interest are of course cyber security, architecture, risk management and emergent technologies such as quantum. Um today what to expect. Um I think I'm going to give you a brief history of quantum physics. Then I'm also going to talk to the core concepts and how quantum computers work. Then of course the risks and the opportunities involved. And finally uh how cyber security is going to look like in a postquantum world. Uh if you have any questions, save them

up for uh yeah at the end. Uh we can also talk uh during lunch, after lunch, whatever. I'm here the entire day. So feel free to approach me whenever. So introduction to quantum physics. Um if you have read the hobbit, uh you know that this is the first sentence of the book. In a hole in the ground there lived a hobbit. And this sentence makes perfect sense. We can read it. We can understand it. It's intriguing. you want to read further, you understand all the words. Maybe not hobbit. You don't know what that is at this time, but you will learn later on. Uh but this is a beautiful sentence. Um if you rearrange the letters, you get something like

this. That makes no sense. And this is also how nature behaves. So in nature, all these different letters, which you can also see here in this sentence, are particles. Oh, that's one too fast. These are particles. Every word is an atom and the entire sentence is a molecule. Okay, keep that in mind. I will show you again in this hierarchy. So we have anything of matter, a person, a computer, a st, a chair, whatever. And matter um consists of molecules. A lot of them different kinds. H2O, O2 are probably the most uh common ones. Those are all different kinds of molecules. Then a molecule exists of an atom or consists of an atom or multiple atoms. An atom

consists of a nucleus which is the center and electrons revolving around it. Then the core of the nucleus exists of protons and neutrons. Remember Jimmy Neutron from Nickelodeon. And elementary particles are there in the end. Those are quarks, photons and also these electrons. Uh and I see a lot of people already looking at me like uh okay nice uh what does this mean? Well, when we talk about quantum and quantum computing and quantum security etc. We're talking about this stuff here subatomic and I think very important to understand this this is how nature behave we don't see it. We see things classically we see matter we don't see the rest but there are a lot of interesting things

happening here and that's very important to note. So that was my presentation. Thank you.

Okay, we're back. Uh, very short history. Um, it started all with Isaac Newton 1687 who defined the laws of motion and gravity. still very very relevant today. It explains how we can walk, how we can drive a car or a bike. So very relevant but in his worldview everything was deterministic. So everything had a cause and effect and that was clear. Then in the 1900s Max plank came and he said no uh you're not right. Energy comes in discrete packages called quanta. Then Albert Einstein came. He found the photoelectric effect which basically showed that if you shine light on an a surface it emits electrons. He won a Nobel prize for that and not for

his theory of relativity. Uh and then another couple of scientists came along. I will skip among those. If you watch Oppenheimer you probably recognize some of these names like Neils Boore and Wernern Heisenberg had very minor roles but they were there. They were all very big names in quantum in the early uh 1900s. uh and WA Heisenberg created the first quantum theory and then a couple years later a war broke out. Uh a lot of these scientists went to do other stuff and then in after the war uh it got picked up again a bit more and Richard Feman was the first scientist in uh 1981 who um released a paper called simulating physics with computers. So

this was the first time that somebody actually talked about simulating something and said that we need a quantum computer. So this idea is already over 40 years old and he said nature isn't classical and if you want to simulate nature you need a quantum computer. So that's why we're here today. So let's talk about some of these key concepts. And before I do, I want to introduce three classical concepts first because we're going to yeah make some uh um how do you call it? We're going yeah we need those. I'm sorry. Binary digits or bits. Those are the basics units of information that we have today. They're either one or zero. Then we have gates like the end

gate or the not gate or the or gate that can transform or manipulate these bits into whatever we want. put all of those together, we can create a circuit which is basically our yeah standard unit of computation. In quantum this also works but we just put the word quantum in front of it. That's actually how everything works there. So we have quantum bits or cubits, we have quantum gates, we have quantum circuits. So if you want to sound smart, just put the word quantum in front of it. That helps. Then I need to talk about superp position as the first core concept. And to do that uh I'm going to show you an experiment. A bit difficult with one

hand but okay. I have a box uh the best one I could found at the local supermarket yesterday. And uh we have a cat, a very nice cat. Uh some of you already know what I'm going to tell you. But I'm going to put the cat in a box. Going to close the box. It's closed now. Um, what you cannot see is inside the box there's a radioactive atom that's decaying and it will emit radiation. That's all you need to know. There's a geer counter in there that will pick up on the radiation and when that hits it will break a flask of poison eventually killing the cat. Oh, okay. Now, we know that that's going to

