IBM Moves on Quantum Security Opportunity

While quantum computers aren’t yet real, IBM has identified a critical problem and opportunity to apply its Quantum computing expertise when it is needed in the IBM Cloud. The issue we’ve known was coming is that once quantum computers become viable, they’ll be able to decrypt anything not protected against quantum decryption in a relatively short period of time. And encrypted data that has been stolen and safe until then will suddenly become a huge problem for the companies that have been compromised. If I believe security companies like Kaspersky, every company has been penetrated already but most aren’t even aware it happened.   

IBM has built a quantum level encryption engine into its latest Z16 server that will encrypt to a level that should give even quantum computers pause and should do a far better job of assuring that the data that was stolen from you encrypted remains secure indefinitely even in the brain of a viable quantum computer. 

Let’s talk about that this week. 

Anticipating the future

One of IBM’s competitive advantages has been its dedicated lab resources which allows it to better anticipate future events and build for them. The labs have driven efforts like Watson, IBM’s enterprise-class AI engine, and even allowed IBM to have a solution at scale long before its competitors were even looking at advanced AI. The company also has one of the oldest, most well-regarded quantum computing development efforts. And IBM was the first to have a cloud-based quantum education effort which is helping build a foundation of developers for when quantum computing becomes real.

It is this early focus on quantum computing that gives IBM what may be an unmatched level of quantum competence in the market today and allows it to better anticipate the current need for quantum technology which is to protect data today for the quantum threat of tomorrow.  

Normally you wouldn’t need to develop competency in new computer technology until after it becomes available, but quantum computing is such a big potential game-changer that is not the case this time. Quantum computing represents a massive change in how some computational tasks are done. The computers represent ways to analyze massive data sets and likely will be critical to the emerging metaverse worlds that several companies are creating.  Potentially best used for predictive analytics utilizing large datasets, like predicting the weather more accurately, once available, quantum computers will disrupt the server market significantly.  

Once they do, their full capability will become available to both good and bad actors, and it is those bad actors we need to be concerned about. That is because the type of encryption most companies use today will be, and is, inadequate in a quantum world.  

In a quantum world, you need at least 256-bit keys, according to IBM, to protect against both traditional existing and future quantum computer-generated attacks. 

Other quantum attack risks

In a presentation, IBM also addressed several additional future risks tied to quantum computers. They could:

  • manipulate software updates unnoticed, compromising the systems those updates are applied for,
  • recreate documented history to falsify materials supplied during litigation discovery in ways nearly impossible to detect,
  • create viable, false digital signatures that could be used to validate fraudulent contracts,
  • be used to launch extortion attacks with believable fake information.

Basically, without Quantum Safe Cryptography, no online secret, however well protected, is safe.   

And I’m sure, this is just the tip of the iceberg because, until we have quantum computers and developers start getting creative with them, we probably don’t know just how much damage they could do in the wrong hands. 

Wrapping up:

One of the biggest computing breakthroughs will be quantum computing. But, unlike other breakthroughs, this one can, in a way, go back in time and decrypt sensitive data that had been previously stolen. The use of quantum computers for harm or good is in our future, so understanding and then implementing a Quantum Safe strategy is a critical necessity.  That future is coming very quickly, and this time it can look back at our history and not only compromise already stolen data but make historical digital record-keeping far more unreliable than anything previously anticipated.  

One final thought: since everything stolen to date isn’t Quantum Safe, anticipating that your past encrypted files will be breached in the future and working out contingency plans for when it is, would be part of preparing for your quantum future.