The initial consequences of quantum technology
One of the first major impacts of quantum technology is related to information security. There’s a general consensus within the quantum scientific community that in the coming decades there’ll be quantum computers powerful enough to undermine the security of all the information encrypted by today’s algorithms.
With the advent of quantum computers, the mathematical algorithms that have protected our data over the past four decades will no longer be secure. This means that we’ll no longer be able to make secure online payments or be sure that the website we’re visiting hasn’t been spoofed.
The impact on applications that handle sensitive data will be even more immediate. Given the validity of the data and the imminent arrival of quantum computers, these applications run the risk of hackers intercepting and storing encrypted information with the aim of decrypting it later by using quantum computers. If the validity of the information is sufficiently prolonged over time, this type of attack (known as Store Now Decrypt Later or SNDL) could cause unacceptable problems for numerous critical applications.
Countermeasures to protect data
There are several security countermeasures to protect information in the quantum future, such as reducing its validity, using quantum technology itself (QKD) to exchange encryption keys and implementing new encryption algorithms designed to prove resistant to quantum computers (so-called post-quantum algorithms).
Since 2016, the National Institute of Standards and Technology (NIST), an agency of the United States Department of Commerce, has been tasked with selecting new post-quantum algorithms, and it published the standard for the first ones in August 2024. These algorithms are based on mathematics and they’re regarded as secure against both current-day computers and the quantum computers of the future.
The progressive adoption of new post-quantum algorithms is vital when it comes to preparing the Internet for the quantum future.
Post-quantum security considerations
The adoption of post-quantum algorithms is the most important upgrade in the history of the Internet, affecting almost every connected element. These algorithms are new and they require years of evaluation if they are to reach the maturity of today’s classical algorithms. It’s therefore crucial to implement these algorithms with great care and planning so as not to compromise the security of existing data.
Companies should identify the different assets they manage and obtain a clear assessment of the critical nature of the data they handle, taking into account the potential SNDL-type attacks that can currently be executed. In the case of critical data it’s vital to adopt specific solutions by using encryption mechanisms that can withstand a quantum attack or reducing the lifetime of the data.
It’s also essential to have a progressive migration roadmap that ensures, as an initial step, that the infrastructure (both the software and the hardware) has the necessary flexibility for upgrades and adaptations to post-quantum technologies. Flexible and well-executed planning is key to this process.
What we’re doing at Telefónica: Quantum-Safe Networks
At Telefónica we’re working on a set of solutions called Quantum-Safe Networks to make it easier for our customers to adopt new communication systems by actively managing the life cycle of post-quantum encryption solutions. This includes the selection, monitoring, bug-fixing and updates of post-quantum algorithms. We’re also integrating patented protection mechanisms specifically designed to combat SNDL attacks from future quantum computers to ensure that the entire solution is fully transparent for the different applications used by our customers.
We’re working in close collaboration with multiple post-quantum solution providers. These include both service providers and partners specialising in quantum products such as Quside, which generates random numbers using quantum systems. Moreover, we’re actively working on the creation of strategic alliances with software providers related to post-quantum encryption, as well as key partners in end-security solutions such as Halotech and Subsea Mechatronics.
The solutions we’re working on will reinforce the security of 5G networks from a broader standpoint. Our goal is to extend the same level of security from 5G networks to the public Internet, thus protecting our customers’ data all the way to their application servers. These solutions will enhance end-to-end network security.
The development of these solutions will strengthen Telefónica’s commitment to innovation in security and technology.
