ArchiveOODA Original

Quantum Computing Use Cases and Post-Quantum Cryptography

Quantum computing is a fascinating, complex, highly technical, sometimes daunting to conceptualize technological breakthrough and driver of the future marketplace. So yes, the promise of quantum computing will happen and is happening. The question is not so much when, as most quantum experts argue that in the next 3 to 10 years we should see a market maturation, complete with quantum commercial products and platforms broadly available. The question is how quantum will have an impact during a growth phase in which the capital expenditure capabilities and strategic concerns are driven more by governmental, governmental agency’s and, in our current climate, non-state actors’ (loosely tethered to nation-states for plausible deniability) ability to deploy adversarial methods only possible with next-generation quantum computational power.

The Quantum Gray Rhino

As we observed back in February in the OODA Almanac – 2021 Edition: “Quantum is the Gray Rhino that we know is coming but aren’t adequately addressing within our organizations. The OODA approach to quantum and other emerging transformative technologies is to study enough of their essence to enable intelligent assessments, and we recommend the same approach to any business leader seeking to understand how technologies will impact their business models and markets. In the case of Quantum, the science is fundamentally counter-intuitive. The reality at the super small scale of Quantum does not match the world humans observe. But quantum science is powerful and is having an impact on business today.”

The Quantum Computing Opportunity

We continue to refine our views of use cases for quantum computing and believe they will dramatically transform many industries, with one of the first being those which can benefit from extremely accurate models of reality, like chemical processing. Optimization of other processes will also generate new opportunities. For more see: The Executives Guide To Quantum Computing.

The Quantum Imminent Threat

When trying to sort out quantum computing to inform decision-making or strategically to avoid surprises for your business, one key threat posed by quantum computing is its ability to render null and void all current encryption algorithms and keys by a nation-state or a non-state actor. This technical fact is already raising national security and/or industrial cybersecurity concerns, in what is the fledgling race for what is referred to as Quantum Supremacy.  The global financial and economic system is at the center of these scenarios, due to the central role encryption now plays in enabling global electronic financial transactions.  A discussion is also beginning to mainstream about post-quantum cryptography concerns in intelligence gathering and data encryption, with a highlight on privacy and surveillance concerns, foreign and domestic. Mission-critical corporate data and employee Personal Identifiable Information (PII) also figure prominently when accessing future risk vectors.

Get to Know the NSA’s Quantum Computing Resources

The historically secretive National Security Agency (NSA) embarked on a significant chance of course earlier this year, releasing in January the first of its kind NSA Cybersecurity 2020 Year in Review. The report underscores efforts within the Department of Defense, for example,  “to modernize the Department cryptography” in anticipation of quantum-fueled computer attacks.

The NSA will undoubtedly play a central organizing role in the future of quantum computing and cryptography. The year in review report represents a resource for public and private-sector cybersecurity professionals for determining NSA priorities and what they consider a threat. It is also an effort by the agency at a newfound openness and collaborative model, which they have extended to their information outreach, industry standardization, and industry partnerships efforts in quantum.

Another recent NSA report focuses directly on post-Quantum cryptography. This 8 page document in the form of Q&A’s provides an overview of the nuances of quantum safe computing that can be used by technical teams to ensure current activities are ready to transition to a quantum safe world. Some excerpts:

Q: What is “quantum-resistant” or “post-quantum” cryptography?

A: Quantum-resistant, quantum-safe, and post-quantum cryptography are all terms used to describe cryptographic algorithms that run on standard encryption/decryption devices and are widely recognized by experts to be resistant to cryptanalytic attacks from both classical and quantum computers.

Q: What is quantum key distribution (QKD) and quantum cryptography?

A: The field of quantum cryptography involves specialized hardware that makes use of the physics of quantum mechanics (as opposed to the use of mathematics in algorithmic cryptography) to protect secrets. The most common example today uses quantum physics to distribute keys for use in a traditional symmetric algorithm, and is thus known as quantum key distribution. This technology exists today and is distinct from the quantum computing technology that might one day be used to attack mathematically based cryptographic algorithms. The sole function of QKD is to distribute keys between users and hence it is only one part of a cryptographic system.

The NSA FAQ document is available here:  National Security Agency Frequently Asked Questions – Quantum Computing and Post-Quantum Cryptography

Further OODA Loop resources: 

The OODA Almanac

The OODA Almanac proposes to identify those topics and patterns we see having significance in 2021 to guide your short and long-term decision making. Over the course of 2021, we will continue to inject additional observations on these topics into our analysis or as stand-alone tidbits of observed intelligence (OODINT). See: The OODA Almanac – 2021 Edition

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real-world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Quantum Computing Sensemaking

OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking.

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.