What is Q-Day?
Everything you need to know about Q-Day and what it means for encryption
Q-Day may sound like a cheerful event for Star Trek: The Next Generation fans, but it's actually a day that most cybersecurity experts are dreading. It marks the day when quantum computing advances to the point that it can break the encryption methods safeguarding most of the Internet.
These encryption algorithms form the bedrock of the cryptography that secures your banking applications, internet chat rooms, and sensitive data from prying eyes.
While traditional supercomputers would require millions of years to be able to crack our current encryption algorithms, quantum computing represents a monumental leap in processing power.
As a result, our current encryption methods could essentially become obsolete. Thankfully, our brightest minds are well aware this day is on the horizon and have already come up with some innovative solutions that will help safeguard the internet long before Q-Day arrives.
Read on and I’ll delve deeper into the implications of Q-Day, as well as explaining how one of the best VPNs can help protect you from this quantum threat.
What are quantum computers?
Traditional computers operate using binary data, which means each bit represents either a one or a zero based on the voltage level of a circuit. In contrast, quantum computers use qubits, the basic unit of quantum computing which is a representation of a quantum system.
So, quantum computers require a fundamentally different programming approach from classical computers to effectively harness their potential processing power. It is this processing power that gives them the potential to break traditional encryption protocols.
Sign up now to get the best Black Friday deals!
Discover the hottest deals, best product picks and the latest tech news from our experts at Tom’s Guide.
Why are quantum computers a threat?
The ramifications of RSA encryption (the encryption system widely used for secure data transmission) being compromised by quantum computing are significant. Not only will systems that rely on RSA encryption - for example web browsers, VPNs and email chats - become vulnerable to snooping and exploitation, but information captured in the past could potentially be decrypted in the future once quantum computing capabilities evolve. This means that even the most secure VPNs could potentially expose your data.
It’s a concept called “Store Now, Decrypt Later”, and it’s been hypothesized that any data encoded using RSA encryption could be intercepted and stored by a third party, then deciphered when quantum computing reaches a sufficient level of advancement.
It's suspected that intelligence agencies are amassing vast troves of encrypted data in anticipation of Q-Day, when quantum computing matures enough to unlock this encrypted information. This means that powerful quantum computers could potentially access and decrypt the stored intelligence, posing serious security risks and privacy concerns for the average internet user.
It’s not just the intelligence agencies you’ve got to watch out for, either. For years, the prevailing assumption has been that RSA encryption is unbreakable. As a result of this, much of our critical infrastructure, such as banks, power plants, and hospitals rely heavily on RSA encryption. The ability to decode, intercept, and manipulate this data would pose catastrophic risks.
Consider the potential scenario where quantum technology falls into the hands of a rogue nation or a hacker group. They could exploit it to steal bank account passwords, intercept classified military documents transmitted over the Internet, or even forge information sent to a nuclear power plant. The consequences of such breaches would be severe, to say the least.
Clearly, there’s an urgent need for the development of quantum-resistant encryption protocols to mitigate these risks effectively. Thankfully, the National Institute of Standards and Technology is one step ahead.
The importance of quantum security in the digital age
Quantum-resistant algorithms are designed to remain challenging for both quantum and classical computers to solve in the foreseeable future. However, as quantum computing power continues to advance, what is currently considered quantum-resistant may become more susceptible to decryption.
On the other hand, quantum-proof algorithms rely on mathematical properties that inherently defend against both quantum and classical-based attacks. Essentially, they represent a distinction between algorithms that are merely very difficult to break for current quantum computers and those that are theoretically impossible to break using quantum computers and classical computers.
As the field of quantum computing evolves, the development and adoption of quantum-proof algorithms will be crucial to ensuring the long-term security of sensitive information in the face of emerging technological threats.
How quantum computers are changing laws
Many security-conscious organizations have recognized the impending threat posed by quantum computing. The National Institute of Standards and Technology (NIST) has initiated multiple competitions aimed at developing quantum-resistant algorithms, which are now being widely implemented.
In the US, the Quantum Computing Cybersecurity Preparedness Act has been enacted into law. This legislation mandates that federal agencies take stock of their current encryption schemes, identify their systems that are vulnerable to quantum attacks, and transition to quantum-resistant algorithms to brace for the inevitable advent of quantum computing. This proactive approach underscores the seriousness with which the US government regards the imminent challenge posed by quantum computing.
How to prepare for Q-day
Q-Day represents a significant upheaval for personal security as well as national security. It's prudent to assume that any data transmitted over the Internet using non-quantum-resistant encryption may have been intercepted and stored for future decryption, whether by intelligence agencies or malicious hackers. It’s crucial to realize that the passwords you currently have in use are likely to become vulnerable to exposure when Q-Day arrives.
