Cybersecurity in the Age of Quantum Computing With Michele Mosca
Jon Prial: Let's take a mathematician, one who was interested in making and breaking codes as a student. Then he heard that quantum computing could be used to break codes. No surprise, this piqued his interest, and he actually started the Institute for Quantum Computing back in 2002. Yes, that's 2002. Today I'll be talking with Michele Mosca, CEO of evolutionQ. Started back in 2015, evolutionQ helps organizations work through all the various stages of getting ready to be secure in the era of quantum technology. EvolutionQ partnered with the Global Risk Institute back in 2017 and published a methodology for quantum risk assessment. And most recently, they actually published a quantum threat timeline. We'll put some links in the show notes, because after this podcast, you're going to want to do some light reading. Remember, it's not an if, but a win as to when quantum computing successfully breaks encryption. I'm John Prial and welcome to Georgian's Impact Podcast. Michele, welcome. Let me start with a key takeaway from the report that I referenced in the introduction. What I liked about it was that you could help people assess risks, and they looked at a few key factors. And as I read it, I mean, they were still living in a little bit of COVID world, there were factors in COVID, masks, distance, indoor- outdoor, vaccine, but you also had key parameters in risks, in terms of shelf, time and migration time and threat. I wonder if you take me through how you looked at the critical factors that you looked at when you're helping people assess risk.
Michele Mosca: There's three basic factors. The first one is you have to look at all your different information assets and ask, " What's the shelf life of this information?" Some information is pretty ephemeral and I only need it to be secure for a few seconds or days. Others, five years, others, 10 years. So that's a business, a regulatory requirement. So you assess the X, the shelf life across all your different information assets. The second thing you have to understand is how long would it take me? How long will it take me to migrate the tools I use to protect that information, to be secure against this known emerging threat? That we know it's going to be broken, we know we have to change at some point, and how long will it take us to do it? Because you can't do this overnight. It's not a Tuesday update. So it's Y years. Y could be five years or 20 years, depending on a number of parameters. So X is a decision, Y is something we control, and then there's Z. What's the collapse time? What's the threat timeline? When will adversaries get their hands on computers and be able to exploit, compromise that information and the systems protecting that information? So those three parameters work in the following way. For the next Y years, you're stuck with the quantum vulnerable tools, and you can't fast track this. If you try to go faster than the speed limit, you're going to make other very, very costly mistakes. Things will just break because of bad quality assurance, you'll make mistakes that hackers can exploit without a quantum computer.
Jon Prial: So what's interesting is, I'm listening is like, okay, we've got time. Well, if it's five years out, starting today may already be too late. So this is really quite an endeavor that most CISOs should start thinking about?
Michele Mosca: Oh yeah, they should already have started. And if they haven't, I mean, they're still... Well, look, the ship has sailed in some cases, in terms of past information being recorded for future exploitation, but you can at least start reducing those damages. An even greater risk is that systems just aren't ready in time. You already have to be on that four- stage journey to quantum readiness. The first step is understand what is this? What is quantum computing? Where is it in the technology life cycle? What could it do? And secondly, what does it mean to me? So those quantum risk assessments. Those need to be done. If they're not already done, they really need to be done in the next 12 months or so, I would say. Once you've prioritize your risks and you know how much time you have or don't have, then you get into the planning and testing and, eventually, migration phase.
Jon Prial: I do want to ask a question, and I'm going to right after this, get deeper into actually quantum itself and talk about your first question. What's your sense of the level of awareness of people, and I'm talking about end users and maybe even the degree within the IT and the technology shops, of how much cryptography is already out there? I mean, people naively saw HTTP go to HTTPS, or they use Signal knowing it might be encrypted. Do they have a sense of how much encryption's already out there? And is it good enough at the moment?
