For much of the last 70 years, the national security of the United States and its allies was in large part due to the technological superiority of their public and private sectors. Today, however, the future of that technological leadership is in doubt as nation-state rivals such as China are pursuing leadership positions in a next generation of technologies likely to redefine the geopolitical power structure.
This is particularly so in cybersecurity, where a newly emergent field called quantum computing threatens to break the world’s leading data encryption standards that currently secure computer files and network communications in both the private and public sectors, including the most sensitive of military secrets.
It’s not an exaggeration to say that the ability of free nations to defend their economic and national security interests will be seriously threatened in the event they fall behind in quantum computing. Leadership in signals intelligence—the ability to intercept and decrypt the communications of our adversaries—has literally saved millions of lives by enabling key strategic breakthroughs in past world wars and global conflicts. During World War II, the Allies used signals intelligence to break encrypted Nazi communications, allowing their forces to dodge enemy U-boats and facilitating the preparation and execution of the pivotal D-Day landings at Normandy.
Forty years later, intercepted Soviet military communications provided evidence that the shoot-down of Korean Air Flight 007 was intentional, allowing President Reagan and U.S. allies to hold the Soviets accountable for hostile actions against innocent civilians. In our modern era, the monitoring of key mobile communications led U.S. forces to locate and kill Osama Bin Laden. If the U.S. falls behind its geopolitical rivals in quantum computing, it will lose the leadership in signals intelligence that made such strategic successes possible, which would put global peace and stability at risk for decades to come.
The reason this issue has such major implications is that the foundational RSA algorithm upon which most of today’s encryption systems are based is susceptible to quantum computing. Named for its inventors Ron Rivest, Adi Shamir and Leonard Adleman, the cybersecurity standard is based in large part on the premise that it is computationally infeasible to mathematically factor very large numbers into their corresponding prime numbers.
For example, we can easily multiply the prime numbers 13 and 97 to get 1261, but the reverse math problem is much more difficult (starting with 1261 and finding the two underlying primes). Today’s computers can both multiply the primes and find the primes for smaller numbers, but as the numbers become extremely large, as they do in the generation of encryption keys, the factoring challenge becomes computationally impractical. The RSA algorithm is founded on the assumption that, even with improvements in future computing capabilities, the math required to perform the factoring would take too long to make the decryption workable in practice.
Quantum computing, however, changes the underlying assumptions about how computing works and how quickly computers can perform math calculations. Quantum computing relies on the principles of quantum physics to solve specialized classes of mathematical problems that are not practical to solve on traditional computers. The new computers would use quantum bits (qubits), unlike conventional digital computers that are based on transistors and encode data into binary digits (bits). Qubits can exist in multiple states simultaneously, offering the potential to compute a large number of calculations in parallel, speeding time to resolution. Thus, quantum computing would be capable of determining the underlying RSA prime numbers used to generate encryption keys that can access RSA-encrypted data.
Falling behind our adversaries in quantum computing would put U.S. and allied intelligence services at a critical disadvantage in their efforts to protect encrypted national security secrets and access the encrypted data of their adversaries. We must assume that every major nation-state will invest heavily in the technology to read protected data throughout the public and private sectors.
While quantum computing is realistically a number of years away (at the earliest estimates), we must take action now to protect the future of our country’s national secrets. This is because America’s adversaries are using their present signals intelligence capabilities to gather large amounts of our sensitive encrypted data today with the objective of decrypting it as soon as the first quantum technologies can be applied. Think of it as storing all our data on a shelf, until quantum allows them to break the encryption and read through everything. It’s dangerously naive to assume that we’ll receive plenty of advanced notice as to when those technologies are operable among our adversaries.
The good news is that the U.S. Congress has taken the first steps to accelerate development of quantum technology. Pending legislation such as the National Quantum Initiative Act sets up an important 10-year pilot program to advance research of quantum applications for economic and national security implementations. While companion bills await final votes in both the Senate and House of Representatives (S.3143 and H.R. 6227), the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is leading a selection and standardization effort for proposed quantum-resistant algorithms from academic and governing bodies around the world.
That’s why the public and private sectors must start working together to ensure that our networks and data protection systems are prepared for quantum attacks and counter-defenses. We must move this process along faster and with greater urgency, dramatically increasing R&D investments, establishing private sector incentives, and triaging our systems to determine where and how we need to focus our quantum transition first.
Such an effort is certainly justified, given the implications of failure, and given that the race for quantum leadership is already a clear and present challenge to national security today. It isn’t merely a futuristic, conceptual issue we can defer to future generations to get right. The future of our national security is dependent on us acting now.