Quantum technology – the black swans are gathering, claims start-up CEO

Chris Middleton Profile picture for user cmiddleton January 22, 2024
The risk that quantum computing poses to strong cryptography has been known about for decades. However, one industry CEO thinks the danger is more imminent than most researchers believe

An image of a black swan with a red beak
(Image by Holger Detje from Pixabay)

Much has been written about whether there will be a tipping point for quantum technologies, a critical moment at which they suddenly become adopted at scale. The reality is that quantum and classical computing will co-exist long into the future, joining forces in a hybrid environment that plays to both of their strengths.

There is more good news. Quantum computers will probably become sufficiently powerful, fault-tolerant, and reliable to run some enterprise tasks this decade. But industry consensus suggests that use cases that are ideally suited to such devices will emerge more slowly. These might include applications that model the natural world and chaotic processes, crunch huge numbers, reveal hidden correlations in specialized data, or help researchers develop new materials and drugs – alongside AI on classical devices.

But in the absence of a tipping point, might there be a so-called ‘black swan’ moment for quantum instead? A sudden event that has unforeseen, perhaps negative, consequences? The answer is that such a crisis is approaching. We don’t know precisely when it will hit, but we do know what it is – and what will happen if we fail to prepare for it. 

It is the threat to the global economy – to banking, ecommerce, supply chains, government systems, and everyday communications – that will arrive when quantum computing, or an emulation of it, can reliably and swiftly break the public-key encryption that underpins our secure transactions and communications. 

In a forceful session entitled ‘Quantum’s Black Swan’ at the World Economic Forum in Davos last week, Jack Hidary, CEO of quantum sensor provider SandboxAQ, urged much greater urgency in building quantum-safe systems and post-quantum security than is normal at industry events.

He said:

Let's say we want to build a tunnel under a river. We don't just start from one side and keep going; we start from both sides and meet in the middle. So, by analogy, the hardware folks – IBM is doing an incredible job of advancing the superconducting quantum computing methodology, for example – are digging from one side. But the algo [algorithm] people are digging from the other. 

What has happened recently is that, in paper after paper, we've seen that the number of qubits we need to crack RSA is coming down. So, the two sides will meet faster and faster under the river to make this tunnel that breaks the banking system, that breaks the telco system, that breaks the energy system, and breaks government secrets.

So, is there any good news? Yes and no, he said. On the one hand, the US National Institute of Standards and Technology (NIST) and others have come together to create new post-quantum cryptography protocols. These are still being sought, tested, and finalized. 

But on the other, he explained: 

[The bad news is] it takes seven or eight years for a bank or government to transition to a new protocol. So, what's very important right now is that we understand that this [the development of quantum technologies] does not work in a linear fashion.

On its own page on quantum-resistant cryptography, NIST says:

Historically, it has taken almost two decades to deploy our modern public key cryptography infrastructure. Therefore, regardless of whether we can estimate the exact time of the arrival of the quantum computing era, we must begin now to prepare our information security systems to be able to resist quantum computing.

In Davos, Hidary added:

People got surprised by Gen-AI, and what's going to happen here is the same thing. At some point, people are going to say, ‘Wow, what a surprise, what a shock, that our cryptography is broken!’

Certainly by 2029-30, we're going to see scaled, fault-tolerant quantum computers. But you might say, ‘I need a certain number of qubits’ [to break encryption] today. But my prediction is that the number of qubits is going to come down.

Think about the brass prize of being able to decrypt everything in the world! This is a major issue. […] We have to act now.

So, there may be a global crisis – conceivably as early as this decade – unless organizations treat this foreseeable event as an urgent, real-world problem, and not as a long-term theoretical one. Less of a serene black swan, in fact, and more of a rampaging bear.

But was Hidary just trying to raise his own profile – and using the World Economic Forum to do it? Perhaps, and he would not be the first. But it is equally possible that he has detected troubling signals amidst the industry noise.

It’s no secret

The key issue (in every sense) is this: it is not as if the method for cracking RSA encryption, for example, is a secret. It just comes down to maths.

Peter Shor, a Professor of Applied Mathematics at MIT, proposed what became known as Shor’s Algorithm 30 years ago. This is a method for factoring semi-prime numbers on a quantum computer – theoretical when he proposed it – exponentially faster than on a classical device. (This is due to a qubit’s ability to superimpose multiple states, compared with the binary ‘on’ or ‘off’ of a classical bit.)

In this way, such an algorithm would, if run successfully, negate the security assumptions that underpin asymmetric cryptography. Namely that the timescales for running the required calculations on a classical computer – billions of years to crack the minimal standard for secure encryption (RSA-2048) – make it practically impossible. (The computation required grows exponentially larger with each digit in a sequence.)

