As things stand, the encryption that underpins the security of society’s critical infrastucture is at serious risk of being undermined by quantum computers within the next eight to 15 years.
A number of Canada’s international peers have acknowledged this approaching threat and taken steps to respond. For example, in 2015 the United States National Security Agency announced its intention to migrate to quantum-resistant technologies.
Canada has acknowledged the threat, but must also respond vigorously and proactively, and migrate from traditional encryption to new, quantum-resistant cryptography. If we don’t, our national security will be jeopardized as government, communication, electrical power and other critical infrastructure systems become vulnerable to hostile actions because of weak cryptography.
The challenge is that the necessary suite of mature and tested quantum-resistant cryptographic algorithms is not yet available. Nor are the technologies and tools based on them. Nor are the cybersecurity experts with quantum-safe skills who will use the tools to diagnose each system separately, determining what needs to be done to ensure that it is quantum-resistant.
Scientific research is underway to discover and test quantum-resistant algorithms, and to use the properties of quantum mechanics to create new forms of cryptography such as quantum key distribution (QKD). In time, products of this research will be incorporated into a number of new tools and commercialised. And, in time, a number of cybersecurity professionals with quantum-safe skills will emerge from colleges and retraining programs. Yet without a strong impetus to focus efforts and resources on a long-term campaign to meet the potentially catastrophic quantum threat, the response will be woefully inadequate – too little and too late.