Quantum Key Distribution and Quantum-Resistant Algorithms as the U.S. Defense Against Quantum Computing

Quantum supremacy’ demands prioritization of crypto protections

Key points…

+  But there’s another technology — one that doesn’t depend on increasingly stronger algorithms — quantum key distribution. QKD uses photon-based keys that cannot be intercepted or manipulated to enable unbreakable encryption. It can be deployed today and is in use in Europe, China and other countries. Because QKD is based on quantum mechanics, it’s not vulnerable to quantum computers like traditional cryptography is. The U.S. should develop and deploy both quantum-resistant algorithms (QRA) and QKD in tandem, given the serious risks we face with hastening advances in quantum computing.

+  There is a misconception that because quantum computers aren’t yet available, there’s no real threat to our data. That’s just not true. China has been harvesting and stockpiling troves of data it has stolen from U.S. agencies and businesses for years. The hoard includes highly sensitive data about more than 21 million government workers and contractors that was stolen in the Office of Personnel Management breach four years ago. While that data was encrypted, once China has a quantum computer it will be child’s play for it to unlock the data and learn secrets that can be used to further compromise the U.S. government.

+  That data is a lost cause, but new and future data can be protected against quantum attacks with QKD. I’m not arguing for one post-quantum defense over the other; I’m saying there’s a purpose and place for both QKD and QRA. From a national security standpoint, the U.S. must support the strongest data protection available. Only a defense-in-depth approach, or a combination of both QKD and QRA, can adequately address the problems we face from quantum computers.

Recommendations to help the U.S. gain the edge in quantum defense (adapted from the source work):

(1) Congress should increase the funding allocated for quantum research under the Quantum Initiative Act. The current allocation is $1.2 billion.

(2) NIST should support QKD development and commercialization. 

(3) Finally, the U.S. government should encourage companies to manufacture QKD hardware domestically to minimize the supply chain risk. We must be able to trust that there are no backdoors or other vulnerabilities injected into products that U.S. companies rely on to secure data. That means keeping all the manufacture of the quantum components inside our country. 

Source:  GCN.  John Prisco,  Quantum supremacy’ demands prioritization of crypto protections…

Content may have been edited for style and clarity.