NZNTV

AFRAID One day soon, at a research lab near Santa Barbara or Seattle or a secret facility in the Chinese mountains, it will begin: the sudden unlocking of the world’s secrets. Your secrets.

Cybersecurity analysts call this Q-Day—the day someone builds a quantum computer that can crack the most widely used forms of encryption. These math problems have kept humanity’s intimate data safe for decades, but on Q-Day, everything could become vulnerable, for everyone: emails, text messages, anonymous posts, location histories, bitcoin wallets, police reports, hospital records, power stations, the entire global financial system.

“We’re kind of playing Russian roulette,” says Michele Mosca, who coauthored the most recent “Quantum Threat Timeline” report from the Global Risk Institute, which estimates how long we have left. “You’ll probably win if you only play once, but it’s not a good game to play.” When Mosca and his colleagues surveyed cybersecurity experts last year, the forecast was sobering: a one-in-three chance that Q-Day happens before 2035. And the chances it has already happened in secret? Some people I spoke to estimated 15 percent—about the same as you’d get from one spin of the revolver cylinder.

The corporate AI wars may have stolen headlines in recent years, but the quantum arms race has been heating up too. Where today’s AI pushes the limits of classical computing—the kind that runs on 0s and 1s—quantum technology represents an altogether different form of computing. By harnessing the spooky mechanics of the subatomic world, it can run on 0s, 1s, or anything in between. This makes quantum computers pretty terrible at, say, storing data but potentially very good at, say, finding the recipe for a futuristic new material (or your email password). The classical machine is doomed to a life of stepwise calculation: Try one set of ingredients, fail, scrap everything, try again. But quantum computers can explore many potential recipes simultaneously.

Post-quantum algorithms, thermodynamic hardware, open source architectures, apocalypse-proof programming, and more: WIRED journeys to the freaky frontiers of modern computing.

So, naturally, tech giants such as Google, Huawei, IBM, and Microsoft have been chasing quantum’s myriad positive applications—not only for materials science but also communications, drug development, and market analysis. China is plowing vast resources into state-backed efforts, and both the US and the European Union have pledged millions in funding to support homegrown quantum industries. Of course, whoever wins the race won’t just have the next great engine of world-saving innovation. They’ll also have the greatest code-breaking machine in history. So it’s normal to wonder: What kind of Q-Day will humanity get—and is there anything we can do to prepare?

The Big Story Newsletter: Riveting Deep-Dives

If you had a universal picklock, you might tell everyone—or you might keep it hidden in your pocket for as long as you possibly could. From a typical person’s vantage point, maybe Q-Day wouldn’t be recognizable as Q-Day at all. Maybe it would look like a series of strange and apparently unconnected news stories spread out over months or years. London’s energy grid goes down on election day, plunging the city into darkness. A US submarine on a covert mission surfaces to find itself surrounded by enemy ships. Embarrassing material starts to show up online in greater and greater quantities: classified intelligence cables, presidential cover-ups, billionaires’ dick pics. In this scenario, it might be decades before we’re able to pin down exactly when Q-Day actually happened.

Then again, maybe the holder of the universal picklock prefers the disaster-movie outcome: everything, everywhere, all at once. Destroy the grid. Disable the missile silos. Take down the banking system. Open all the doors and let the secrets out.

Suppose you ask a classical computer to solve a simple math problem: Break the number 15 into its smallest prime factors. The computer would try all the options one by one and give you a near-instantaneous answer: 3 and 5. If you then ask the computer to factor a number with 1,000 digits, it would tackle the problem in exactly the same way—but the calculation would take millennia. This is the key to a lot of modern cryptography.

Take RSA encryption, developed in the late 1970s and still used for securing email, websites, and much more. In RSA, you (or your encrypted messaging app of choice) create a private key, which consists of two or more large prime numbers. Those numbers, multiplied together, form part of your public key. When someone wants to send you a message, they use your public key to encrypt it. You’re the only person who knows the original prime numbers, so you’re the only person who can decrypt it. Until, that is, someone else builds a quantum computer that can use its spooky powers of parallel computation to derive the private key from the public one—not in millennia but in minutes. Then the whole system collapses.

