- il y a 2 semaines
Taking Action Towards Quantum-Safe Cryptography
Catégorie
🤖
TechnologieTranscription
00:00Good afternoon, and welcome to the session on taking action towards quantum-safe cryptography.
00:06I'm Jennifer Shanker, editor-in-chief of The Innovator, a publication about innovation and how technology impacts business.
00:15It's my pleasure to introduce my two panelists.
00:18Next to my immediate left is Georges Raymond, who is co-founder and CEO of Pascal, a French company focused
00:28on neutral atom quantum computing.
00:31And next to him, we have Scott Crowder, who is vice president for quantum adoption at IBM, a very active
00:39player in the quantum space.
00:42So, why is it important to talk about quantum-safe cryptography?
00:50Experts predict that over the next decade, cryptographically relevant quantum computers will start posing cybersecurity risks.
01:00The tech could be used to break today's encryption standards, such as RSA, leaving data that is currently safe vulnerable.
01:11Indeed, researchers from the Korea Advanced Institute of Science and Technology, in collaboration with Pascal, have developed a novel quantum
01:24technique that has the potential to challenge modern cryptography.
01:30So, Georges, tell us a little bit about your work in Korea, and why should we be scared?
01:37Thank you very much for that introduction, and I would like to thank the organization for the invitation.
01:42I like this story because I think we can tell more about quantum.
01:47So, indeed, with Korea, we found a new way to find the prime factors of their relatively small numbers.
01:56It's a very proof of concept.
01:58I think we were able to find the prime factor of 35.
02:02So, it's not impressive.
02:04It will not be enough to break cryptography and to break RSA.
02:08But here, a story is very interesting because the first quantum algorithm ever was invented in the 90s.
02:15And it was about finding the prime factors.
02:18And this algorithm, which is called the Shor algorithm, requires a lot of computational power, even for a quantum computer.
02:26Not to be too technical, but it's a lot of qubits, a lot of operations.
02:30And today, this is out of reach for the hardware.
02:34But we see that now we can find new software solutions to solve the same kind of challenges.
02:40And I think it's a strong message because, of course, the hardware is making progress, but so the software.
02:46At some point, since I'm quite optimistic about quantum, I think we will see the crossover of the curves.
02:53Thank you.
02:54So, you know, although, as George told us, you know, in their proof of concept trial, they were able to
03:01show that it is possible to break today's cryptography.
03:05We're not quite there yet, but we have to get ready.
03:10And, in fact, right now, the U.S. National Institute of Standards and Technology has already selected four algorithms that
03:20are designed to withstand attack by quantum computers.
03:23And they've begun the process of standardizing these algorithms.
03:27And it's kind of the final step before making these mathematical tools available so that organizations around the world can
03:36integrate them into their encryption infrastructure and protect themselves.
03:41Now, one of the first sectors that, you know, would really be impacted if today's encryption systems are broken is,
03:50of course, financial services.
03:51And a recent depository trust and clearing corporation white paper warned that quantum computing could create significant new risks for
04:04financial firms by making even the most highly protected computer systems vulnerable to hacking.
04:11So, a new working group has been formed by IBM with HSBC, PayPal, and the Australian Payments Plus that aims
04:21to get ahead of the curve.
04:23And they're looking at policy regulation and operator business processes for quantum safe cryptography, specifically for the protection of payment
04:34retail.
04:36So, Scott, could you tell us a little bit about this group and the thinking behind it and the work
04:40they're doing?
04:41Yeah, I'm going to start with just a couple of foundational things.
04:45Some of you probably know this already, but just to lay the groundwork.
04:49So, quantum safe cryptography is basically new algorithms you run on classical computers.
04:56That just happens to be the kind of math that both quantum computers and classical computers are bad at breaking.
05:04So, it has nothing to do with quantum mechanics.
05:05It doesn't use quantum mechanics, et cetera, et cetera.
05:07There are other types of methodologies, like quantum key distribution and quantum random number generation, which you can add on
05:14top of that.
05:15But fundamentally, the advent of quantum computers means that we need to change our asymmetric cryptography.
05:21Because the algorithm that George mentioned, George's algorithm, says that when these computers get large enough, basically asymmetric cryptography is
05:29toast.
05:30People are worried about it now because, for some industries, they're worried about people collecting data today and decrypting it
05:38later.
