The Washington PostDemocracy Dies in Darkness

Why Banks and NATO Are Worrying About a Future ‘Quantum Attack’

Employees work in the International Business Machines Corp. (Photographer: Bloomberg/Bloomberg)

Investment and new milestones in quantum computing are bringing the prospect of an ultra-powerful computer that can crack any code closer to reality.

Alphabet Inc.’s Google and International Business Machines Corp. are racing to increase the number of qubits — the quantum equivalent of bits that encode data on classical computers — on a quantum chip. Firms like Canada’s D-Wave Systems Inc. and French startup Alice&Bob are offering quantum computing services to clients that want broad processing power to solve complex problems.

But any technological advance comes with concerns. While a fully-fledged quantum computer doesn’t appear to exist yet, there is already worry about its ability to crack encryption underpinning critical communications between companies and between armed forces. Andersen Cheng, founder and chief executive officer of London quantum-encryption firm Post Quantum, joined me on Twitter Spaces on Wednesday to talk about why NATO, banks and other entities need to prepare for a world where “quantum attacks” are possible. Here is an edited transcript of our conversation.

Parmy Olson: How significant is the prospect of quantum computers usurping the machines we use today? 

Andersen Cheng: It’s going to impact every single one of us. I trained as a computer auditor over 30 years ago so I have seen enough in cybersecurity, and the biggest existential threat we are facing now is a quantum attack. Remember a few months ago when Facebook, WhatsApp and Instagram went dark for a few hours? Imagine if they went dark and never came back up? Or what if we couldn’t buy our stuff on Amazon? That is the thing we have to worry about in terms of what a quantum machine can do. 

One thing that is now emerging is the possibility of a quantum machine that can also crack encryption. When a quantum machine comes in, it’ll be like an x-ray machine. A hacker no longer needs to steal my wallet. All they have to do is to go to the lock on your front door and take an X-ray image of it. They then know what the key looks like and can replicate it. 

PO: Machines today can’t crack the encryption underpinning networks like Facebook Messenger, WhatsApp and Signal. Can the quantum-computing services provided by IBM or D-Wave already do that?

AC: No. We cannot tell at this point if someone has already got the first functioning quantum machine somewhere. All the computers we’re using today are what we call classical computers. A quantum machine cannot do very complicated computation, but it can do millions of tries in one go. A quantum machine is useless in doing 99% of the work that we see today, but it’s extremely fast in doing many very simple tries simultaneously.

The opinion has been that this machine is 10 to 20 years away. But in the intelligence world, people are now worried it will be within five years. There’s been more urgency in the last two and a half years. This is why you see a lot more initiatives going on now in terms of claiming quantum supremacy. Nation states have put billions of dollars into building a quantum machine. There have been several lab-based breakthroughs in the past few years, which have got people worried.

PO: Let’s say somebody gets hold of a quantum computer that can break encryption. What could they do?

AC: One option is a harvest-now-and-decrypt-later attack. Right now I’m using my iPhone, using a public key that is encrypted. If someone is trying to intercept and store our information, they are just harvesting it. They cannot decrypt it today. But one day they could open up all the secrets [with a quantum computer].

PO: NATO has started experimenting with your virtual private network which has quantum encryption embedded into it. Why are they trialing this?

AC: The current algorithms we use inside a VPN (a tool used to securely tunnel into a corporate network or through a national firewall) either use a standard from RSA Laboratories or elliptic-curve cryptography. Neither are quantum safe.

PO: Meaning they could be cracked by a quantum computer?

AC: Correct. If you start collecting my data, one day with a quantum machine you could actually crack [the passwords protecting it]. That is the worry from a lot of organizations. NATO has got 30 members states so interoperability is important. If you send allied troops into Ukraine, they have to talk to each other. Since different armies use different communication protocols, you have to think about the harvest-now-decrypt-later risk. So this is why they are at forefront of looking for a quantum-safe solution.

PO: What else is at risk from a quantum attack?

AC: Bitcoin and the blockchain. I would say 99% of all cryptocurrencies are using elliptic-curve cryptography, which is not quantum safe. Whoever’s got the first working machine will be able to recover hundreds of billions of dollars worth of cryptocurrency.

PO: Which countries are on the forefront of using quantum encryption?

AC: Canada (where quantum computing firm D-Wave Systems is based) is at the forefront of quantum innovation. Then Australia, the Netherlands, France, the U.K. and then you have the U.S. In 2017, Donald Trump made an executive order for a $1.2 billion quantum computing initiative. That’s actually nothing compared to other nation states. China has openly committed between $12 billion and $15 billion to quantum supremacy. France has committed 1.8 billion euros ($2 billion) to quantum.

PO: What about the commercial sector? 

AC: The American commercial sector has been very innovative with quantum computing, including Google, IBM, Honeywell International Inc.

I cannot name names but some of the largest banks are all quietly building up what we call the PQC teams, or the post quantum crypto teams, to prepare for the migration. Some of them do see it as an existential threat and they also see it as a marketing advantage to tell customers they are quantum safe. I know one of the largest systems integrators in the world has committed $200 million to build out a quantum consulting division. They see this as like Y2K happening every month in the next 10 years.

PO: Y2K refers to when everybody thought the world’s computers would blow up when the date changed on Jan. 1, 2000.

AC: It was a once-in-a-lifetime event which did not happen. I was working for JP Morgan Chase & Co. at the time on the Y2K migration committee. Three days after Jan. 1, Sandy Warner, then-CEO, sent an email to every employee saying, “Wow, we only spent $286 million on Y2K and nothing happened, so we are very pleased.” 

PO: How much of the worries over quantum are being overblown by consultants keen to earn fees to set up these new systems? Bearing in mind you’re in this market too.

AC: The consultants are thinking Christmas has come early. Everyone’s been procrastinating until NIST (Maryland-based National Institute of Standards and Technology) updated its standards to include quantum cryptography. I believe the first wave of huge revenues will go to consulting firms, and then the next wave will come down to vendors like us.

This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.

Parmy Olson is a Bloomberg Opinion columnist covering technology. She previously reported for the Wall Street Journal and Forbes and is the author of “We Are Anonymous.”

More stories like this are available on

©2022 Bloomberg L.P.