Waterloo professor Michele Mosca shares best practices for using quantum to safeguard important data
Cyber security risks are more prominent today than ever. The advancement of quantum computers that could intercept today’s encrypted data prompts governments and citizens to understand, evaluate, and consider new ways to protect important information. Dr. Michele Mosca of the University of Waterloo’s Institute for Quantum Computing, an expert in quantum-safe cryptography, outlines best practices for using quantum-safe technologies to safeguard our most important data.
What is the cyber security threat created by new and developing quantum computing technologies?
Most of our digital infrastructures rely on public-key cryptography to protect the security of our information. This includes protecting the confidentiality of transmitted data. It also includes trusting the integrity and origin of information. For example, we know software updates are legitimate and not malware. This also includes maintaining the availability of IT systems and increasingly the availability and control of operational technologies.
A large fault-tolerant quantum computer can break today’s public-key cryptography and compromise this security in a very profound and systemic way.
What best practices should governments and national leaders develop when considering responses to these types of cyber threats?
Leaders should commit to transitioning government digital systems to be quantum-safe by some appropriate target dates that will depend on the criticality of the specific systems. They should ensure that the sectors they regulate do the same and provide advice and guidance to all sectors.
Leaders should also incentivize proactive planning and testing, drive aggressive pilots, and encourage the use of domestic and other trusted providers as they develop transition plans to ensure access to trustworthy solutions and know-how to deploy them reliably when needed. They should support targeted funding to fill the research and training gaps toward achieving these goals.
What are some proactive steps citizens should develop to help safeguard their data as quantum technologies advance?
Firstly, following standard best practices including staying up-to-date with software upgrades, not downloading software from untrusted sources, using multi-factor authentication, and using VPNs whenever possible.
They can also ask software providers if the current version of the software is quantum-safe, and if not, when a quantum-safe version will be offered.
On any e-government platform, when they have a chance, citizens can ask why their private information is not currently being protected with quantum-safe cryptography since these transmissions (census data, SIN, health data, etc.) can now be recorded and decrypted later when quantum computers are available. If enough customers ask, it will create more urgency.
They can also ask their Members of Parliament and Members of the Provincial Parliament if the government is committing to best practices.
This series is produced for the media, and its purpose is to share the expertise of UWaterloo researchers. To reach this researcher, please contact media relations.