Michele Mosca: Quantum is really highlighting an already existing existential threat that needs to be addressed. But we're not addressing it, because, well, it ain't broke now. If it's ever broken, it may be an unrecoverable event. So, I would say people are generally aware there's cryptography here and there. And the only reason they're secure, if you go down to the bottom is, because we have strong cryptography protecting everything. We're talking about a rearchitect, and it's just years and years to do it properly. So you definitely, it is a massive undertaking. People look for analogies and there is no perfect analogy. There's some aspects where it's like Y2K, but not others. There's some aspects where it's like IP 4, IPV 6.
Jon Prial: Interesting. I did think through some of those. In my notes here, I was going to bring up Y2K. And I was thinking about people put locks on their door and it makes them feel better, and it stops the random person from trying your door knob. But if someone seriously wants to hack you, they're going to hack you. And what you just talked about at it being some architectural level changes, this is quite broad. This is significant that people do need to pay attention to. I think we were aware of Y2K because there was an impending, your Z was clear. The timeline was clear. I'm not sure everybody needed to panic as much, but good work was done to prevent inaudible.
Michele Mosca: Yeah. There was no adversary either, number one. So there's many differences and one is, we knew the date. There's no adversary, it was just this code that was embedded, and we didn't know where it was. That's one problem with what we have, is most people don't even know where their cryptography is. But now there's an active adversary and the fix is so much more complicated. And lastly, we're much more dependent on IT infrastructure now than we were in 2000.
Jon Prial: So let's talk a bit about your view of the quantum computing industry today. I'm sure I will hear the word cubits, but it's much more than that, obviously. It's not about just the density. Go ahead, talk to me about quantum, where you see the industry in the short term and what do you think is going to happen, the next few big things that'll be coming down the pike?
Michele Mosca: Using conventional platforms, whether they're super computers, you would need more atoms than in the known universe to describe the state of a several- hundred cubit, quantum- bit computer. So, that means lurking within quantum reality, there's this exponential power we previously didn't know existed. And the aim of quantum computing is to build devices, not capture that power. Now, is it good for everything? We're not saying a few hundred cubits can do everything the world supercomputers can do. No, no, but certain tasks, we just don't want to do it at all without more computing power than in the known universe. So, what are those useful problems? Quantum computers are really good at simulating themselves, right? And then people say, " Okay, but why would I want to do that?" So then, we're on the quest for figuring out what other useful things can we do?
Jon Prial: This fascinates, but also troubles me a bit. Because you know there are problems that can be solved with this technology, but you're also thinking about what's the most important ones that could be? How should people think about this?
Michele Mosca: You're a business person or you're in charge of the economy and economic resilience of your country or your bank. The point is, quantum computational advantage, when you ask what does it mean to sector X or to product Y, it can go from no impact that we know of, to transformational game changer overnight.
Jon Prial: That's a pretty strong statement. What's your best example?
Michele Mosca: In 1994, we didn't know the public- key cryptography that is ubiquitous now, almost today, we had no idea how this weird quantum computing thing, that hadn't been built yet, could impact it. And then suddenly, Peter Shore, at AT& T Bell Lab, said actually completely decimates these algorithm. Doesn't just weaken them, just crushes them. Right? So, that was one problem where we know there's this astronomical advantage. Fortunately, for human civilization, we didn't have quantum computers then, so we had a few decades to get ready. But that same no idea to, oh yeah, transformational, that could happen anywhere else. Is it going to happen everywhere else? Probably not. But is it going to happen anywhere else? Absolutely. So, where is this impact going to happen? And we have some ideas of where it's going to happen. Things that are intrinsically quantum mechanical in nature, like designing a new material, with super conducting properties, at a high temperature or other properties. It's hard to design these things. It's because you can't simulate, obviously, you can't synthesize a trillion different materials and see how they work. So a quantum computer can be good at simulating the behavior of these hypothetical materials we might want to synthesize and use. So you can simulate many, many of them in software before deciding which ones you want to synthesize in practice. So we think it can really help with material design, for example, or maybe drug design.
Jon Prial: So there are lots coming down the pike. Where are we now?
