Skip to main content

Quantum Computing Will Be to 2025 What AI Was to 2024

Jan

30

2025

Time to read

Read so far

Written by: 

Jenn Markey

Time to read

Written by: 

People walking on the sidewalk

From industry leaders to tech titans and government policymakers, it seems every conversation of the past year included at least one reference to artificial intelligence (AI). Indeed, AI was posited as the solution to every problem, the only technology needed, and behind every cyber threat. But beyond all the hype, 2024 was a pivotal year for AI with the explosion of generative AI (GenAI) use cases, from AI chatbots and writing assistants to AI-powered deepfakes. At the outset of this new year, it appears quantum computing will be to 2025 what AI was to 2024.

Quantum Computing Will Break Conventional Encryption

A quantum computer encodes information as qubits and uses quantum mechanical properties to make calculations on that data that are essentially impossible for today’s conventional computers. And like AI, quantum computing is a disruptive force promising to revolutionize a broad spectrum of industries – including finance, healthcare, and materials science – while also injecting new cyber risks. Most notably, quantum computing will break today’s public key cryptographic algorithms (RSA and ECC), exposing the world’s data and leaving organizations, individuals, and nations vulnerable.

The Year of Quantum Computing

The United Nations has decreed 2025 as the International Year of Quantum Science and Technology. And as 2025 dawns, much of the foundation, opportunities, and challenges for the post-quantum (PQ) era are already here. While early quantum computers exist, outstanding technical challenges – including sensitivity to light, noise, and temperature – along with sheer size means commercially viable quantum computers are still a ways out. However, “Harvest Now, Decrypt Later” (HNDL) style attacks that target long-life data like financial records and government intelligence, as well as long-life devices like cars and smart meters, are already happening. Plus, in October 2024, Chinese researchers published a method to use D-Wave quantum computers to crack RSA encryption, pushing us ever closer to Q-Day.

Post-Quantum Cryptography for Quantum-Safe Payments and Identities

Post-quantum cryptography (PQC) consists of new public key cryptographic algorithms that are safe from attack from both conventional and quantum computers for the foreseeable future. In a PQ world, RSA and ECC encryption are no longer effective, making the migration to PQC essential to keep organizations, individuals, and countries safe. Two specific areas of quantum safety concern are:

  • Quantum-safe payments – The global financial system, which supports the world’s economy, relies on the secure movement of money and data and is underpinned by RSA and ECC encryption. Quantum-safe payments are essential to protect consumers, financial institutions, and payment networks from bad actors while also complying with regulations around the globe. And with financial data being long-life data, it’s already a key target of HNDL-style attacks, meaning PQC migration needs to be an immediate priority for the payments industry.
  • Quantum-safe identities – Imagine your Social Security number, date of birth, medical records, and other personal data laid bare for the world to see. Then consider open access to the myriad of devices that control and protect our power grid, water treatment plants, traffic systems, and the other critical infrastructure that is essential to a country’s economy and daily functioning. This is the quantum threat to identity – human and device. Decrypted personally identifiable information (PII) would leave individuals extremely susceptible to identity theft, fraud, unauthorized account access, extortion, and other threats; while unsecured critical infrastructure would leave a nation and its citizens vulnerable to cyberattack. Plus, both PII and critical infrastructure are already the target of HNDL attacks, with the former often being long-life data and the latter frequently compromised of long-life devices. This makes PQC migration a top priority for organizations and governments around the globe to ensure quantum-safe identities for consumers, employees, citizens, and devices.

NIST Post-Quantum Cryptography Migration Project

The good news is that NIST issued the first three PQC standards in August 2024, followed by the approval of 14 new digital signing algorithms for PQC standardization in October 2024. Notably, PQ is a global challenge requiring a global approach; and while NIST is a U.S. institution, it’s considered the cybersecurity “gold standard” with its PQC competition and standardization process being global from the outset in 2016. To learn more about the NIST PQC standards and National Cybersecurity Center of Excellence (NCCoE) PQC Migration project, watch this on-demand webinar.

Post-Quantum Preparedness

With access to considerable citizen PII and sensitive government intelligence, many U.S. federal agencies such as Customs and Border Protection are already working to integrate these first NIST PQC standards into their systems; however, the picture is less promising for other organizations. While CISA, NSA, and NIST are all actively urging organizations to prepare now, results from the 2024 PKI and Post-Quantum Trends Study show that less than half of organizations globally (41%) were actively preparing for PQ in 2024, ranging from a high of 48% in the U.S. to just 34% in the Middle East.

2025 needs to be the year for organizations of all shapes and sizes around the globe to move beyond PQC learning and prototyping and start deploying these PQC algorithms into their public key infrastructure (PKI).

Race for Quantum Computing Supremacy

With another nod to AI, quantum computing has the potential to upend global power dynamics with the U.S. and China already locked in the race for quantum computing supremacy, much like the space race of yesteryear with Russia. Plus, the combination of quantum technology with AI exponentially multiplies the opportunities and risks associated with each disruptive force independently.

Given the high stakes, the NSA has issued a directive that all U.S. National Security Systems (NSS) must start transitioning software and firmware signing algorithms to PQC immediately with the preference to support the Commercial National Safety Algorithm (CNSA) 2.0 by 2025 and to exclusively use PQC algorithms by 2030.

Are You PQ-Ready?

So as 2025 unfolds with commercially viable quantum computing on the horizon, available PQC standards, and escalating geopolitical tensions, there is much to be done to seize the PQ opportunity while also mitigating the risk. Sounds just like AI at the dawn of 2024!

Assess your 2025 PQ preparedness today with this self-assessment and explore our post-quantum cryptography solutions.

jenn-markey-headshot
Jenn Markey
Advisor, Entrust Cybersecurity Institute
Jenn Markey is a content advisor and thought leader with the Entrust Cybersecurity Institute. Her previous roles with Entrust include VP Product Marketing for the Payments and Identity portfolio and Director Product Marketing for the company’s Identity and Access Management (IAM) business. Jenn brings 25+ years of high tech product management, business development, and marketing experience to the Entrust Cybersecurity Institute with significant expertise in content development and curation.
View all of Jenn's Posts
Facebook