Presently, the technology world has been swept up by compelling new technologies like Artificial Intelligence, with senior business leaders driving implementations across their organisations in an effort not to get left behind by the competition. With the focus fully on AI, they are letting a looming, critical issue take the back seat: Q-Day and post-quantum cryptography.
For the last 25 years, the technology industry has joked that a quantum computer capable of breaking our current cryptography was always just “5 years away”. However, it’s no longer a joke – this timeline is rapidly changing, making it crucial for businesses to understand the imminent arrival of sufficiently powerful cryptographically relevant quantum computers and the significant impact this will have on their operations.
The tech industry refers to the moment when quantum computers break our current encryption as “Q-day”. Unlike the Y2K problem, Q-day does not have a scheduled date, but recent developments point to a very short timeline before it arrives. Tech giants like Google have reset their timeline, estimating Q-day could arrive in 2029 – only a few years from the present.
A common response is to wonder why we can’t simply patch this like any other vulnerability. While cryptographic libraries (such as OpenSSL) will eventually receive updates to support new algorithms, the fix is far from a simple software update. Utilising these new tools requires updating configuration files and patching underlying software. More importantly, making the encryption harder introduces significantly increased resource requirements for organisations.
While some experts feel the technical challenges may prevent Q-day from ever coming, it is generally accepted that it will happen in the next five to ten years, if not sooner. Organisations must select their own target date to prepare, because the risks of being unprepared outweigh the effort required to get ready.
Classical vs. Quantum computing
To understand the threat, we must look at how quantum computers differ from the classical computers we use today. Classical computers store and manipulate information in bits, which are either a 1 or a 0, and use standard gates like AND, OR, and NOT to execute algorithms. One classical bit represents a single value, and 16 bits represent exactly 16 different binary values.
A quantum computer, however, uses quantum-bits, or “qubits”. Driven by the quantum wave function, these qubits exist in a superposition of both 1 and 0 simultaneously. Because of this uncertainty, one qubit can represent two values simultaneously; therefore, 16 qubits can represent 65,536 simultaneous values. Unlike everyday math and logic, a quantum algorithm coalesces on an answer by manipulating these wave functions.
Learn more about quantum computing with Tony Russell:
Quantum computers are getting smaller
We are currently living in the Noisy Intermediate Scale Quantum (NISQ) era. Today’s quantum test platforms suffer from a small number of qubits and coherence problems that introduce errors into processing. However, companies like Google, IBM, and Microsoft are actively working to increase qubit numbers and reduce quantum decoherence errors.
The real challenge stems from quantum algorithms. Shor’s algorithm makes breaking current asymmetric digital encryption algorithms (like RSA and Diffie-Hellman) trivial for a sufficiently powerful cryptographically relevant quantum computer. Recently, a paper published by Google Quantum AI, UC Berkeley, the Ethereum Foundation, and Stanford University showed that Shor’s algorithm can actually be implemented on a much smaller quantum computer than previously thought.
They demonstrated that fast-clock cryptographically relevant quantum computers could enable real-time decryption (or “on-spend” attacks), affecting the very foundation of blockchain cryptography. This specific research is what prompted Google to reset its timeline to 2029.
Harvest Now, Decrypt Later & Post Q-Day Trust
Even if Q-day is a few years away, the threat is more immediate due to a practice known as Harvest Now, Decrypt Later (HNDL). It is generally accepted that threat actors and nation-states are currently eavesdropping on public networks. They are harvesting and storing encrypted data today in the hope of decoding it after Q-day. Any long-lived data transmitted today using asymmetric encryption should be considered vulnerable to future decryption and public release.
Furthermore, once Q-day arrives, we face a crisis of “Post Q-day trust”. Current asymmetric technologies will be able to be broken in a matter of minutes. It will become impossible to trust certificates asserting identity or to guarantee that conversations aren’t being decoded in real-time. This affects everything from HTTPS sessions with online retailers and banks to trusted API calls between organisations.
New cryptography standards are available
To solve this problem, the US National Institute of Standards and Technology (NIST) instituted a program in 2016 to develop quantum-resistant encryption. In 2024, NIST officially released three new post-quantum cryptography standards to replace the current ones; These standards define new algorithms, namely ML-KEM, ML-DSA, and SLH-DSA. An additional standard, FIPS 206, is also nearing draft approval.
Current cryptography relies on making it incredibly difficult to reverse-engineer a key from encrypted data. It uses the multiplication of very large prime numbers for this task; while multiplying them is easy, determining the original primes from a 200-digit product is immensely difficult for a classical computer.
The new NIST standards operate differently, relying on lattice cryptography. Instead of prime numbers, these algorithms use complex tasks like the shortest vector problem. To visualise lattice cryptography, imagine a chess problem where you must move a knight to a specific square. In two dimensions, this takes a little thought. Now imagine dividing each square into sixteen smaller squares, and your task is to get as close as possible to one of those smaller squares, but you must do this across 900 dimensions. That staggering level of mathematical difficulty is what protects the new standards.
How can businesses protect themselves?
With the clock already ticking, organisations need to take 3 immediate steps to protect themselves:
- Spread the word: The information technology or security department needs to educate senior management, the board, and the risk department. This requires a fine balance between avoiding sounding like a science fiction story and being too technical to understand.
- Build a Cryptographic Bill of Materials: Following legislation like the Digital Operational Resilience Act (DORA), businesses should create a Cryptographic BoM. To avoid getting bogged down in paperwork, take a pragmatic approach: identify your exposure to the HNDL threat and determine what level of trust depends on cryptographic security.
- Get started with testing: Do not wait for the Cryptographic BoM to be completed before testing. You need to see how these new algorithms impact compute on servers, and whether your routers, firewalls, and private network links need upgrading to handle the larger data payloads. Additionally, current vendors may not be ready.
In this short clip, Antony Russell highlights why it’s crucial to get board buy-in when it comes to tackling Q-Day:
A cryptographically relevant, sufficiently powerful quantum computer will be a reality in the near future. With leading players like Google focused on solving the hard problems to provide a quantum computing service in Google Cloud, their 2029 timeline is very short. Organisations should not emulate the ostrich and ignore the looming Q-Day problem. We must get started with the work required today and be fully prepared for the coming revolution.
Telviva’s network security solutions are designed to protect your data, ensure business continuity, and empower your team. We provide a full suite of security measures to defend your business against evolving threats. Chat with us to learn more.
By Antony Russell, CTO at Telviva.