Michele Mosca: So I think we're really entering a new era. So, 25 years ago when I started, and the subsequent 15, 20 years and so on, I started working about 10 years ago on how can we, what software tools do we need to build and operate quantum computers? And now, we've reached a point where we can stitch together the full stack. It's going to keep getting better. We're not done and not just go buy it on online or something, but we can stitch together the whole stack. We have applications we can compile down to run on the actual hardware.
Jon Prial: As the layers appear, are you personally hardware agnostic? It doesn't matter to you what the hardware technology might be? All the different types of quantum tech there is underlying at all?
Michele Mosca: Any one of these is successful. Of these hardware platforms, it will break RSA and all the cryptography, the public- key cryptography we use today. Now the software, the quantum software vendors, most of them claim to be independent of the hardware. Some are more tied to various hardware platforms than others, but obviously, it's very hardware dependent at the bottom. As you go further and further up the stack, then it becomes more and more independent of exactly how you choose to implement your cubit. So we've stitched it all together and we're entering this exciting era where the owners of the real- world problems, the real owners, the people who go to bed at night, wake up in the morning, figuring out how do we solve this really... How do we design better materials, better OLEDs, better drugs. They know their computational challenges, and they're working with people who understand what quantum computers can do. And this is a really important moment for the field. Because now we can start better understanding where quantum computational advantage might have impact in the real world and how profound will that impact be. And conversely, people working in quantum computing, quantum algorithms better understand the challenge problems. And we didn't have this 20 years ago, not nearly the extent that we did now. If there's one example of simulating certain chemical processes that colleague at Sherbrooke and Microsoft, the first academic results said, " Hey, look, this'll only take a billion years on a quantum computer," which is far less than what it would take on a classical computer. Right? And people, I mean, I think practical people thought, "Is this is a joke?" And of course we knew,'No, no, hold on tight." Right? And now, it's down to days or minutes, right? So they just continually optimized that. They found that the target problem where it could apply, and then we're really good at figuring out ways to make that more efficient.
Jon Prial: It's funny, it's the antithesis of Bill Gates saying, " We don't ever need more than 64K for running an application." It's going the other way now. We have a lot and I'll try to shrink it down. We've changed our direction here. It's very funny.
Michele Mosca: Yeah. Well, because we want to reap the advantage sooner rather than later.
Jon Prial: So on the sooner side, right now, where is quantum and encryption?
Michele Mosca: In the short term, we're not using quantum computers for encryption. We use quantum cryptography for encryption. That's been commercially available for 20 years. And that's starting to take off. In fact, that's the first product evolutionQ has developed is to turn these point- to- point quantum key distribution solutions, which send single cubits at a time. So it's not complicated computations, how to turn it into a scalable, globally- deployed product that enterprises can design in.
Jon Prial: I want to dig into that a little bit, because you just said something that was really interesting to me. You talked about, at some point PKI will be broken. And as I was prepping for this, I was thinking about, that evolves to a quantum key delivery. And you said that's not quantum computing and you're sending a cubit. And I think, if you could explain that a little more, that would be really important, I think, first.
Michele Mosca: Yeah, yeah. So the" threat," so we're excited about it as a community because quantum could do all sorts of great things for humanity. However, the one thing we know what we'll do for sure is decimate the global economy, right? Decimate our-
Jon Prial: Only that.
Michele Mosca: ... digital infrastructure.So apart from that, it's a great thing. So obviously, we need to neutralize that one, well- defined threat. And then once we've done that, honestly, we can treat it like any other HPC with all sorts of great opportunities. So we have to neutralize that one Achilles heel right now, which we know how to do. So how do we do it? Very importantly, you don't need a quantum computer to defend against a quantum computer. So I would say the first line of defense doesn't need quantum anything. And I've worked a lot in this area. Some people call it post- quantum cryptography. They're like the algorithms we have today. But if you look under the hood, the math is different and the performance is different, right? So you got to make sure it still works on your phone and your smart cards. But at a high level, it's just another math algorithm. In practice, it's a lot more complicated than that. And we're working hard all around the world to deploy standardized, robust methods that will replace what we have today. So, on a high level, it's a plugin replacement. In practice, it's a lot more complicated than that.
