Q-Day might be Today

Subject: Urgent Action Required to Safeguard Against Quantum Hacking Threat

December 19, 2023

 

Dear non-technical managers, directors, and board members, I hope this message finds you well. I am writing to bring to your attention a critical matter that requires immediate consideration and decisive action. In an era marked by technological advancements, our organization faces a looming threat that demands our proactive response – the advent of quantum hacking.

 

Clarification of Quantum Threats: The Urgency of Post-Quantum Encryption

There's a prevailing misperception that the imminent threat lies in the realm of Artificial General Intelligence (AGI), which may remain beyond our reach for the next five to ten years. However, the real concern centers around a specific facet of quantum computing: the ability to exponentially expand possibilities through superposition. This unique characteristic, requiring only a minimal number of qubits, makes quantum hacking a tangible and immediate risk.

 

As of November 2022, IBM introduced the Osprey quantum computer boasting an impressive 433 qubits. This translates to an astronomical 2⁴³³ combinations, or 2.2*10¹³⁰ bits, rendering it capable of swiftly decrypting a greater than good range of classic encryption keys. Subsequently, in December 2023, IBM launched the Heron quantum chip with 1121 qubits, offering an even more staggering 2¹¹²¹ combinations, equivalent to 2.85*10³³⁷ bits. These developments signify a quantum leap in processing power, enabling certain agencies and institutions to decipher many classical encryption method efficiently in combination with super-computers in a hybrid setup.

 

It is crucial to understand that contemporary classic encryption methods, which have long served as the bedrock of our digital security, are no longer safe. The shift to post-quantum decryption resilient algorithms is not just a recommendation; it's an imperative. To safeguard our data against the evolving threat landscape, transitioning to these advanced algorithms is not only prudent but obligatory.

 

In essence, the march of quantum computing has outpaced the security measures we once relied upon, necessitating a swift and decisive response to secure our digital assets against potential breaches.

 

The Quantum Challenge: At the heart of this challenge is the Imminent arrival of quantum computers, which possess unprecedented computational power. Unlike traditional computers, they have the potential to break through the encryption methods that have safeguarded our digital communications until now. This transformative technology introduces a new frontier in cybersecurity, one that demands our unwavering attention.

 

Implications for Your Organization: The consequences of a quantum breach are severe and far-reaching. Your sensitive data, intellectual property, and confidential communications could be laid bare to malicious actors. The very fabric of our digital security is at stake, and the repercussions could extend to financial losses, reputational damage, and legal consequences. This is not a hypothetical scenario; it's a tangible and pressing concern.

 

The Urgency of Now: The encryption methods that have served us well in the past are becoming obsolete in the face of quantum advancements. While our dedicated IT professionals are aware of the need to transition to post-quantum encryption, the urgency of this matter requires immediate attention at the leadership level. Time is of the essence, and delaying action puts your organization at an elevated risk.

 

In an interview with Reuters, Quantum Defense's executive vice president, Tilo Kunz, delivered a stark warning to the U.S. Department of Defense, projecting a critical juncture known as "Q-day," when quantum computers could compromise existing encryption protocols. Kunz emphasized that by 2025, these powerful machines might possess the capability to decrypt classified information in real time, posing severe risks to military and economic security globally.

 

A prevailing concern is the ongoing global effort to harvest data pre-emptively, coined as "harvest now, decrypt later" attacks. Kunz highlighted the widespread vulnerability of information transmitted over public networks, urging executives to recognize the imminent dangers. The potential fallout includes exposure of military plans, intellectual property theft from businesses, and the compromise of personal health records.

 

Call to Action: I propose that we allocate the necessary resources to expedite the transition from traditional to post-quantum encryption methods. This strategic investment is a proactive measure to fortify your digital defenses, ensuring the continuity of your operations, the protection of sensitive information, and the preservation of your organization's reputation.

 

Next Steps: To facilitate a comprehensive understanding of this issue, I am available to provide a briefing session where we can delve deeper into the specifics of the quantum threat, the implications for your organization, and the proposed mitigation strategies.

Your leadership and support in prioritizing this matter are crucial. Together, we can ensure the resilience and security of our digital infrastructure in the face of evolving cyber threats.

 

Thank you for your time and consideration.