05:39And for a lot of industries, their platforms are going to be out there way beyond 2030.
05:43So, if they don't plan today for their platforms that they're putting out in the next five years, by the
05:49time quantum computers get large enough to crack the asymmetric cryptography, they want to make sure that they're quantum ready,
05:54et cetera, et cetera.
05:58So, the good news, as was mentioned, is that some really smart people have come up with math that quantum
06:05computers are bad at and classical computers are bad at, too.
06:09And then those are the algorithms that NIST selected for standardization.
06:13And this summer, we expect NIST to release at least three of those standards for key encapsulation and for digital
06:20signatures.
06:21So, that's the good news.
06:22The bad news is that protection, like anything else, is only good if you're aware of it and you use
06:29it.
06:29And it's a lot of work to basically go find all the crypto you've got and replace it.
06:35It's also the reality out there when we talk to anybody in industry or government about doing this transformation, there's
06:43two parts of it that all has come up.
06:45And relative to who you talk to, either they're worried about one or the other, the reality is you've got
06:50to worry about both of them.
06:52The first one is all the stuff that you built, all the software code that you built, that you got
06:56crypto, who the hell knows where, like, intermix in there, you have to go find it, you've got to go
07:01remediate it.
07:02It's kind of like Y2K, but instead of like, oh, it was a really dumb idea to use two digits
07:07for numbers, let's use four.
07:09This is a harder problem because crypto is never really, really done.
07:15So, you need to basically go find all your crypto, remediate all your crypto, et cetera.
07:21The second piece is that unlike the late 90s, today, most of our IT supply chain is completely intermingled from
07:31multiple vendors.
07:32You know, it's very, very complex.
07:34So, all your vendors need to go become quantum safe also.
07:38And for a CIO or a CISO, that's a really, you know, gnarly problem.
07:43So, that's why we started these consortia, these industry consortia, because it's not enough for an individual company to go
07:50fix what they screwed up.
07:52They need their entire supply chain to become quantum safe also.
07:56So, you know, like was mentioned, you know, we're also, our first mission is to bring useful quantum computing to
08:02the world.
08:02Our second mission is to make the world quantum safe.
08:05So, we feel a responsibility, you know, both from an economic point of view and a social point of view,
08:09to make sure that we've given everyone the time to prepare and the awareness to prepare before that happens.
08:18That's why we're doing these industry consortia.
08:20That's why these industry consortia exist.
08:22You know, from a societal point of view, you know, there are certain things that we just do not want
08:27to see go kaput, right, in our digital economy.
08:31Payment systems.
08:32You mentioned Asia.
08:34Like, if you look at Asia, digital payments is a huge percentage of their digital economy.
08:39Like, you look at places like Thailand or India or places like that, you know, a large percentage of the
08:44digital economy is direct digital payments.
08:47So, clearly, we don't want that to go bad anywhere.
08:49So, we're working with payment systems in different geographies all over the world to try to get them to prepare.
08:55Another example, government.
08:57Like, you really don't want, like, your government data to get hacked.
09:01Like, I think that's pretty much a given thing.
09:05Another one, telco.
09:06Telco is a critical infrastructure that if telcos get hacked or their equipment get hacked, it'd be bad for all
09:12of us.
09:12And you can think of some other, you know, critical infrastructure areas as well.
09:16So, that's why we also worked with Vodafone and GSMA to create the post-quantum cryptography telco working group
09:24to basically, again, like, list everything we need to do as a telco industry and all the suppliers to that
09:30telco industry to be prepared.
09:32So, sorry for the long-winded answer, but I wanted to...
09:34No, no, no.
09:35I think it was important that we go over that material.
09:37And, you know, you've raised some important points, including the fact that, you know,
09:44quantum cryptography will require systemic change, you know, across sector.
09:50And it's worth noting that, you know, beyond the working group that IBM has formed,
09:58there are a number of others that are cropping up here in Europe.
10:01A group of European banks have joined the Quantum Safe Financial Forum.
10:06It's supposed to be a safe space for collaboration between European and U.S. financial firms.
10:12And it's being promoted by Europol's European Cybercrime Center.
