Welcome to the KuppingerCole Analyst Chat. I'm your host. My name is Matthias Reinwarth and I'm the Director of the Practice Identity and Access Management here at KuppingerCole Analysts. My guest today is Alexei Balaganski. He is a Lead Analyst with KuppingerCole Analysts and he is the CTO at KuppingerCole Analysts. Alexei, good to have you back.
Well, hello, Matthias. Thanks for having me again.
Great to have you. And we want to talk about a topic that we have covered some time ago, two years or so. So this podcast is already quite long running. And we talked way back then and we want to do that again today. We want to talk about quantum computing and quantum computing in relation to cybersecurity. Why do we want to do that?
Well, as you rightfully mentioned, we have discussed this before, at least from a theoretical point of view. But there are a few reasons why we are doing it again. Well, the obvious one, I brought a new blog post about it and we want to discuss it today. And the second one - spoiler alert - there are some big changes coming in this area, specifically in terms of standardization. And I believe the next year, the latest we will have a lot to do with regards to Quantum, at least of post quantum cryptography.
Right.
So this is it. We have lots to discuss.
Right. So first of all, for a layman, quantum computing, what makes it different from traditional computing? Is there is a simple introduction on what we are talking about?
Wow. That's really a difficult question, Matthias. On one hand, quantum computing is again, it's nothing new. It's been at least theoretically talked about for decades. And even the practical developments have been running for at least 30 to 40 years already. The biggest problem, as opposed to, let's say, AI technologies, we are yet to see the “killer app” for quantum computing, the practical thing, hardware or software or anything else, a service which would actually demonstrate to every layman, Wow, quantum computing is so great and useful. And that's the biggest problem, we are yet to see those developments. But in a very short and simplified explanation: quantum computing is a completely different kind of computing, has absolutely no relationship to our quote unquote traditional computers with the binary logic. It works with... well, the foundations of our universe. So as you probably vaguely remember from your school curriculum, those tiny subatomic particles, they can demonstrate the properties of particles and waves at the same time. And they undergo some really difficult to understand behavior or some transformations. They can be in different states at the same time, which is called quantum superposition. They can be quote unquote, magically linked together where two particles behave as if they are connected or entangled, as the scientists say, even if they are positioned far apart from each other. And those fundamental properties in theory allow us to develop a completely new kind of computer, which would not be binary, it would be probabilistic in nature. And if you develop the right algorithm, you could solve problems very quickly, especially those which were just unsolvable with traditional computing. And of course, at least in theory, the things that brought quantum computing into practical discussions is cracking cryptography.
And if I understand it correctly. Cryptography is in many cases relying on the fact that the algorithms that are used for encrypting are so complicated and so complex and takes so long for cracking them that this is actually the basis for saying, okay, they are secure because they are not crackable within a reasonable amount of time or within a theoretical possible amount of time. And that is changing with this new type of algorithms?
Well, yes, If again, if you remember, the modern cryptography is roughly divided into symmetrical and asymmetrical cryptography, whereas one is just basically; you have one key which you use for encrypting and decrypting your data, and the other one relies on having two keys, the public one which you use to encrypt your data, and you can give it to anyone and the private one, which you can only use to decrypt the data, and you have to really protect it because if somebody steals your private key, they can easily have access to all your sensitive information. And this asymmetric cryptography is the foundation of basically the entirety of modern IT. It's used in, um, everywhere on the Internet to secure your data in transit, with HTTPS, for example. It's used in cloud computing to separate your sensitive data from other tenants. It's used in cryptocurrencies and distributed ledgers and whatever. Basically, everything in almost every digital industry nowadays relies on inability of someone else to crack your private keys. And this is exactly what would happen if those algorithms, the quantum algorithm will be practically implemented in quantum hardware. What used to take millions of years now could be cracked in seconds, minutes, whatever. And of course it can go way back. So, I mean, even if you have data, which you probably won't need next week or in the next year, but it's somehow sensitive, a third party could still have your data store it, encrypt it and then retroactively break it later when such computers will become available finally. So a lot in our modern digital business basically hangs on this proposition that sometime in the future, nobody knows when, maybe in 50 years, maybe in 10, or maybe tomorrow, a malicious actor out there would have access to the working quantum computer. Whenever he does, basically your business is ruined. What do you do? How do you deal with such a risk?
Which leads us to the question, what is the state of the implementation? What is the state of technology? Where are we right now? Is this an imminent danger? Where are we?
Well, that's the biggest question. That's the billion dollar question, because nobody knows for sure. What we do know, that there are companies, vendors out there who are working on developing quantum computer prototypes. One thing that we have to understand, that quantum computers are built out of so-called qubits. Those are like the basic primitives, basic units of quantum computing, just like binary bits are in fact what was built out of transistors. The tiny transistors on a silicon chip. A qubit is also a physical device. Modern nowadays qubits are pretty big and extremely fragile. They rely on like liquid helium and other really expensive and sophisticated physical processes to actually maintain their functionality. So modern quantum computers might have hundreds or maybe like a thousand of those qubits. They are not yet fit, they’re not yet big or reliable enough to run a proper quantum algorithm. So we know that nowadays a quantum computer basically reminds of our of the early days of aviation. Those first flights by the Wright brothers when your plane would probably hop and fly 50 meters and then break. Oh, this is exactly how modern quantum computers work. They break a lot because they are prone to noise. If your quantum bit, if not cooled properly or there is some electrical interference, it will not produce the expected results. It will be noisy, as I say. And of course, noise breaks quantum computations. So nowadays we are still safe. The only question is what will change tomorrow?
Talking about changes tomorrow. You mentioned the spoiler alert. What is behind that spoiler alert? What need organizations to prepare for the future? What is coming? What is already visible on the horizon?