The algorithm to do this already exists. In 1994, decades before anyone had built a real quantum computer, an AT&T Bell Labs researcher named Peter Shor designed the killer Q-Day app. Shor’s algorithm takes advantage of the fact that quantum computers run not on bits but on qubits. Rather than being locked in a state of 0 or 1, they can exist as both simultaneously—in superposition. When you run an operation on a handful of qubits in a given quantum state, you’re actually running that same operation on those same qubits in all their potential quantum states. With qubits, you’re not confined to trial and error. A quantum computer can explore all potential solutions simultaneously. You’re calculating probability distributions, waves of quantum feedback that pile onto each other and peak at the correct answer. With Shor’s algorithm, carefully designed to amplify certain mathematical patterns, that’s exactly what happens: Large numbers go in one end, factors come out the other.

In theory, at least. Qubits are incredibly difficult to build in real life, because the slightest environmental interference can nudge them out of the delicate state of superposition, where they balance like a spinning coin. But Shor’s algorithm ignited interest in the field, and by the 2010s, a number of projects were starting to make progress on building the first qubits. In 2016, perhaps sensing the nascent threat of Q-Day, the US National Institute for Standards and Technology (NIST) launched a competition to develop quantum-proof encryption algorithms. These largely work by presenting quantum computers with complex multidimensional mazes, called structured lattices, that even they can’t navigate without directions.

In 2019, Google’s quantum lab in Santa Barbara claimed that it had achieved “quantum supremacy.” Its 53-qubit chip could complete in just 200 seconds a task that would have taken 100,000 conventional computers about 10,000 years. Google’s latest quantum processor, Willow, has 105 qubits. But to break encryption with Shor’s algorithm, a quantum computer will need thousands or even millions.

There are now hundreds of companies trying to build quantum computers using wildly different methods, all geared toward keeping qubits isolated from the environment and under control: superconducting circuits, trapped ions, molecular magnets, carbon nanospheres. While progress on hardware inches forward, computer scientists are refining quantum algorithms, trying to reduce the number of qubits required to run them. Each step brings Q-Day closer.

That’s bad news not just for RSA but also for a dizzying array of other systems that will be vulnerable on Q-Day. Security consultant Roger A. Grimes lists some of them in his book Cryptography Apocalypse: the DSA encryption used by many US government agencies until recently, the elliptic-curve cryptography used to secure cryptocurrencies like Bitcoin and Ethereum, the VPNs that let political activists and porn aficionados browse the web in secrecy, the random number generators that power online casinos, the smartcards that let you tap through locked doors at work, the security on your home Wi-Fi network, the two-factor authentication you use to log in to your email account.

Experts from one national security agency told me they break the resulting threats down into two broad areas: confidentiality and authentication. In other words, keeping secrets and controlling access to critical systems. Chris Demchak, a former US Army officer who is a professor of cybersecurity at the US Naval War College and spoke with me in a personal capacity, says that a Q-Day computer could let an adversary eavesdrop on classified military data in real time. “It would be very bad if they knew exactly where all of our submarines were,” Demchak says. “It would be very bad if they knew exactly what our satellites are looking at. And it would be very bad if they knew exactly how many missiles we had and their range.” The balance of geopolitical power in, say, the Taiwan Strait could quickly tilt.

Beyond that real-time threat to confidentiality, there’s also the prospect of “harvest now, decrypt later” attacks. Hackers aligned with the Chinese state have reportedly been hoovering up encrypted data for years in hopes of one day having a quantum computer that can crack it. “They wolf up everything,” Demchak told me. (The US almost certainly does this too.) The question then becomes: How long will your sensitive data remain valuable? “There might be some needles in that haystack,” says Brian Mullins, the CEO of Mind Foundry, which helps companies implement quantum technology. Your current credit card details might be irrelevant in 10 years, but your fingerprint won’t be. A list of intelligence assets from the end of the Iraq War might seem useless until one of those assets becomes a prominent politician.

The threat to authentication may be even scarier. “Pretty much anything that says a person is who they say they are is underpinned by encryption,” says Deborah Frincke, a computer scientist and national security expert at Sandia National Laboratories. “Some of the most sensitive and valuable infrastructure that we have would be open to somebody coming in and pretending to be the rightful owner and issuing some kind of command: to shut down a network, to influence the energy grid, to create financial disruption by shutting down the stock market.”