# Unlocking Quantum Security

z/OS / Linux on IBM Z / z/VM / z/VSE / Article / Security / Quantum computing

## Quantum-safe cryptography is key to protecting data as quantum computing systems evolve.

Image by Kotryna Zukauskaite

By Rebecca Lubecki

03/02/2020As quantum computing evolves, bad actors also advance. Because quantum computing will have a lasting impact for the future and affect individuals across multiple industries, it’s important to prioritize its advancement.

What businesses across industries can no longer deny is that bad actors are out there—and they’re now looking to capture entire databases to store for a future time when quantum computers reach sufficient strength to hack into them. As a result, security has become increasingly important for quantum computing—specifically quantum-safe cryptography—to guard against current and future threats from quantum computers.

The only real similarity between quantum computing and quantum-safe cryptography is that both have the word “quantum” in them. Quantum-safe cryptography will need to replace current cryptography methods to keep data safe from quantum computers and quantum capabilities. Learn more about quantum computing from a broader perspective in “What Is Quantum Computing” (ibm.co/37OA8hX) and “Quantum Computing at a Glance” (See below).

To understand how quantum computing relates to quantum-safe cryptography, and why quantum security is key for keeping current and future data safe, *IBM Systems magazine* sat down with IBMers Michael Osborne, manager of privacy and security and global lead for quantum-safe encryption, and Michael Jordan, Distinguished Engineer for IBM Z* Security.

“It’s the next generation of cryptography that’s important for today’s sensitive applications and domains. It’s important that IBM understands what the implications are of moving to new cryptographic algorithms, and then to pass on this knowhow to the clients.”

*IBM Systems magazine* (ISM): What is quantum computing and why does it impact data security?

**Michael Osborne (MO):** Quantum computers use a very different way of computing in the sense that they take advantage of quantum phenomena to perform computation. They’re based on the control of physical quantum properties connecting collections of atomic particles and waves.

Certain problems will scale very differently when attempted on a quantum computer versus on a classical (conventional) computer. In order to have a problem that scales better on a quantum computer, you’ll need to have an algorithm that incorporates the quantum phenomena at a quantum computer’s disposal. With this, you can solve increasingly large problems, compared to an implementation on a classical system.

The end result is that while plenty of problems will remain on classical systems, there is a set of problems that we can’t solve today classically; and the progress of classical computers predicted by Moore’s Law won’t help either.

Something might take millions of years on a classical computer, but with a quantum computer, it’d take minutes, given a sufficiently large quantum computer.

One such problem is given a large number, to find its prime factors. This problem is the basis for much of the cryptography that we use today. If one of these machines were to be built, then a lot of the cryptography that we use would be compromised. It’s not a problem in the future. It’s a problem today. If we’re storing data with today’s cryptography, the data can be stolen today by a bad actor, and if that data is still important when we get into the quantum era, then that data could be decrypted by the bad actor in the future.

This is where quantum-safe cryptography comes in. Quantum-safe cryptography is based on very different mathematical constructs for which there is no known quantum advantage and as such can be considered safe against future quantum adversaries.

**ISM: How is the IBM Z platform adopting quantum-safe cryptography?**

**Michael Jordan (MJ): **IBM has taken the position that we need to start building quantum-safe cryptography today and begin the migration process. The reality is, we don’t have the luxury of waiting. We’re looking to start building specific quantum-safe candidates into our encryption solutions with the thinking we may need pivot as standards evolve. With the IBM z15*, we introduced lattice-based digital signatures. These are referred to as Crystals Dilithium and we’re using them within the system for digital signing of audit records within z/OS*.

Based on experience responding to vulnerabilities identified in existing cryptographic protocols, such as SSL/TLS, we know moving to new cryptography requires a significant effort and is a process that can take many years. This reinforces our position that it’s important to start the process now.

**MO:** It’s the next generation of cryptography that’s important for today’s sensitive applications and domains. It’s important that IBM understands what the implications are of moving to new cryptographic algorithms, and then to pass on this knowhow to the clients. If the IBM Z platform has this capability, it becomes even more attractive as a possible migration platform because it’s tried and tested.

**ISM: What are some challenges that quantum-safe cryptography faces?**

**MO: **There’s confusion with quantum-safe cryptography, quantum security and quantum cryptography. With quantum-safe, there’s no quantum except the name. It’s a direct replacement for today’s cryptography that’s safe against today’s threats but also threats from future quantum computers.

Quantum Key Distribution (QKD) uses quantum effects to distribute keys in a quantum-safe way but doesn’t provide solutions for many other areas of cryptography that need quantum-safe alternatives such as digital signatures. In other words, QKD is good for confidentiality, but not integrity and authentication.

Quantum computers running quantum algorithms can also be used to enhance security in certain domains. For example, quantum machine learning algorithms could help us identify complex threats much faster than is possible today. We need to wait until larger quantum machines are available before we can start using these quantum algorithms for some form of improvement in AI, but we need to be protecting what we’re securing with quantum-safe cryptography today.