Well, that's an interesting discussion in itself because, yeah, a lot of people just plainly deny that quantum computers will become accessible in the next ten, 20 or even 50 years. But there are also quite a lot of people who say, you better be safe than sorry, on the side of caution, you want to be prepared today. And among those people and organizations is the American National Institute of Standards and Technology, the NIST and they have been running this quantum preparedness program, if you will, since 2016. They've been working on developing the new modern standard for encryption, for cryptography, which if in theory resistant to future quantum computers. So it won't be as easily breakable as modern implementations and if I remember correctly, they are almost there. I mean, they have reached the final stage of their standardization process. We already know almost certainly which algorithms will be adopted as standards, their official announcement that will probably follow early next year. So basically in 2024 we will know for sure which standards we will have to implement. And since it will become at least as standard in the U.S., I would argue that the majority of the industry will have to follow, they will have to implement those standards. And of course, it will trickle down to us as well as customers and analysts as the rest of this community.
Right. And that also means that that effort that they led since 2016, as you've mentioned at least, can identify algorithms that will be quantum resistant, quantum safe. So although they will be implemented with traditional computers, as we are not yet there to use these quantum computers. So they understand the technology and the fundamentals of quantum cryptography and the mechanisms and decrypting via quantum good enough to prepare with proper standards, right?
Well, I think, I mean, you are asking the right questions. You're probably not able to put them into the right words, just like the majority of our audience. This is why people are often confused. They think that you would need to have a working quantum computers to have quantum cryptography. No, you don't. Actually, this is like the doomsday event for the entirety of cryptography. Cryptography is now running on classical computers and will continue to do so, which is totally fine. The only problem is as soon as quantum computers become available, you are essentially having a trump card, an easy solution for cracking the entirety of existing cryptography, and you want to prevent it, obviously. You want to keep your data safe. This is why you need new standards which will continue working as usual, even when the quantum computers become available. And again, it doesn't matter whether it happens tomorrow or in 20 years, you want to be on the same level of safety, if you will.
Right, so the earlier you can start preparing for that doomsday event, which might or might not happen quite soon, the better for your own online security, for your all your assets that you want to protect by cryptography. So that will be the starting point. If I understand it correctly. So really preparing and exchanging existing algorithms with ones that will be more likely to be safe against decrypting quantum attacks. I've read your blog post that you've mentioned and that is really an interesting work and I really only highly recommend reading that because it lays the foundation as well, just like our discussion right now. If somebody wants to continue that discussion, where should you start? Where should somebody start in evaluating that and maybe also getting in touch with other peers that need to focus on the same topic?
Well, first of all, I'd like to stress one additional point. You do not have to wait till the doomsday event to happen. You have to start well, ideally yesterday, but at the very latest tomorrow, because this whole notion of quantum computing as the only event that will change the safety of your cryptography is profoundly wrong. This whole idea of being cryptographically agile is actually much older than quantum computing. And we have, just in the last few years, we have already experienced at least several lesser doomsday events, if we will stick to that term, which had nothing to do with Quantum. And yet they have profoundly changed the field of cryptography. If you remember, for example, the Heartbleed bug, it was merely a weakness in implementation in a very specific cryptographic library, OpenSSL. But everyone uses OpenSSL. So everyone was suddenly exposed to basically breaking your existing encryption, even with traditional classical, no quantum computing needed. We also have outlived quite a few deprecated standards, DES, SH1 and so on. So they are standards which used to be considered safe, now they aren’t, simply because we have cloud, we have large scale computing, which is already strong enough to break those methods. So you have to be cryptographically agile today just as well as tomorrow. And this is exactly the point. Your existing IT infrastructure has to be inspected, evaluated and you have to understand how difficult it is to replace your encryption algorithm in your cloud application, how difficult it would be to re-encrypt your database, for example, without a lot of downtime. What if you have petabytes of data but you have to access it every second? You cannot just shut down your entire business for a week just to apply a new cryptographic standard. So if you want to be cryptographically agile today, you have to think about those challenges and you have to invest into perhaps a more modern hardware or a new software. And this is exactly what you have to be looking around today, talking to vendors, asking how cryptographically agile their solutions are, talking to experts like us, what should be like the priority recommendations and guidelines and so on. Maybe even attending a couple of conferences and learning what the leading experts in this area have to say to you.
Right. And thank you for sharing that bigger picture, giving that bigger perspective. So it's by far not only Quantum, which is one part of the equation, but as you've mentioned, there are other aspects, scalability, just power of computing or weakness of algorithms or just new developments in other areas that should be considered for this cryptographic agility that you just mentioned. And of course, yeah, talking to us is a good starting point as well. At the end of this podcast episode, of course, we want to mention our conference and you've mentioned conferences. There are other good ones, but ours is of course highly recommended. It's the cyberevolution which will take place in the mid of November in Frankfurt, Germany, which will cover that topic also, cryptographic agility and cybersecurity in a more modern world, AI plus quantum plus anything else. These are the topics that will be covered there and you will be there as well?
Sure. Looking forward to meet you, Mathias, and to our listeners as well.
Right. So that's a perfect ending of that episode. I highly recommend reading your blog post on our website. It's there for free. Just go to the blog section and you will find it very easily. Reach out to us if you have any questions, if you have any comments or topics to cover in that podcast, please leave a comment just below that YouTube video or reach out to us If you are listening to this episode on any other podcast outlet. Thank you very much Alexei, for being my guest today, for sharing your insights here. I think we will cover that topic maybe in two years or earlier, again, and this is a not an imminent danger, but something to have on your mind when you're doing proper cyber security planning. Thanks again, Alexei.
Thank you, Mathias. And we'll see you soon, I guess.
Yes, he awesome. And maybe see some of the audience as well in Frankfurt in November. Thanks again and bye bye.