Jon Prial: Sure, sure.
Michele Mosca: But that's a first layer of defense. It's elegant, it's beautiful, you can deploy it everywhere, you don't need any new technology. But it's a first line of defense. We need a second line of defense for-
Jon Prial: Before I get a second, just to close on that first, most companies who use third- party security providers will have that first line of defense done for... They may have to do some work, but I don't need IT shops across the world figuring out this next generation of cryptography, per se. There'll be providers that will just be doing it. They should be asking their providers-
Michele Mosca: Exactly.
Jon Prial: ...are you doing this?
Michele Mosca: That's the point.
Jon Prial: That's step one, right?
Michele Mosca: They have to ask. And that's a highly, non- trivial thing. So we need to get the vendor managers, the procurement managers to start getting more involved and just starting that dialogue before there's a crisis. The best way to solve this is through life- cycle management, a drama- free, life- cycle management, where everyone says, " Why didn't that catastrophe happen?" And we really need to take advantage of that.
Jon Prial: So that wraps up this level- one communications awareness, making sure that piece of infrastructure gets replaced out. Now, we're going to get to the next step of what you're looking for companies to do.
Michele Mosca: Yeah. Now reestablishing the status quo is not good enough anymore. We really need a stronger foundation. But I don't mean replace. I think this first line of defense is great, and it is good enough security for many places, but where you need better security will continue to grow. They'll both continue to grow where you need... This where quantum cryptography can really add value to society. Because one of the main functions of cryptography is to establish encryption keys. Once you have the encryption keys, then we have good encryption algorithms. But how do you establish the keys? Well, public- key cryptography is one way. But it's good. It's good for many applications, but not all applications. You can have a person with a briefcase manually transport keys. There's a few things you can do, but they're not that easy or scalable. They're fine for well- controlled, modest- size systems, but they're not so scalable. And QKD is a wonderful tool for establishing symmetric keys through an untrusted medium.
Jon Prial: QKD's quantum key delivery, which is-
Michele Mosca: Well, QKD is quantum key distribution.
Jon Prial: Distribution. Sorry, okay.
Michele Mosca: But it's probably not the best term for it, because you're not really generating keys and distributing them. You're really establishing keys.
Jon Prial: Okay.
Michele Mosca: So it's probably quantum key establishment is maybe a more accurate name, but we call it QKD. So it's a beautiful process where you don't need a trusted person. You don't need physical security and... You always need some physical security and some trust, but you want to minimize that, because it's expensive and it's hard to validate. So you want to minimize how much you need to trust, and then rely on great mathematics, great cryptography. But with quantum cryptography, there's no mathematical assumption, so it's a way to establish a key where you don't have to worry that some smart mathematician figures out how to break the code.
Jon Prial: And are these keys to establish using a quantum computer? Or these are the keys-
Michele Mosca: No.
Jon Prial: They're not, but that's harder to break with a quantum computer.
Michele Mosca: So you don't need a quantum... What you need is a device that can prepare single quantum bits, which are just light, sending them through regular fiber optic cables, and measuring. So there's some minimal amount of quantum technology. But it's been around for ages. It's getting better and better, but we've had it for decades now.
Jon Prial: That's so new to me. And I don't know that... I want to just stay on that for a second. Because earlier you talked about sending a quantum bit, and I didn't realize this. When I think about a quantum computer and I'm counting cubits, you're saying this quantum technology, as you said earlier, has been around for a long time. So there can be a quantum bit, per se, that could go across traditional fiber lines, and that is a key element of a new quantum key.
Michele Mosca: And that's a great point. Classically, a bit could be, it could be a light switch, up or down. It could be electromagnetic relay. It could be a vacuum tube, could be a transistor. It could be a zero and one, you write on a piece of paper, right? They're all bits. But obviously, when we think computers, we're thinking of transistors, right? And similarly, the cubits I was talking about for computing could be all sorts of different superconducting cubits on and on, and so on. There could also be photons. Actually, they're showing lots of promise. But if you want to communicate a bit, again, you could, in theory, put some atoms in a briefcase and carry them. But the obvious thing is to send a photon, particle of light, through fiber, because that's what we always do. And you need to prepare special packets of light. But again, we know how to do that through the fiber. There's many ways to encode information in those particles of light. But quantum cryptography, that's been available for over 20 years. And you just buy a box, you put it in a server room. Building it is hard.