happen somewhere over time, but we don't know when exactly. That's how radiation works. So, question to you. How do we know if the cat is dead or alive? Shake the box. That's one way. Open the box. Okay, I will go with that one. But I like your suggestion. Okay, so we open the box. Oh, you can see the cat again. Uh, it's alive. Very good. Now, I'm going to put it back again. Now, we know that the cat is alive because of our measurement. We observe it. We open the box, we check and we see, hey, the cat is alive or dead. That's how we know and we determine that the cat is alive or dead. But in the

meantime, quantum physics says the cat is both alive and dead at the same time. That's called superposition. And that also means that the atom is in a superp position of states meaning it's both decayed and not which also means that the geiger counter has picked up on the radiation and not which also means the flask of poison has broken and not and that concept is super important for quantum computing because as I mentioned in quantum computing we work with cubits quantum bits and where a normal binary digit a bit is a one or a zero a cubit is both at the same time and that already brings out tremendous amounts of computation advant uh advantages. Now a cubit is a 3D sphere.

Our planet is a sphere as well. You know this is 3D. It has three axis Z X Y and the cubit can be in multiple positions, right? Super position. So I've put on a few here and there. And there we go again.

Please move. Yes. Took me five minutes to create that animation. Um, so right now we have a a cubit that's positioned along the equator of the sphere just like our Earth has an equator. So it has a 50% probability of being zero and a 50% probability of being one. And we have the y and the x axis to change its phase. Right? We can have it on the right hand side or the left hand side. And I'm simplifying things a bit here. But that helps if we are going to work with multiple cubits because if they have the same phase, they will amplify each other and help us towards the correct answer. If one is on the right

hand side and one on the left, for example, they will cancel each other out just like active noise cancelling headphones cancel out the noise. So it's a very common principle but that's inherent to this um superp position and to cubits. So again measurement is key because when I measure a cubit or I measure the cat that's both dead and alive at the same time it will collapse the quantum state into a classical state. So in the end we will always have a one or a zero. We can just manipulate it into yeah the correct uh direction that we want it to be. Then another core concept I'm going to be a bit more briefly about this is

entanglement. And with entanglement we can correlate cubits to each other. So we create a correlation. What this basically does is it makes sure that when we measure one we instantaneously no matter how large the distance we know something about the other. So it's like sharing of properties. Um Einstein called this spooky action at a distance. He didn't believe it. Um so another metaphor here I have uh two gloves uh uh left and right I think I hope um when I ask one of you to get the gloves and hide them somewhere around the earth uh and you do that you come back to me say okay Nick please have a look good luck I will look as soon as I

found one I find one for example the left one I know instantaneously that the one that's still missing is the right one. Right? That makes sense. That's also how entanglement works. So measuring one instantaneously tells us something about the other. And combining superp position and entanglement entanglement creates so much advancements and so much more computing power that can do a lot of awesome stuff that I'm going to talk about too um as well. So this is basically what happened with entanglement. So we can determine that if a cubit is a zero then the other cubit must also be a zero or the other way around must be a one then the other one must be a one. So we can create

advancement with that. Now I also talked about quantum gates. Um in classical we have the end or the the not end the not gates etc. In quantum we have a couple of different ones. I'm not going through all of them but the most important one is the the headmark gate and you can forget the name basically it's in the slide but what this gate does it puts a cubit into superp position so we as humans can control cubits and put them into superp position which is powerful and then we also have these poly gates the x the y and the z and that is again that sphere we can determine whether the cubit uh must be a one or a zero and we can try

to manipulate the probability or we can try to manipulate the phase. So it's on the left hand side or the right hand side of the sphere. So with all these gates, we can create our own quantum circuit and do awesome stuff on a quantum computer. This is how it looks like. Uh this is IBM system one. It looks pretty insane, but what basically happens is this stuff is being cooled to almost absolute zero Kelvin. That translates to minus 270 degrees C. And that is because quantum and I I do this but there it's way more tinier than this of course it's very susceptible to noise whether it's heat whether it's turbulence whether it's anything else it will disturb the

quantum state measurement will take place and it will collapse into a classical one so a one or a zero before we could take advantage of all those concepts so we don't want that so we have this cooled down we have all those wires some of these wires are uh used to send signals to the microchip there. So the the quantum chip, the QPU as we call it and you have other wires going back up to yeah send the reaction for example to your classical computer that's besides this that's still used to create quantum functions, quantum algorithms and send them through to the quantum hardware. So that also means that we don't or we're not going to have a

