It is stated that, in the 21st century, global supremacy belongs to those nations that control the future of information technology, at the heart of which will be quantum computing.
Quantum computing is a very exciting discipline formed by the combination of computer science, physics and mathematics, which uses some of the mysterious aspects of quantum mechanics to enable unprecedented computational performances. All of us, as rational human beings, know that all objects stay at a unique place and in a well-defined state. If it is said that an object exists at two different places simultaneously, it can seem incredible.
But as per the principles of quantum mechanics, a microscopic object can hazily be in more than one place at one time. We say that it is in superposition, meaning it is simultaneously in more than one place at a time. But we won’t be able to see the objects in superposition of states. When we want to ascertain or “measure” the superposition of states, it will collapse to one well-defined state. But before we measure it, it is in many states at the same time. All these details appear unbelievable, but they are proven concepts of quantum mechanics.
Additionally, we know that objects are directly affected by only nearby objects or forces. That is, we examine a phenomenon by investigating all the forces near that place. But one of the most remarkable aspects of quantum mechanics is that certain effects can work in a non-local manner. Two particles can be connected or “entangled” in such a way that an action performed on one of them can have an immediate effect on another particle in some far off or unconnected place. In scientific terms, the other particle is located light-years away.
Quantum Computing and its Exponential Capability
Quantum physics has contradicted logic since atoms were studied in the early 20th century because atoms, being quantum particles, can move forward or backward in time, exist in two places at the same time and can even “teleport.” These mysterious characteristics have been utilized to quantum computing’s advantage.
In classical computing, we are aware that a digital bit can be in two states, 0 or 1, off or on. In quantum computing, we call the bit’s counterpart a qubit. Whereas a bit can be either 0 or 1, the concept of superposition (which we saw previously) allows a qubit to be in both states simultaneously.
Thus, it should be emphasised that this superposition makes quantum computing very powerful, as a quantum computer can be in many states simultaneously. Instead of analyzing a 0 or a 1 sequentially, superposition allows two qubits in superposition to process four inputs (00, 01, 10, and 11) at the same time. Therefore, it can process much more data in a reduced time, leading to massive parallelism.
Google has indicated that it has a quantum computer which is 100 million times faster than any classical computer on the lab.
When IBM’s computer Deep Blue defeated chess champion Garry Kasparov in 1997, it was able to gain a competitive advantage because it examined 200 million possible moves each second. A quantum machine would be able to calculate 1 trillion moves per second!
The point to be noted is that quantum computers are remarkable at crunching huge data and solving scientific as well as complex problems, which involves every-day decision making. Quantum computing is not intended to replace classical computing, which we will continue to use for desktop publishing, emails, Excel workings, etc. However, due to the massive data processing abilities of quantum computing, cybersecurity is at risk.
Quantum Computing Challenges to Cybersecurity
Communications in the cyber world are protected by the principle of encryption. Encryption is encoding confidential and sensitive data so that it is not seen by unauthorized people until the communication becomes complete by reaching the destination. The algorithms used for encryption are complex and involve many years of computer processing to break.
Since it takes so long to break the algorithm, encryption can be safely used to complete a payment transaction which takes just a few minutes, after which the associated algorithm is rendered useless, even if it is broken.
But with the advent of quantum computing, these strong algorithms can be broken easily within minutes, creating a fresh challenge for protecting confidentiality and secrecy in cyber space.
The Role of Internal Audit
What does this all mean for internal auditors?
- Internal auditors should closely work with cybersecurity professionals to initiate cryptographic transition. To do so, they should take a thorough inventory of information assets protected by public-key cryptography, as well as what is used by any third-party suppliers, so that they can plan for migration to quantum-resistant algorithms.
- NIST and European telecommunication standards have taken many steps to come out with quantum-safe encryption algorithms by 2024. Internal auditors should be prepared to make arrangements to implement those standards in a narrow time frame.
- Internal auditors should play an active role in promoting awareness about the risks of quantum computing to their stakeholders and in promoting quantum safe standards and practices.
Author’s note: The opinions expressed are of the author’s own views and do not represent those of the organization or any of the certification bodies he is affiliated with.