Home / Opinion / Columns /  India must adopt quantum-safe cryptography

Quantum computers are maturing quickly—perhaps even faster than we could have predicted just five years ago. We see quantum technology’s rapid pace of development as an important opportunity: We believe these machines are going to solve important problems in research and industry, which could revolutionize fields from materials and drug discovery to finance and machine learning. But this rapid development also brings about an important consideration: The encryption schemes we use today to safeguard sensitive data— such as our financial and health records—could be made obsolete in a world where future quantum computers reach their full potential.

As we work to bring about quantum-centric supercomputing, we’ll need to ensure that each facet of the computing workflow can protect future systems and data from the ‘harvest-now, hack-later’ that’s already happening. This is especially critical for governments and highly regulated industries such as financial services, healthcare and telco. In fact, anyone responsible for securing data or digital infrastructure will need to take steps today to make themselves quantum safe. Waiting is just not an option.

Why quantum-safe matters

According to IBM’s 2022 Cost of a Data Breach Report, 83% of organizations worldwide have experienced more than one data breach in their lifetime.

According to the same report, organizations in India, on average, reported 29,500 breaches (between March 2021-March 2022). Organizations in India, including both government and private institutions that hold sensitive data, need to immediately start implementing quantum-safe protocols.

Governments across the world are concerned that bad actors are positioning themselves to take advantage of next-generation code-breaking tools. Attackers could be stealing and hoarding large tranches of encrypted data, unreadable with contemporary tools, with the intent to decrypt it once better quantum technology becomes available. Organizations may have already experienced breaches that they will not know about for many years, creating an uncertain security and liability environment. We may not know exactly when it will be possible to breach today’s encryption, but one thing is clear: any data that falls into the wrong hands before an organization transitions to quantum-safe protocols should be considered already lost.

Setting the standards

Organizations cannot afford to wait, and it is already possible to start using secure cryptography. In July 2022, the U.S. Government’s Department of Commerce’s National Institute of Standards and Technology (NIST) announced four quantum-safe protocols as their “post-quantum cryptographic standards," which they expect to finalize in the next couple of years.

While securing critical Indian data with quantum-safe cryptography will be important, there is also a huge opportunity here for Indian engineers and the IT industry. India’s IT industry received its biggest boost when the Y2K problem happened at the turn of the millennium. Companies worldwide scrambled to fix the date change problem that could cripple industries, ranging from finance and airlines to mining, on 1 January 2000. In many cases, it required going through thousands and millions of lines of code to fix the bug. This needed trained programmers. And the Indian software industry seized the opportunity.

Fixing the “YQK" problem—this time, the “Q" stands for “quantum"—presents an even bigger opportunity for India. This is the time for decisive action from the Indian standards organizations, industry and government to address the challenge and figure out ways in which the Indian IT industry can contribute and take advantage.

Don’t wait

With so-called ‘quantum advantage’ on the horizon, business leaders should be preparing for how their industry could benefit. But they should also understand the risk of future fault-tolerant quantum computers on the horizon and explore available solutions based on quantum-safe cryptography standards, such as the IBM hybrid cloud system z16, that will protect their data and classical systems.

In conclusion, any computer system that will have to operate securely without major modifications over a period of years—the computer in your next car or embedded in a satellite, for example —will need to be quantum-secure well in advance of the threat. Can you afford to wait?

Amith Singhee is Director, IBM Research India and L.V. Subramaniam is Senior Manager AI and IBM Quantum Ambassador at IBM Research India.

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less

Recommended For You

Trending Stocks

×
Get alerts on WhatsApp
Set Preferences My ReadsWatchlistFeedbackRedeem a Gift CardLogout
x