quantum computer on our desk in a couple of years. Right? These are very fragile machines. They exist now only with the larger well cloud providers and hyperscalers. We can access them over the cloud over the internet and there we can build our own quantum functions compile our own code and try to manipulate these cubits into whatever we want. This is an example of a of a yeah chip from uh IBM. I will not uh I will speed through that a bit. This is the quantum road map from IBM. And I think what's important here is that um in 2016 they already started with a very small chip with only five cubits. Now they have the Eagle which is 127 cubits and

they try to go to 2,000 cubits by 2033. Um those are physical cubits that are actually on the hardware but we can also create logical cubits. So like the software equivalents to try to manipulate the hardware cubits and that will be a lot more but these physical cubits they need to be stable because they uh will give us our computing advance advantages right so we're also focusing on error mitigation as I mentioned very susceptible to noise any kind of noise any kind of turbulence will collapse the cubit into well basically a normal bit so we're focusing on error mitigation and we want to go to error correction so we want to be able correct the errors

before they happen and not just mitigate a round of them that makes it more fast more advanced. So when you see another news article saying we have built a new microchip containing thousand cubits or 20,000 cubits I mean that's nice but that's not the only thing that matters. It needs to be reliable. It doesn't need to contain or it should not contain too many errors should should be errorprone um and it should be speedy as well. Okay. Um, a couple of applications and then we go into the cyber security stuff because that's what what we're here for. Uh, I will click through all of these. Okay. So, quantum computers can do a lot of things as I mentioned most of it will

be around um digging through large data sets or simulating quantum physics or simulating nature. Um so for logistics it can do a lot around uh route uh delivery optimization and that kind of stuff. For climate change it can model and predict climate systems way better than a classical computer can do. It will not solve climate change. That that's not the case. You will read that somewhere but that's not the case. Um but it will definitely help understand it better. In healthcare it can help with drug discovery for example and bring personalized medicine on onto the market. And with chemistry, what I always think is very fascinating is it can help with modeling all these modules

and atoms that you have in all these chemistry stuff. Um, in metal for example, it can help us understand why it behaves as it does. And therefore, it can also help us understand why corrosion for example happens. And corrosion of course, yeah, is sometimes what brings airplanes down. So um that's a bit a bit uh exaggerated but it can help us understand how corrosion works and maybe even prevent that. So it will make engineering a bit safer. Now we need to talk about cryptography because here's where the juicy stuff comes in. Um we have a lot uh of cryptographic controls currently. uh banking, VPNs, certificates, basically internet, everything is encrypted and we're using symmetric cryptography, so private key

encryption and asymmetric uh and both will have uh to mitigate some quantum risks there. So in symmetric cryptography, we basically have Alice and Bob again the usual suspects in cryptography uh that share one secret key. So in this case it's very important that that key is remained secret and stored secretly because compromising the key will basically compromise the integrity of the message. Um when you look at symmetric cryptography you have a couple of standard or common algorithms uh data encryption standard and triple desk uh you sometimes still see them unfortunately. uh RC4 same stuff if you work with active directory environments and you see this stuff all the time unfortunately but also the advanced encryption standard so AES and blowfish

two fish are also two common examples now they have different kinds of key sizes how large the key size how hard it is to break that's the idea but that comes with disadvantages because it takes more computing power it's not that scalable so sometimes it's not worth to upgrade to the highest possible bits or key sizes. Now, when we look at quantum, there are a couple of these things that will be touched by something that's called um Grover's algorithm. So, it's an algorithm that love Grover scientist created that can quadratically speed up um the search in unsorted databases. So, when I translate that to human language, that basically means that we can double or quadruple the speed that it takes to

search through a database. For example, uh common passwords. So if we have a database or we have a password that says we have a password complexity 12 characters, um special capitals, etc. uh numbers, we know what the the amount of options are. With Grover's algorithm and a quantum computer, we can quadruple the speed that we need to get to the right one. So it will make brute forcing a lot easier. So to mitigate that, we already say that for advanced encryption standard, if you are on 128 or 192, please upgrade to 256. That's deemed quantum safe for now. It will probably for for a longer time, but that's the the way to go there. So symmetric

cryptography itself will not be broken by quantum computing. Okay, that's important to understand as long as you are on high enough uh key sizes. Um so this already what I mentioned I will skip through this you can read that later if you want. Now for asymmetric cryptography that's different. So this is what we call public key cryptography. Uh so it works with a a private key that encrypts the message into a cipher text and we have a public key that is used to decrypt the cipher text into plain language. Again very simple explanation of this. um in most cases it is um being implemented uh in conjunction of each other. So both are implemented in most

