Potentially devastating impact

The quantum computer opens up many new possibilities, but also poses a threat on our society. Current asymmetric cryptographical algorithms, which are at are at the core of the safety of digital services, can be broken.

For instance algorithms used in Public Key Infrastructure (PKI)-solutions, essential for the banking, governmental and telecom sector. To determine this impact a group of researchers have looked into the quantum computer's arrival before adequate measures are taken. To stimulate a more precise discussion on the impact of the quantum computer, researchers within the HAPKIDO project have developed the Societal Risk Assessment (SRA) method.

SRA method

The SRA method allows the researchers to gain a deeper understanding of the risks. The prevalence of PKI in society is such that every citizen and organization will be impacted. From a cyber-security perspective, the impact can be measured regarding confidentiality, integrity, and availability. Although quantum computers are hardly available now, sensitive data can be endangered by ‘store now, decrypt later’ attacks. Store now, decrypt later mainly poses risks for confidentially, implying that while an adversary cannot access a quantum computer now, it stores encrypted secrets that can be decrypted later.

Trust concerns

This may lead to political or societal trust concerns (e.g., political, state or industry secrets out in the open can damage trust in institutions, even if they are not up to date anymore). Regarding integrity, service providers cannot guarantee the trustworthiness of digital services. When it comes to real-time access availability, the computing capacity of quantum computers could enable significant service and network disruptions. The combined disruption of services will be devastating. Citizens will no longer be able to access governmental and financial services.

PQC algorithms

To become 'quantum ready' or 'safe', the current ubiquitous asymmetric cryptographic algorithms used in many PKI systems must be replaced by quantum-safe algorithms, also known as post-quantum cryptography (PQC) algorithms. The best way to do this is studied within other parts of the HAPKIDO-project.