To mitigate this impact, the first step you should take is transitioning to an offline password manager. This will make it easy to update all of your passwords while ensuring they are unique. Remember, anything you’re transmitting over the internet using RSA is up for grabs: this includes passwords you’re sending to an internet based password manager.
Additionally, opting for one of the best VPN providers that has updated its encryption algorithms to be quantum-resistant, such as ExpressVPN, will significantly bolster security.
Signal has already integrated quantum-safe algorithms into its protocol, offering protection against quantum threats to messaging apps like WhatsApp, Telegram, and Facebook Messenger.
Moreover, OpenSSL has started implementing pluggable quantum-resistant encryption algorithms into its library, enhancing the security of the TLS 1.3 protocol for encrypting internet traffic.
The challenge posed by quantum computing is somewhat similar to the legacy system updates needed during the Y2K threat. It involves updating outdated and insecure protocols that underpin critical systems. While you can take steps to protect yourself, the process really requires technology vendors to work together to ensure we can boldly go into a post Q-Day world.
A quantum-resistant VPN: ExpressVPN
ExpressVPN is featured in many of our top VPN buying guides, and for good reason. It's great for VPN veterans and newbies alike, and helps you stay safe online thanks to its class-leading privacy tech. It may be more expensive than other VPN providers at $6.67 per month – but this includes three months free for Tom's Guide readers and a 30-day money-back guarantee.
Challenges in developing quantum technology
There are various technologies used to create the qubits essential for quantum computing, each with its advantages and disadvantages. Some systems measure the spin of individual quantum particles, while others observe the energy levels of atoms. Superconducting circuits and photon polarization are also used to represent qubits.
It’s not clear which approach is likely to become the standard for quantum computing, but the most crucial metric used to compare them is the error rate.
Scalability is a significant issue for quantum systems, as building additional logical qubits is not a linear problem. While logical qubits represent quantum effects from a computer's perspective, the physical qubits that make up logical qubits are susceptible to interference, similar to classical computers.
In classical computing, algorithms incorporate redundant information to minimize the impact of any factors that may affect the accuracy of the calculations the computer performs. However, in quantum computing, this is primarily achieved by employing numerous physical qubits to create redundancy and lower the error rate.
Therefore, the challenge in scaling quantum computing lies not only in adding more qubits but also in reducing the error rate in the existing qubits. Many different environmental factors, such as changes in temperature, air pressure, and light can introduce noise that increases the error rate of a quantum system.
Q-Day FAQs
When is Q-Day?
There isn't a universally agreed-upon date for "Q-Day". The term "Q-Day" is more of a conceptual milestone rather than an actual date on the calendar. It represents the moment when the cryptographic landscape will be fundamentally altered by the capabilities of quantum computers.
However, the specific timeline for when quantum computers will reach this level of capability is subject to ongoing research and development. It’s still not widely agreed upon how much computational power is required to deploy the algorithms needed to break RSA, but estimates place Q-Day anywhere between 2030 and 2050.
How long until quantum computers exist?
Quantum computers already exist in a limited capacity, with various companies, research institutions, and governments working on developing and improving them. However, the creation of large-scale, practical quantum computers capable of solving complex real-world problems efficiently remains a significant technological challenge. While progress in the field of quantum computing has been substantial, challenges such as error correction, scalability, and maintaining quantum coherence over extended periods still pose a significant problem for building large-scale quantum computers.
When fully functional quantum computers will be widely available is uncertain, but IBM expects to see widespread quantum computing in enterprise environments by 2030.
Are quantum computers faster than traditional computers?
While quantum computers have the potential for significant speedup in specific tasks, they are not universally faster than traditional computers for all types of computations. Quantum computers excel in solving specific types of problems, such as factoring large numbers, simulating quantum systems, and optimizing complex systems. Classical computers follow deterministic algorithms and perform calculations sequentially, which is useful for a wide variety of computing tasks.
Moreover, quantum computers are still in the early stages of development, and practical, large-scale quantum computers capable of outperforming classical computers for a wide range of tasks remain a long-term goal of research and development in the field of quantum computing.
Sam Dawson is a cybersecurity expert who has over four years of experience reviewing security-related software products. He focuses his writing on VPNs and security, previously writing for ProPrivacy before freelancing for Future PLC's brands, including TechRadar. Between running a penetration testing company and finishing a PhD focusing on speculative execution attacks at the University of Kent, he still somehow finds the time to keep an eye on how technology is impacting current affairs.