systems. Not in all definitely not all but in a lot. Um this should say asmmetric cryptography. Sorry for that. But some common algorithms are RSA uh digital signature algorithm DSA with diffy helman and two elliptic curve uh cryptographic algorithms. They already have way longer key sizes. But the problem here is is that they are all susceptible to quantum. Uh there's another algorithm. It's called shor algorithm. I I haven't put the name on this slide because you will probably forget it. Doesn't matter. Shor's algorithm can break all this stuff because it can solve uh the mathematics that are underlying all these algorithms. So the mathematics around these uh are hard enough for classical computers to not break or at least have

a very very very tiny chance but for quantum that will be made very much possible. So asymmetric cryptography any of these are all broken by shor algorithm. The only thing is is that we cannot deploy shores algorithm yet because we don't have a powerful quantum computer yet. So all asomemetric cryptographic algorithms are sub susceptible to that algorithm and to the risks. Um this is the the math around it a bit but in normal words as I mentioned it means that quantum computers make it much easier to break these algorithms. And then we also have hash functions. I will be very short around this like the secret hashing algorithm that puts a plain text or like a

password into a hash. Um that one are susceptible to pre-image attacks. So you can with a quantum computer more easily revert a hash to its input which should almost be infeasible actually but it could with quantum computer and they are susceptible to collision attacks. So it's basically possible mathematically possible that two different inputs so two different passwords for example lead to the same hash and you don't want that because that's dangerous. So also for hashing functions it means that we need to upgrade the length that makes it more susceptible but is not directly quantum safe. So that's something that's being worked on actively. So if you are still on 128 move to 256 or even to 512. Um problem

here is again that takes it's a longer key size, more computation power, less simplicity, more costs etc. So don't do this for everything just for your critical systems. Now the final part before lunch and I'm hope I'm still on time. Um cyber security in a postquantum world. Um then we have to talk um first and foremost about postquantum cryptography PQC. Sometimes it's always uh is also called called quantum safe cryptography QSC. Um everything is being abbreviated of course. Um but it encompasses the efforts that it takes to identify and develop cryptographic schemes that can withstand attack from both quantum and classical computers. Right? That's important uh because classical computers as I mentioned will still exist in 50 years and 100 years.

We don't have only quantum computers. They will be cyber sight. So we need a cryptographic scheme that can handle both. So one attack that's already happening at this moment is called a harvest now and decrypt later attack. The problem is you can't really identify this type of attack because we don't know how it ends. So imagine you have a a nation state actor or any kind of threat actor. They steal your data from a database that you left, you know, open on the internet, something like that. They store it somewhere else safer than you did. And then it's encrypted, of course, so they can't read it. But then the quantum computer comes along in five

years, 10 years, 15 years. Nobody knows. Very exciting. But then the quantum computer comes and they can basically break that encryption and still read your data. Now the problem is we don't know if this happens. We think it is because it's a very plausible attack but how do you know if the quantum computer is not there yet? So although this is realistic I think uh you don't do anything different than you do now. You keep your sensitive data protected and safe. If you do that then this won't work right. But this is very very uh a real one and this also implies that you need to um migrate to postquantum cryptography and and use your yeah your

most sensitive systems first. So uh the National Institute of Standards and Technology in America led the global effort to come up with cryptographic schemes. Uh we have four finalists give them an applause. Crystal Skyber, Crystal Delithium, Falcon, Swings. You can forget those names basically as well. But they will replace some of these most common uh asymmetric cryptographic schemes like RSA, Diffy, Helman EPIC curve. They will um have an application for secure key exchange and digital signatures, but it's still very thin, right? There's only one that's basically able to do quantum secure key exchange. So NIST and and other organizations worldwide are working on bringing more of these into a standard standardization effort so that you could use them in

your migration efforts. So these are the first uh and that the first uh the crystal sky crystal lithium and sphinx are already standardized and available. So it is already possible to use them but it's still in a very very early stage. So to wrap up things, it's time to start uh building quantum readiness and um there are a couple of migration scenarios here just to sum up for symmetric cryptography like AES. You need to move to a larger key size where applicable. So don't do this for data that's not sensitive, right? Do this for your most sensitive data, your medical records, your personal records, your HR, your financials, that kind of stuff. when as soon as possible. Then for

asymmetric cryptography, RSA, DSA, elapic curve, diffy, helman, etc., you need to move to hybrid cryptography. What that basically means, you will combine classical algorithms with quantum algorithms. Uh so you use them side by side. Okay, that also helps immediately protect against these harvest now and decrypt later attacks because you have a quantum protocol already in place that encrypt your data when within five years. Why? Because we think that 2030 may be the year that quantum computers will become more available. It can be a bit later. You saw the IBM quantum road map saying 2033. What we always know is that these things come as a surprise. So aim for 2030 is my advice. It will probably be a