Jon Prial: Of course.
Michele Mosca: It's built, you buy it. You really do install it, and plug it in and it runs.
Jon Prial: So let me just step back a bit. Obviously, you run assessments for your customers, what's your biggest takeaway in terms of the market? Are people ready? What's your sense of, I don't know, you going to hold me a red flag, a yellow flag? What's your degree of warning to the world here in terms of what you see?
Michele Mosca: I think that depends who you are, but if you're a key player, any one of the critical sectors, it's between orange and red.
Jon Prial: Wow.
Michele Mosca: It really depends who you are. Now, and why am I saying that? So the Office of the President of the United States just a few days ago had a directive, that said everyone within six... Everyone in the national security agencies needs to report within six months where it's using vulnerable crypto, where it's not using quantum- resistant crypto or certain other approved algorithms.
Jon Prial: That's a good first step. So it's time for you to talk to me now about evolutionQ.
Michele Mosca: We manually ask people, " Where's your crypto?" That's the least invasive. The tools start to, you have to actually install software or monitor actual traffic, which is great, too. So we start with the lightest level of invasiveness, and then there's great products that more actively check for stuff you didn't know about. But you already find a lot of problems with the crypto we do know about. So you have to find where your crypto is and then you assess what are the key vulnerabilities, and then you start mapping out what you do about it.
Jon Prial: So let's talk a little bit about, then, trust in terms of, we talked earlier on a little Y2K in terms of some type of quantum safe migration. Should people be aware of this? How do we ensure everyone still trusts in their systems? I mean, the worst thing that could be happen would be this major hack thing. But, I guess, what happens if we lose trust? How do we ensure we keep people trusting what's happening, that they see the little S on their HTTP, and they'll feel better or whatever.
Michele Mosca: Yeah. So trust is important and trust has to be premised on trustworthiness, right? And when there's a disconnect, obviously, you want to trust the trustworthy. You want to not trust the untrustworthy, right? So we really need to build trustworthy platforms. We need our institutions and so on to be trustworthy. Because ultimately, it'll become apparent if things aren't trustworthy. And it's a big problem. A lot of damage and harm can be done by people simply not trusting the technology or the institution. If people are just worried that their money's going to evaporate, they're going to panic, right? They're going to start taking their money out, whatever that means these days, right? Digital infrastructure is, they'll be fine. We're well along our migration, we're ahead of schedule. We'll have quantum resistant out. If we haven't already deployed them, they'll be deployed well in time before these devices become cryptographically relevant. We need that to be the statement. It needs to be coming from everybody, and it needs to be true and validatable, and we're not there yet. I mean, we'll get there. We're at a point now where organizations need a team of people in- house that can recognize the quantum opportunities today and also be ready to respond to the new opportunities that we discover tomorrow.
Jon Prial: Michele Mosca, thank you so much for taking the time to be with us. EvolutionQ is an interesting story and this is going to be a space that we're going to be watching for a long time. I really appreciate it.
Michele Mosca: A pleasure. Thanks so much.
When it comes to quantum computing breaking encryption, it’s not a question of whether or not it will affect you, but when.
In this episode of the Georgian Impact Podcast, we will be talking to Dr. Michele Mosca, CEO of evolutionQ. evolutionQ helps organizations work through all the various stages of getting ready secure as quantum technology advances.
You’ll Hear About:
● The critical factors Dr. Mosca looks at when assessing risk.
● The need for quantum risk assessments.
● The current level of encryption available and how it performs.
● Where Dr. Mosca sees the quantum industry going in the short term.
● The new era we are entering into.
● Does the hardware matter?
● Where are quantum and encryption right now?
● The importance of trust in the industry.