10:17And in addition to that, our banks are taking part in something called the QSFF Alliance,
10:24which involves BBVA, Bank of Santander, Coxsabank, Barclays, BNP, Paribas,
10:30the Dutch Banking Association, the European Banking Federation, and so on.
10:35So, clearly, quantum safe cryptography is on banks' agendas.
10:42And so, but, and it's going to take a while for the banks to upgrade.
10:51How long will it take, not just for the banks, but all the other businesses to upgrade to quantum safe
10:57cryptography?
10:58First, it depends on when they start.
11:00I think what we tell people is, like, there's three steps.
11:03One, you need to find out how big of a problem you've got.
11:05So, discover all your crypto, understand your supply chain.
11:08Second one is, analyze what you've got and prioritize what you're going to do.
11:12And the third is, remediate.
11:14So, you know, going and fixing everything may not actually be the right answer,
11:21but definitely want to prioritize what you want to fix first and get that fixed.
11:25You know, and it depends on what you choose to do with your remediation and how bad the situation is
11:30now.
11:31But this is not, like, for, like, a critical application.
11:36It doesn't take that long.
11:38I think the challenge is really, like I said before,
11:41also making sure that your infrastructure platforms that you're using are also quantum safe.
11:46So, we, one of the, I'm bragging a little bit here,
11:50but, like, three of the four NIST standards that were sent in were actually submitted by IBM researchers in Zurich
11:57with their collaborators.
11:58So, we knew this stuff pretty cold.
12:00So, we made the decision many years ago to design, like, our next generation infrastructure platforms like Z16,
12:07quantum safe from the ground up.
12:10And that's the kind of thing you need in addition to cleaning up your own mess from your applications.
12:14You need your vendors to have, you know, quantum safe infrastructure platforms also.
12:18So, it's a combination of those two.
12:20So, in terms of timing, you know, there's this old joke that says quantum is 10 years away
12:26and that people have been saying that for decades.
12:30But, you know, in recent years, we have had some real breakthroughs in quantum,
12:36and it is getting much, much closer.
12:38So, in addition to preparing, you know, their systems to be quantum safe,
12:45companies in all sectors need to be preparing for a quantum future.
12:52So, let me turn to you now, Georges, and talk about, you know,
12:57Pascal is taking a very application-focused approach,
13:02and, you know, you are working with a number of really large companies now on applications.
13:09Can you talk a little bit about that?
13:11Yes, absolutely.
13:13And, indeed, a quantum computer is not only a threat from cryptography.
13:16I think it is also a fantastic tool for high-performance computing in general.
13:21Today, people are talking a lot about AI, but you should not forget that to have a powerful AI,
13:28you also need a powerful hardware, you know, to train your AI, to train your model.
13:32And that being said, indeed, I think the quantum revolution, the second quantum revolution,
13:37is happening, and faster than expected, even for a quantum optimistic as me.
13:43I'm the first surprised, but this is the reality, because we are making progress, as well, on the hardware and
13:50the software.
13:51So, today, as an example, we are working with EDF, the French Electricity Utility.
13:56We are solving use cases, such as the scheduling of the charge of the fleet of electrical vehicles.
14:03Imagine that in France, we will have, someday, 30 millions of cars, electrical cars.
14:09How to charge them overnight, while keeping their grid balance?
14:13That's a huge question.
14:15And you need to schedule it.
14:17Your vehicle first, then yours, and so forth.
14:20So, that's the kind of thing we are doing with EDF.
14:22It's real work.
14:24We have the same approach, as well, with Credit Agricole, a bank.
14:28You know, we are helping them to mitigate the risk on credit.
14:33And, again, this is quite concrete.
14:34We have some use cases in the healthcare to predict toxicity of new molecular compounds or reactivity of protein.
14:44So, you know, it's going step by step.
14:47We are making progress.
14:49And I think I would like to deliver an important message here, is that as a vendor, we can foresee
14:55some applications.
14:55And I think it's the same with IBM.
14:58We can foresee some of them.
14:59But the huge majority of quantum applications are to be discovered.
15:05And it requires you to have your hands dirty on it.
15:10Okay.
15:11And so, IBM, you know, is also, I mean, what's so great is we have two companies up here in
15:16quantum that are very application focused.
15:19You know, some of the work in quantum now is still very academic or very, very early stage.
15:26And both of you, you use different technologies and a technological approach to quantum.