bit later, but you never know. and you don't want to be surprised. And then for hash functions, as I already mentioned, move to larger key sizes also only for critical systems. Don't do this for everything. Um, same stuff also within five years. It's not an immediate threat right now. So to conclude the session a plan of action I think it's really important uh for all security folks to create awareness around this quantum threat the current threat around harvest now decrypt later but also the future threat um which is breaking cryptography but also businesses uh I'm not sure where everyone works of course but businesses will want to adopt quantum technology because then can provide a lot of

advancements uh competitive value etc. So your CEO probably might at some time want to make use of this stuff. So that needs to be secured as well. So default stuff authentication authorization all that that stuff will will happen as well. Um I can imagine uh an OASP top 10 for quantum in the future. It's not there yet. So for different stakeholders is important to create that awareness. Then an infantry of systems and applications that hold sensitive data. Um it's also important to map dependencies there because if you do a hybrid cryptography of one you might break the other system. So it's really important to start mapping this and we all know how hard this is. So start

early start soon uh create you know make sure that you have budget to do this. So take this up with your uh with your um responsibles uh and inventory the cryptographic algorithms that you use. So with the previous table that I created and that's that's already common knowledge now you know which ones to move first. So you can basically create a uh transition plan. Now also include quantum security and risk assessment and procurement processes. If you are going to procure any kind of stuff uh an application uh UB keys this just an example whatever that kind of stuff make sure that they are quantum ready you know it's fair to ask your vendors to ensure that they

have a plan to make their products and systems quantum safe in the future. That's something that I think you can basically ask them. Uh I'm not sure if they have an answer already, but it will put everyone on edge. And then finally create a transition plan to migrate quantum vulnerable systems. So basically ones with asymmetric cryptography to hybrid crypto and then in the end but then we're talking in around five years time I think start migrating critical systems first ensuring interoperability. So hybrid classical and quantum combined. That's it for now. Thank you. And please let me know if you have any questions.

Yes.

Yes. So I will repeat your question briefly. So you're basically asking if we could also utilize this stuff for better defense. So better defensive encryption. Uh so yes uh especially with key exchange uh as I mentioned symmetric cryptography uh the secret key needs to be stored securely needs to be sent securely and that's really a vulnerable process on its own. We can use quantum and basically the entanglement that I've shown you to make sure that keys are entangled and that any kind of easedropping attack for example get picked up immediately and that basically will break down the attack. So that's called quantum key distribution QKD. I decided not to put it on the slides because I have only had 40 minutes but

that's definitely one of the applications that we can utilize this stuff to make sure that our quantum keys or our keys are quantum secure. Yeah. So if you have any interest in that you can definitely look that up of information on that. Yeah. Thank you for your question. I think you had a one as well.

Yeah. So the question is uh we have an algorith algorithm the shorce algorithm that can break the discrete logarithm problem DLP that's the mathematics behind it. Um there's no quantum computer yet that is possible to break that. So what is the gap? So the fair answer is we don't know. Um there are a lot of different companies working on quantum hardware. There are a lot of different other companies working on quantum software. So there's a lot going on. Um most experts I don't count myself as an expert but most experts say between 2030 and 2035 will be the time. But that's a fiveyear gap. And if it's 2030 I think we have a big problem. 2035 we

will probably be a bit more prepared. But if you really want to run that algorithm, you really need a sound quantum computer that can do error correction and error mitigation. So we're probably thinking 2035 earlier. But that's just a wild guess now. So unfortunately we do not know and that's what makes this risky. Thank you for your question. Anyone else or everybody hungry? Yeah.

That's a good question. Uh I will revert back to my previous answer. I don't know. Um going to be very honest there. Uh it's sometimes hard to say that but that that's true. Um so yeah when quantum computers become available that will be probably via uh cloud providers, hyperscalers, etc. that can be used and abused when you have quantum key distribution and that kind of stuff in your mobile phones and in different other applications as well. I'm not sure. I would say also around 2035 because they lean on the same principles. Um but yeah, fair enough. I don't I don't know for sure. Okay, thank you for your question. Shall we leave it at that for now? If

you do have anything else, then uh let me know after the session. Thank you. Enjoy your lunch. Thank you, Nick. Thank you for your amazing talk. I hope the cat is still alive, but I don't know. Um, so for the rest of you, there's an hour break. Um, don't forget to write your name, your name on the poster. Uh, there's a free lunch. Uh, check out the sponsors, check out the lockpicking village and the capture the flag. There's more than enough time. Uh, and we will be back in an hour for the next session. Thank you all.