By contrast, the only obstacles to using a quantum computer to run Shor’s algorithm – or some evolution of it – are the number of qubits (estimates range from one per bit all the way up to 20 million for cracking 2048-bit encryption), and the fact that their subatomic nature makes them noisy, and prone to error. 

So, a quantum computer simply needs to be both powerful enough and fault tolerant, or self-correcting.

Most researchers believe that such an algorithm can’t run at present; and certainly not for keys that have hundreds or thousands of digits. But it is purely a matter of time, though opinions differ as to whether that might be within a decade, a lifetime, or something closer to geological time.

The big but

But there is a problem, however. And that is: what if encryption is much closer to being cracked than most researchers believe?

Unsurprisingly, this is a matter of claim and counterclaim for anyone keen to make a name for themselves, or to spook rival governments. For example, a year ago, a group of Chinese researchers claimed that a 2048-bit RSA key could, theoretically, be broken by running the similarly named Schnorr’s Algorithm on a quantum device of only a few hundred qubits. 

That is troubling, given that the latest quantum hardware is up to the 1,000-qubit mark already, while smaller, more fault-tolerant devices exist too. However, others have claimed that this algorithm works well enough to crack, say, a 48-bit key, but cannot scale to much larger numbers. As a result, the computation would fail.

Meanwhile in November 2023, veteran researcher and Physics PhD Ed Gerck made a truly astonishing claim: that he had broken RSA-2048 encryption in seconds using quantum emulation on a cellphone, using an ‘all states at once’ technique called simultaneous multifactor logic. 

In the absence of formal publication of his research, or any peer-reviewed data, the security community remains deeply sceptical. Even so, the problem facing the industry is that even the most sensational or unlikely claims can’t just be dismissed – despite astronomer Carl Sagan’s aphorism that extraordinary claims require extraordinary evidence. The stakes are simply too high.

One reason is the possibility, however remote, that a researcher might have made a giant leap forward, or spotted a flaw in orthodox thinking; consider how Einstein’s thought experiments a century ago transformed our picture of time, space, and gravity, for example.

Another is the phenomenon known as ‘Store Now, Decrypt Later’ (SNDL): the awareness that any number of organizations, hackers, or hostile states will have been hording others’ encrypted data for decades, and are just waiting for the breakthrough that enables them to read it. 

For this reason, Gerck urged authorities to retire RSA and implement quantum-safe standards as soon as possible. Even if his own claim proves to be bunkum, that sounds like sensible advice.

When swans fly blind

But the risk of a quantum computer breaking strong encryption is not the only black swan that might arise from the technology, or demand its urgent adoption. According to Hidary – who was on a panel with Ana Paula Assis, EMEA Chair of the IBM Corporation, and Joël Mesot, President of ETH Zurich – another black swan is already with us.

Quantum sensors are essential today, he explained, because of problems with the satellite-based GPS systems that we all use to navigate, plus the inaccuracy of others in the medical profession.

He said:

What if GPS is not available? Over huge swathes of the ocean right now – in the Pacific Rim area, particularly near Taiwan, there is no GPS. And over huge swathes of the Middle East, GPS is not only being jammed, but being spoofed. Four planes went into Iranian airspace in the last four months, unintentionally. So, this is a major issue. 

But we can use quantum sensors to detect the unique magnetic footprint of every square meter on earth, in the same way that birds and whales navigate.

Boeing and Airbus are among the aerospace companies that have been investing in quantum navigation and timing research – in Boeing’s case, as far back as 2018.

Quantum sensors are also “24 months” away from being approved for use in hospitals to monitor patients’ hearts more accurately, claimed Hidary, thus avoiding the problem of traditional sensors missing a defect. However, such devices demand AI running on a classical computer to pull the signal from the noise of the many other sources of electromagnetic radiation.

He explained:

The [magnetic] signal from a heart is very, very faint – so faint that you need a quantum sensor to pick it up. But there is so much other noise, so much other information. If you have an iPhone, if you have a smartwatch, or any of the other magnetic signals in this room, it can confound that sensor. So, we have to pass it through a GPU into an AI model, trained on the data of what a heartbeat looks like.

This convergence of AI and quantum is what's happening now. We need to move into the quantum realm to understand our own bodies. First the heart. And then, of course, the brain.

My take

While little of what Hidary said is new – these issues have been known about, conceptually, for decades – the force of his argument, and its delivery, was unusual. As a result, the possibility that these challenges might be more urgent than most researchers believe cannot be ignored.

Watch out for those black swans!

A grey colored placeholder image