The takeaways: digital trust underpins our entire digital economy, and makes digital transformation of businesses possible. With quantum computing on the horizon, however, a next generation of cryptography will be needed.

Digital Transformation: the New Imperative

No one would argue that the COVID-19 pandemic hasn’t been disruptive, and in many cases tragic. But imagine how much worse it would have been if we didn’t have the Internet.

Without the Internet, there would have been no remote work capability, no video calls with friends and family, no news, and no online shopping with deliveries to your doorstep. Things would have been much worse.

Our civilization has passed a point of no return: most of us are no longer capable of conducting our lives without online access.

For businesses, it’s no longer enough just to have a company website: entire business processes must be moved online in order to stay competitive.

On the positive side, digital transformation is also the first of many steps into a multitude of greater possibilities. Once a business has moved online, it can begin to take advantage of technologies like machine learning, industrial internet of things (IIoT), and true digital twins.

Underpinning all of this potential is the digital trust that means we can use the Internet in the first place. Digital trust is only possible thanks to public key infrastructure, which in turn is based on cryptography.

It all works safely and reliably for now, but a new generation of computers is on the horizon which will easily overcome our entire Internet security infrastructure.

What is Digital Trust?

The confidence that users have in online infrastructure is what we call digital trust. It’s the feeling that we can safely make computer-to-computer connections, and share data only with those we choose. Without digital trust, businesses couldn’t use online infrastructure to store sensitive information, and no digital transformation initiative could succeed.

The digital trust that many organizations have has taken us decades to build. When the precursors to the Internet (like ARPANET) were still being developed, they were designed for open information sharing, not for security. With the right technology, almost anyone could access any emails or stored information.

The first security warnings came in 1973, with the first Pentagon hack in 1986, and then in 1988 the first computer worm nearly wiped out the Internet. Our initial steps into the digital landscape were fraught with risk, and in the 1990s the amount of malware seemed to explode.

Clearly a solution was needed, but the earliest attempts to bake encryption into the fundamental TCP/IP protocols of the Internet had run into obstacles. Mainly, the technology was considered classified by the NSA but the encryption would also have slowed down the Internet too much. (You can learn more about the basics of online cryptography in this article.)

The Quantum Game Changer

The situation will change once quantum computers are here, because they will be exponentially faster than any computers we have today for tasks like cryptography.

A quantum computer (depending on how powerful it is) would need only minutes to crack email security, not an eon. Security professionals assume that some organizations are collecting emails and other information that can’t be cracked yet, and are waiting for the day when they can.

The Quantum Computing Impact

As different countries succeed in building quantum computers, current encryption methods will become ineffective. Most countries who are in the quantum race are proud to announce their achievements, but we can’t always assume that the first organization to break through the 100-qubit threshold will share that information.

This puts our digital trust in jeopardy, and compromises our entire digital economy—what some people have started calling “Y2Q”.

How Close to Quantum Computers Are We?

Organizations like Google, IBM and Intel already have quantum computers that have over 50 qubits, but they haven’t unequivocally outperformed classical supercomputers yet. Once a computer can perform mathematical computations that no supercomputer can do, it will achieve what’s called quantum supremacy.

No one is sure exactly how many qubits it will take to achieve quantum supremacy, but some researchers theorize that it will be somewhere near 100 qubits.

But in reality it doesn’t matter how close we are, because we’re getting ready to update our cryptographic standards. For organizations of all sizes, there is a clear call to action to start preparing for new standards now.

The Largest Cryptographic Migration Ever is About to Happen

NIST, the National Institute of Standards Technology, has been spearheading work on establishing safe post-quantum cryptography standards. They’re in the process of finalizing their analysis of the candidate algorithms that even quantum computers won’t be able to crack.

Due to the sheer number of connected systems and people, migrating from classical cryptography to post-quantum cryptography will take time. As ISARA VP Paul Lucier said, “There is no greater cryptographic migration than the one which CISOs and CIOs have now started preparing for: from classical, public key cryptography to quantum-safe cryptography.”