On July 5, 2022, the National Institute of Standards and Technology (NIST) released the final round of candidates for post-quantum cryptography (PQC). Once finalized, these four algorithms will slowly replace today’s massive public-key encryption regime over the next decade and protect our digital privacy and security from attacks by future quantum computers. Before we get into what this all means, let’s take a quick look back at this emerging technology. What are quantum computers? And how dangerous could they be to warrant advance preparation?

Quantum technologies are highly sophisticated, and the public often inaccurately portrays progress in the field. To add to our past efforts in informing ongoing debates, we will examine the current progress and challenges in quantum information science (QIS) and its applications. The United States can avoid the potential threat quantum technologies pose to encryption and maintain its technological advantage in QIS research, but early preparation and robust discussions on its impact to digital privacy and security are essential for clear, sustained investments.

Current Status of Quantum Computers

In June 2021, scientists from China’s University of Science and Technology published their latest progress in quantum computing technology: a 66-qubit photon quantum computer that runs a simulation that is a thousand times faster than the most powerful supercomputer. The quantum computer’s power sparked worries about the danger of quantum computers breaking encryptions. Some also raised concerns regarding China’s advantage in “the quantum race” against the United States.

In theory, quantum computers can be magnitudes faster than classical computers at calculating and solving specific problems, and these special computers are recognized for their ability to process large number factorization quickly. Modern public-key cryptography systems rely on the long-standing assumption that classical computers cannot factor large numbers quickly. However, a quantum algorithm known as Shor’s algorithm can factor large numbers exponentially faster than the most efficient algorithm on classical computers. Imagine the combination of both a unique computer and algorithm—a quantum computer that can run Shor’s algorithm would break most public-key encryption schemes in a short time. Since public-key cryptography is used almost everywhere on the internet, from encrypting chat messages to verifying a website’s authenticity, the emergence of quantum computers threatens the future of internet security and privacy.

In reality, we have not witnessed any quantum computers achieving the scale and precision needed to factor large numbers and threaten our encryption. In 2001, International Business Machines Corporation (IBM) used their 7-qubit quantum computer to factor 15, proving the feasibility of Shor’s algorithm. In 2021, IBM reattempted the process, using their 16-qubit quantum computer to factor 35, but failed due to a large amount of noise in the result. Other quantum computers, including the 66-qubits one in China, are designed for specialized purposes and unable to execute Shor’s algorithm, as we will explain below. While these results are meaningful for scientific purposes, they are insignificant compared to the resources required to break real-world encryptions. For instance, RSA-2048 encryption, one of the internet’s most widely used public-key encryption, uses 617-digit numbers. Scientists estimate that factoring such a large number using Shor’s algorithm would require a twenty million qubits quantum computer, which seems astronomical compared to existing machines.

The Future of Quantum Computers

No one knows precisely when quantum computers will be able to run Shor’s algorithm reliably to crack encryptions, but scientists agree that it will not happen soon. The post-quantum cryptography roadmap published by NIST and the Department of Homeland Security estimates that a cryptographically relevant quantum computer (CRQC) may appear in 2030. IBM plans to build a ten thousand plus qubits computer after 2026, but that is still far from the estimated twenty million qubits needed to break current encryption. Our current data seems safe from quantum computers, likely for the rest of the decade.

That is not to say QIS has made little progress since 2001. Quantum computers are getting much better at scaling up and solving more problems, although none of these problems are relevant to breaking encryption. Google’s Sycamore, which generated press attention with its claim of “quantum supremacy,” demonstrated that the quantum computer could reliably perform a complex computation better than classical computers. But the task it performed was tailored to the Sycamore and does not yet have any practical usage. Some quantum computers have used other factorization methods to factor larger numbers up to 13 digits. But these methods use brute-force algorithms that underperform classical computers and are difficult to scale up. Most quantum computers today are what scientists call “Noisy Intermediate-Scale Quantum” machines—computers that are useful in limited applications but are only transitional steps toward CRQC or other general-purpose, fault-tolerant quantum computers.

Given the challenges in building CRQC, quantum researchers look to areas where existing quantum computers can outperform classical ones. One primary application is quantum optimization. Optimization problems are involved in almost every part of our daily activities, from planning the fastest route of your local bus to organizing relief logistics during natural disasters. Quantum optimization algorithms are not only faster at solving these problems than classical computers, but also give better solutions. Other applications of quantum computers include more accurate simulation, more secure communication and more sensitive sensors. These novel usages of quantum applications motivate funding for quantum research and help build a robust quantum ecosystem. Once the hardware technology matures, these technologies will become invaluable to our society.

Current Policy and Legislative Proposals

While quantum research slowly progresses, policymakers should focus on two issues in quantum technology: national security concerns that stem from CRQC; and the competitive advantage of the United States in QIS research. Currently, there are several policies and legislations that address these issues:

● The centerpiece of U.S. legislative effort was the 2018 National Quantum Initiative Act, which established the National Quantum Initiative (NQI), a federal agency coordinating interagency efforts and public-private partnerships in quantum research.
● Recently, the NQI was boosted by the 2022 CHIPS and Science Act, which authorized four quantum programs to promote the development and education in quantum technologies. Each program is set to receive $153 million annually in a five-year timeframe.
● To ensure the security of civilian federal agencies, the Biden administration issued a memorandum that coordinated interagency efforts to migrate toward PQC, including a directive requiring NIST to lead a working group of industry leaders and critical infrastructure operators to discuss transition plans.
● The military wants to have its quantum research and workforce, too. The National Defense Authorization Act for Fiscal Year 2022 requires the Department of Defense to invest in QIS research programs through the Defense Advanced Research Projects Agency and incorporate QIS education into the Junior Reserve Officer Training Corps’ program.

All acts or policies mentioned above, except for the NQI, passed in 2022 and plan out years of work ahead. Although quantum computers are unlikely to threaten national security immediately, migration to PQC is a time-consuming process that requires early development and implementation. Maintaining technological advantage in quantum is an even more complicated process. Policymakers recognized the importance of governmental participation in the quantum race and acted in time; however, legislation is not the only step in the journey.

It takes a village

Quantum research is a multi-stakeholder endeavor. It requires the participation of public and private programs, collaborations between international partners and conversations across multiple disciplines. The United States takes a holistic approach to these challenges. The NQI coordinates government agencies’ investment in quantum research, organizes platforms for public-private partnerships and oversees the allocation of the billion-dollar federal fund. In the private sector, big players such as IBM and Google maintain their investment in in-house quantum research, and the number of quantum startups continues to grow. Future-proofing efforts such as educational programs to cultivate a future quantum workforce are also underway, but will take much longer to bear fruit.

There is no easy way to measure success in the quantum race. While the United States currently lags behind China in several metrics, including the size of planned funding and the number of patents, such metrics do not indicate the quality of research or the diversity of the ecosystem. Material investments are necessary for supporting research, but how the government spends is more important than how much it spends. As setbacks in the Chinese government’s semiconductor fund show, careful planning, clear accountability and active engagement are more important than the sum of money invested. If the federal government is vested in furthering security and being prepared for both the benefits and threats posed by this technology, then it should maintain its current multi-stakeholder approach and periodically re-evaluate its level of commitment to QIS research.

A leveled mindset is needed when looking at the development of quantum computers. With adequate preparation, we can welcome the tremendous benefits that quantum technologies bring without worrying about an apocalyptic breakdown of our digital infrastructure. But we must stay vigilant by keeping up discussions on the transition to PQC and targeted investments in QIS research.

Image Credit: Vink Fan