15:34But you're both very focused on how we can apply quantum today using today's computers.
15:40So, talk to us a little bit about what IBM is doing.
15:43Yeah, I think we're making a transition.
15:45I think, you know, last year we published a paper on demonstrating that you can get utility out of a
15:53quantum computer, which means that running a quantum circuit on a quantum computer is a lot more valuable than trying
15:58to do a brute force simulation.
16:00Right?
16:01So, I think we're similar in that we both believe that we're at the stage now where quantum computers have
16:06utility in doing computation as opposed to just using quantum computers to study quantum computers.
16:11Now, we're trying, we're at the transition point where we're using quantum computers to do scientific discovery, business value, et
16:18cetera.
16:18But as you said, we're just scratching the surface of, like, understanding the algorithms, understanding algorithmic approaches, you know, understanding
16:26the application research in order to do that.
16:29We all, you know, have roadmaps, you know, IBM has a roadmap where we basically have year by year by
16:34year laid out how our computers are going to get more and more powerful to the point where we have
16:39a big jump in 2029 and 2033 when we introduce error correction.
16:43And you can run much, much, much deeper circuits.
16:47Before that, though, we can heuristically explore, you know, these utility scale computers, like, do they bring value to your
16:55problem?
16:55We can't prove it on a blackboard like we can when we get out, like, later in this decade.
17:01But we believe that these are now computers that you can heuristically go explore, like Jura said, like, new application
17:07areas, et cetera, et cetera.
17:09And it's really, you know, we're limited now by people using the systems and their imagination of, you know, in
17:16their algorithm development to really drive value.
17:19And I think the important point here is that quantum computing is such an incredible leap from today's computing.
17:29so different and requires such different skill sets than, you know, the computer scientists that we have today that it
17:39is super important for companies to be getting their hands dirty with this technology right now
17:44and learning it and understanding both its potential but also the requirements, right?
17:52So, um, what, what would you say to, um, to companies, um, about, you know, the runway needed to prepare
18:04for both quantum and quantum cryptography?
18:11So, I will answer on the quantum computing part.
18:14I think we, the companies should take the, should follow the example of Aramco, you know, the Saudi company,
18:21which we signed, uh, a partner, a partnership with, they are buying one of our quantum computer.
18:27And I think this is a strong signal to the market.
18:30Today, for the first time ever, there's a private company buying, uh, a 200 qubit quantum processor for its research
18:38to discover what a quantum computer can be, can be good for.
18:42They want to train their team.
18:44They want to understand how it works and they want to develop the applications because they know that this process
18:50takes time.
18:51And they want to be ready, you know, when the, uh, the technology will finally reach the, uh, kind of
18:57threshold limit between classical technologies.
18:59So, I think it's, uh, it's a, it's a, a lesson learned.
19:03Start your quantum journey now because, I mean, otherwise, in, in two years, you, you will be behind.
19:08And it will be very hard to catch up because there will be a scarcity on the resources, on the
19:13hardware resources, on the talent resources as well.
19:18And, again, you know, preparing the data, doing the math also takes time.
19:23So, that's...
19:23You want to answer that, Scott?
19:24Yeah, just, I mean, I second what George said.
19:27So, I don't have, I mean, I think from, uh, from our learning of working with, uh, industry clients, um,
19:34I think the, the hard things to find are people who have strong math skills and people who have strong
19:40linear algebra skills can get trained up and educated on quantum algorithms fairly rapidly.
19:45Um, but it, it, it does take time.
19:48Um, and also, it's, the, the hard part is, you know, you can, you can hire people like IBM to,
19:53who understand the quantum algorithms, you know, and how to apply them to a certain problem.
19:58The, the challenge is finding the industry experts who understand their domain enough that they understand what problems are not
20:05yet solved and have a better understanding of how quantum computing can help solve those.
20:12Um, as George said, you know, you know, we have clear understanding of certain kinds of math quantum computing will
20:17be, will be better at.
20:19Um, it's the application of those certain kinds of math to business problems, um, and the new algorithmic approaches, uh,
20:26that take into account real heuristic computers and how you apply it, as it sounds.
20:30For cryptography, sorry, I, so, for cryptography, so, for cryptography, I, you know, you know, the standards are coming out
20:37this summer for NIST.
