(AFCEA.org) Adrian Stanger, senior cryptographic authority, Cybersecurity Directorate, National Security Agency (NSA) says, “The national security community needs to prepare now for the possibility that U.S. adversaries could develop and deploy quantum computers, which would render useless most conventional encryption algorithms.” .
If Russia or China, for example, develops quantum computerst, conventional computing algorithms protecting U.S. national security systems (NSS) would be vulnerable. NSS are communications systems owned and operated primarily by the intelligence agencies and the Defense Department. Any country gaining quantum dominance also could endanger other critical infrastructure systems, such as those used for banking and finance, transportation, healthcare and electric power grids.
“With an advanced quantum computer, adversaries could potentially thwart the cryptographic protection mechanisms and leave little or no trace even. This would threaten what we technically refer to as the confidentiality, the authentication and integrity of data and systems. That’s what a quantum computer could do,” Stanger states.
He suggests national security system owners and operators consider four potential challenges to adopting post-encryption algorithms. “I would lump [the challenges] into four bins. There is a timing consideration. There is some coordination, and then there’s always resources and planning. Anytime you kind of change things, those are always going to be in play.”
Quantum computers will threaten much more than national security systems or other government systems. The critical infrastructure computers and networks, which are largely owned by the private sector, also will be at risk. That includes the healthcare industry, banking and finance, transportation, energy and food and agriculture sectors, among others.
“The threat of a sufficiently large quantum computer would be that any of those could be compromised. Even though this isn’t in NSA’s remit to focus on providing the mitigations for … if they didn’t have mitigations in place—post-quantum algorithms or some other mitigation—then they could be susceptible to having their information technology systems compromised,” Stanger notes. “You have the same type of threat where it could be devastating to any of those systems.”