As it stands, everything we do online relies on cryptographic algorithms to keep our data safe from malicious hackers.
However, the rise of quantum computing could make those algorithms redundant. Meaning, all the encrypted conversations, online businesses, and banking services we rely on could be easily penetrated by quantum computers in a matter of seconds. It’s like we’re all sitting in a leaky boat and quantum tech is a big ol’ iceberg in our path.
“In cybersecurity circles, they call it Q-day: The day when quantum computers will break the Internet,” claimed a Nature article.
Subscribe to our Newsletter
Join our editors every weekday evening as they steer you through the most significant news of the day, introduce you to fresh perspectives, and provide unexpected moments of joy
The quantum threat is also an opportunity to be ahead in the game, and seize the moment when quantum arrives. Although still in the nascent stage, India is slowly and steadily pushing ahead.
At present, there are two promising solutions to the classical cryptography problem: Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC).
Quantum Key Distribution (QKD) is a secure communication method that utilises quantum mechanics to create an unbreakable code between two parties. It requires specialised quantum devices to generate and transmit quantum keys, which can be costly. On the other hand, Post-Quantum Cryptography (PQC) is a type of encryption that is resistant to attacks from both classical and quantum computers, making it suitable for the post-quantum world. PQC algorithms can be implemented using conventional hardware, which makes it a more cost-effective option.
“We already have a commercial QKD and PQC product, and several institutions are working on developing [more such] quantum encryption techniques. . . But we need more private players to enter the field to continue building the momentum,” Sreekuttan L S, Head of Products at Qkrishi, told AIM.
Meanwhile, Indian IT giant Tech Mahindra also partnered with Finnish quantum computing firm, ‘IQM’ to focus on cryptography and cybersecurity applications of quantum computing.
Indian IT’s quantum bet did not go completely unnoticed. As previously covered by AIM, the Indian IT sector is actively partnering with startups, companies, and technical institutions to enable the sharing of expertise, the establishment of labs, and the development of talent—all aimed at building and advancing quantum applications.
Quantum is catching up
Encryption has also emerged as a challenge for the Indian government to regulate. Although India does not have a specific encryption law at the moment, there are various industry requirements for minimum encryption standards. For example, the licence agreement between the Department of Telecommunication and Internet Service Providers permits the utilisation of encryption technologies only up to 40 bits with RSA algorithms. Similarly, SEBI mandates a 64/128-bit encryption for all transactions.
RSA is one of the most widely used encryption techniques, which uses a pair of keys—a public and private key—to encrypt and decrypt data. It is used in applications that range from secure data transmission over the internet, such as in HTTPS, SSH, and SSL/TLS, to digital signature to authentication, as well as in online payment systems.
The foundation of the algorithm is the notion that it is arduous to factor large prime numbers. Therefore, in order to secure a key represented by n=pq, where n is a prime number, the primary challenge is to ensure that the factorization of n remains difficult, even as factorization methods and computational power continue to advance.
However, Quantum technology is quickly catching up to the mathematical foundations that make up classical encryption technology. With the coming of quantum algorithms, such as Shor’s algorithm, it is becoming easier to calculate even large to large prime numbers. While in classical computers the runtime to factorise grows exponentially with the number of digits, the amount of time taken to factorise grows polynomially in quantum.
Y2K moment for quantum is near
The Y2K problem originally occurred at the turn of the millennium. The issue arose because many computer programmes were designed to only use two digits to represent the year in a date, such as ‘99’ instead of ‘1999’. This meant that when the year 2000 arrived, many programmes would interpret the date as the year 1900, leading to incorrect calculations and potential system failures.
The problem was later resolved by updating software with a patch that allowed it to recognise and correctly interpret the full four-digit year. At that time, there was a reason for concern. Fears populated that the Y2K problem could cause a widespread failure of banking systems, preventing people from accessing their accounts or engaging in important transactions.
The Y2K problem demonstrated the importance of timely and effective responses to new technological challenges. Indian software engineers from Infosys, TCS, and alike, went around the world to insert a small patch so the computer could recognise the year 2000—thus, marking it as one of the first problems they had to solve for the world.
“Similar to Y2K, there is going to be a problem with the encryption. This will create significant opportunities for security experts and engineers to develop new solutions to these emerging threats,” IBM’s L Venkata Subramaniam told AIM.
It is safe to say that the same IT companies are now gearing up for Y2K 2.0 to arrive with quantum.