Quantum computing epitomises disruptive technology. Its use cases range from tackling climate change to drug discovery. But it also presents significant risks. My colleague John has previously explained what quantum computing is and why it’s important. Here, we look at how quantum computing could render current encryption technologies obsolete.

How do quantum computers work?

Think of the last time you solved a maze. You probably picked a route, followed it until you reached a dead end, then turned back and tried another path. Eventually, you might have reached the centre. A classic computer solves problems in a similar way: it considers different options in turn until it finds the answer.

This is because classic computers use binary ‘bits’, which are either on or off – 1 or 0. As classic computers can be in only one state at a time, they have to test each possible answer one by one. Complex problems take a long time to solve.

Quantum computers are different. They use quantum bits – ‘qubits’ – which, in the right conditions, are subject to laws of quantum mechanics. This means that:

  • before a qubit is observed, it exists (probabilistically) in multiple states at once – called ‘superposition’; and
  • changing the state of a qubit can affect the state of other qubits in the same quantum system, regardless of the distance between them – called ‘entanglement’.

Together, superposition and entanglement mean quantum computers can rapidly explore multiple options in parallel, giving a probabilistic answer of an option being correct.

Quantum computers are therefore particularly good at finding the best or most likely solution from a range of possible answers – so-called ‘optimisation problems’. With enough processing power, a quantum computer could make light work of even the most complex optimisation problem.

What does this mean for encryption?

Most encryption technologies (such as RSA) rely on it being extremely difficult to find the prime factors of large numbers. A basic calculator can tell you that 47 x 61 = 2,867. But working backwards to find that the prime factors of 2,867 are 47 and 61 requires trial and error – just like that maze.

For very large numbers, even supercomputers could take thousands of years to try each option, one by one, before stumbling upon the prime factors. This makes current encryption ‘computationally secure’: it would take so long to crack the code through brute force that it’s essentially unbreakable.

Enter quantum computers. By considering multiple options in parallel, quantum computers with enough qubits could instantaneously find a large number’s prime factors. And Shor’s algorithm – a quantum algorithm for prime factorisation – has been around since 1994.

What should you be doing about it?

It’s likely to be several years before quantum computers are powerful enough to threaten current encryption – so quantum hackers will need to bide their time. But governments and tech giants are already investing heavily in developing quantum-proof encryption, as well as new types of encryption based on quantum mechanics.

Data protection and cybersecurity laws require organisations to take appropriate technical measures to secure their data – and the National Institute of Standards and Technology is developing new quantum-resistant cryptography standards. It’s therefore important to keep an eye on these developments to make sure your business doesn’t get left behind.