Intellectual Property partner Jamie Cooke explains how quantum computers could break current encryption methods and why financial institutions must begin transitioning to quantum-resistant technologies today.
What are quantum cryptographic algorithms, and why should financial services care?
Quantum cryptographic algorithms rely on mathematical principles that are resistant to reversal by quantum computers. If we look at our own experience with cryptographic algorithms, we use them every day. Our banks rely on them to establish trust. Financial institutions depend on these cryptographic algorithms to maintain the security of data for 10, 15, even 20 or 30 years.
Our entire financial system relies on these algorithms and uses them in almost every facet of our interaction with financial institutions. These algorithms are chosen because they rely on mathematical principles that existing systems can’t reverse.
But quantum computing systems operate on a fundamentally different computational paradigm. They rely on quantum mechanics to entangle quantum bits and establish exponentially more computing states instantaneously. What might take a lifetime to reverse with a conventional computing system can take hours for a quantum computer.
This means that quantum computers could easily reverse data currently protected by conventional cryptographic techniques.
What specific risks do financial services face?
Financial services rely on data—they store massive amounts of highly confidential data about their customers and their interactions with customers and third parties over long periods of time. That data requires encryption and protection even on the backend.
When quantum computing becomes truly effective and operational, the current ways that financial institutions protect that data will become obsolete. Although the first effective quantum computers probably won’t be available for use for 10 to 15 years, banks need to begin addressing how to transition from conventional encryption to quantum-resistant cryptographic techniques early.
Banks should be developing IP around that transition to protect the way their backend systems interact with these quantum-resistant encryption technologies and to protect mechanisms for more effectively securing their data in a quantum-resistant way.
How soon should banks start addressing quantum technology in their IP strategy?
Banks need to be proactive in addressing these issues, rather than waiting for the first quantum machines to become operational.
They need to look at how their backend systems interact with existing encryption and cryptographic technologies. They need to assess which quantum-resistant technologies are available today and begin developing a plan to transition to them. And they need to start looking at their own IP and inventors to develop new techniques that better protect their data, both on the backend and from a customer-facing perspective.
In many instances, malicious actors are already capturing data encrypted with conventional techniques and holding onto it in anticipation of quantum computing systems that can easily reverse those encryption methods, making confidential customer information available to them.
The time to act is now—before quantum computers make current encryption obsolete and before competitors establish their own quantum-resistant IP portfolios.