**ISM: How would you define quantum-safe digital signatures and why are they key for tackling future security challenges?**

**MO: **I'll use the example of a mortgage. In 30 years’ time, you don’t want to argue over who owns the house because you can’t tell the difference between a fraudulent and a genuine digital signature. Any transaction today that’s underpinned with a digital signature is at risk of being manipulated. In the future, we might not be able to trust anything that we sign today. That’s the main reason for quantum-safe digital signatures.

**MJ: **The underlying technology for quantum-safe signatures is similar to digital signatures with the classic encryption algorithms we have today. The difference between a digital signature with classical cryptography and with a quantum-safe algorithm is that with the quantum-safe algorithm, the underlying math that’s being used has no known quantum algorithm that can be applied to solve a potential intractable problem with relative ease.

## Quantum Computing at a Glance

A clear divide exists between quantum-safe cryptography and quantum computing. To learn more and get a clear understanding of quantum computing from a broader perspective, *IBM Systems magazine* sat down with Christopher Schnabel, director of IBM Q offering management.

*IBM Systems magazine* (ISM): In terms of quantum computing, what do you highlight when it comes to explaining the concept to someone who’s unfamiliar?

**Christopher Schnabel (CS): **With quantum, four different technologies are at play. It breaks down into quantum sensing, quantum networking and quantum computing, and quantum-safe cryptography is the nonquantum cousin.

While they may be used together in future solutions, it’s easiest to treat them separately. You can use quantum mechanics for quantum sensing, for example, identifying small perturbations in gravity using a qubit. You can use quantum mechanics for networking (i.e., Quantum Key Distribution that allows you to send information in a secure way). Quantum-safe cryptography is not quantum at all, as it’s a classical response to quantum computers being able to decrypt certain current cryptography.

It’s also important to note that you don’t need to know quantum mechanics to learn or apply quantum computing. The real basis is linear algebra and applied mathematics. If you’re good at it, you can take more steps to figure out quantum computing.

**ISM: What are some challenges that quantum computing faces today?**

**CS: **The main challenges are building the quantum systems themselves, as well as understanding how to use them. Many algorithms are based on a universal quantum computer with “perfect qubits that are error free.” These types of quantum computers don’t yet exist, though a number of systems—for instance, the ones available on the IBM Quantum Experience —allow users to explore the use of quantum algorithms that are able to work in today’s quantum systems.

IBM is working closely with enterprises to explore algorithms, map strategically relevant business problems to them and progress toward actually making demonstrations of quantum advantage, where we can do something that a classical computer can’t that has practical business value.

**ISM: How can we make quantum more broadly usable or accessible?**

**CS: **IBM has had open access quantum computers online for anybody to use for exploring quantum computing. With the broader research community, we’ve also built the open-source project Qiskit, which is the most widely used open-source project for writing code for quantum computers.

IBM has taken these steps to make the resources available, as we fundamentally believe that we need to invest in the communities that are passionate about quantum. Otherwise, we won’t be able to take advantage of systems we’re making available.

Having access to this real quantum hardware is critical. You can’t just do everything on quantum simulators, as you won’t be forced to confront their limitations unless you use hardware. In addition to hardware access, we’re also ensuring that educators have access to the resources that they need to build the quantum workforce.

**ISM: What are some real-world applications of quantum computing?**

**CS: **Well, today there have been no demonstrations of quantum advantage because a quantum computer can’t do anything that a classical computer can’t do.

However, one is using quantum computers to simulate quantum systems. While there’s a lot of promise for machine learning with quantum for complex systems, or specific sub-classes of optimization problems, a molecule is a quantum system and simulating the physics of chemistry is likely one of those early applications of quantum computing. We simply can’t simulate chemical systems using classical computers to any reasonable scale. We can observe what happens in nature, which is more efficient than our own processes, but we don’t know how to duplicate that. Simulating molecules and chemical reactions opens the opportunity to be more efficient with industrial processes.

**ISM: What are some breakthroughs that you think will develop in the future as a result of quantum computing?**

**CS: **If you think back to the dawn of classical computer science when Claude Shannon was describing information, he wouldn’t have said: “Smartphones are going to be huge.” One intriguing aspect, though, is that the power a quantum computer may be able to offer is enormous. Consider the space a perfect 300 qubit quantum computer can explore is 2300. That’s more atoms than there are in the observable universe. Consider that lithium ion batteries need cobalt as a catalyst. We may be at the brink of consuming all of the cobalt on the planet given that electrical vehicles will drive enormous demand. It would be groundbreaking to use a quantum computer to find alternative ways of making lithium ion batteries. At the end of the day, though, people need to work with these quantum systems to explore how they can really move toward bigger breakthroughs, and many companies have already begun.

z/OS / Linux on IBM Z / z/VM / z/VSE / Article / Security / Systems management / Data management / IBM Z / Data security / Quantum computing / Pervasive encryption

Rebecca Lubecki is an associate editor for IBM Systems magazine.

## Post a Comment

Note: Comments are moderated and will not appear until approved

comments powered by Disqus