20:38You don't need to wait for them in order to start preparing, because, you know, the first step is understand
20:44the cryptographic environment you've got now, and the second is realization that this transformation is going to be a pain
20:51in the ass, so, and it's going to be costly.
20:54I mean, you know, doing digital transformations are not cheap.
20:57It may not be rocket rocket science, but it's not cheap.
21:01So, if you're going to do it, you might as well try to do it in such a way that
21:04it makes it easier the next time you have to do it.
21:06So, that's where the buzzword crypto agility comes up.
21:09You know, it's really just basically saying, if you're going to go find all your crypto and replace it, do
21:13it in such a way that it's easier to do the next time.
21:16That makes a lot of sense.
21:18Now, you talked about how it's going to be a pain, and it's going to, um, also, um, be costly.
21:27In the session just before this one, someone asked about the environmental impact of quantum, and I know that George
21:37has been chomping at the bit to address that, so I'm going to let you do that now.
21:42Yeah, thank you so much, yes.
21:44It's one of my, uh, a topic very, especially dear to my heart.
21:48You have to be aware that today, high-performance computing is very poor and hungry.
21:54You cannot imagine megawatts of electricity to power a supercomputer, and it will be more and more, because we need
22:02always more to train AI and blah, blah, blah, what I said in introduction.
22:06And the solution to these challenges, you know, high-performance computing power at low energy cost, it is called a
22:13quantum computers.
22:15Our quantum computers at Pascal are especially low on electricity.
22:19You can plug them in your kitchen, but I think it applies to all quantum processors in general, also for
22:25the one from IBM.
22:26It's a real breakthrough, you know.
22:28It's not gaining 10% or 20% on the electricity bill.
22:32It's cutting it by thousands, which is what we're talking about, and on the entire life cycle.
22:39Okay, thanks for that.
22:40And so, now, just, uh, because we're, we're almost out of time, um, Scott, I'm going to ask you, what
22:46is your best guess on when we're going to have this quantum breakthrough?
22:53Well, I mean, you could argue we already had one breakthrough, which is now we're at the point where you've
22:58got people who are offering utility-scale, uh, machines over 100 qubits.
23:02You can't brute force simulate them.
23:04You know, it's up to the users to go figure out how to bring value out of them.
23:08So, the second question, which I think you're asking is, you know, Ashley kind of mentioned it as practical quantum
23:13advantage.
23:13We don't use exactly the same words, but let's just use that as a, as the word, quantum advantage.
23:19So, I think it's pretty clear that when we get to the roadmaps that we've got, like, written down on
23:25our roadmap, 2029, 2033,
23:27where you can have hundreds of millions of gate operations or a billion of gate operations, most people would say,
23:33yup, you're going to have quantum advantage then,
23:34because you can point to a blackboard and say, you're pretty darn close to this blackboard proof that you're going
23:40to have an advantage.
23:41The hard part of the answer, which is why I'm hemming and hawing and not giving you the exact date,
23:45is that we're in a heuristic state right now.
23:47We've got systems that we can't brute force classically simulate, so I personally believe we're going to get to quantum
23:53advantage before 2029 with those smaller systems.
23:56systems that can run tens of thousands of gate operations, not hundreds of millions of gate operations.
24:04But I can't prove it to you on a blackboard, which is why I'm, you know, I would say we
24:08need to wait a little bit longer
24:10until smart scientists continue to publish papers, and there's going to be debate over it while people poke holes at
24:16it,
24:17or try to poke holes at it, but I think it's going to be sooner.
24:19I think it's going to be somewhere between one and a half to four years when you're going to start
24:24to see the first examples.
24:25So it's coming really soon, and the message from this panel is be quantum ready, be quantum safe,
24:32and just as a last message to the audience, could you both quickly say what you think the consequences of
24:40not being ready will be?
24:42Sorry?
24:43Not being ready.
24:45Being behind, less behind, and it will be very hard to catch up.
24:50Yeah, I mean, there's studies after studies after studies that, like, you know, the standard quotes of, like,
24:5590% of early adopters kick butt in their industries, which is, like, absolutely true,
25:00been proven study after study after study.
25:02This is going to be the same thing.
25:04Okay, you heard it from the experts.
25:07Let's have a nice round of applause for our panel, please.
25:10Thank you.
25:10Thank you.
Commentaires