It might be the biggest thing in computing since the microprocessor. But quantum computing doesn’t come with guaranteed security. Among the challenges, developing cryptography algorithms that resist quantum computing. Government and industry are both pursuing this goal. For a view from the industry side, the ** Federal Drive with Tom Temin** spoke to the Vice President for Quantum Adoption at IBM, Scott Crowder.

*Interview transcript:*

**Tom Temin**

Let’s start with a brief definition of quantum computing. The word is on everybody’s lips, but I’m not sure everyone precisely knows what it is.

**Scott Crowder**

Sure. Quantum information science, or quantum computing, uses the principles of quantum mechanics to do calculations in a completely different way than we do classically. And that information science is exciting, because it scales differently than the way we’ve been doing calculations since we’ve been counting chickens on our fingers. In quantum computing, every time you add a qubit, you double the state space that you can explore. That goes up really, really quickly. And once you got a quantum computer with something on the order of 160 qubits or so, you’ve got a state space that’s larger than the number of atoms on the planet Earth. And when you get up to qubit sizes in the three hundreds, that state space is larger than the number of atoms in the known universe. It doesn’t mean it can compute anything. It’s not an all powerful computer. But people have shown on the blackboard that it can do certain types of computation that you just would never be able to do on a classical computer.

**Tom Temin**

And for people that understand classical binary operations, it no longer applies, does it?

**Scott Crowder**

That’s right. So it’s a different approach than what we do with binary math and classical computation. One of the things that people like from a popular science point of view think, is that when computers just get big enough, they’ll be able to solve any problem. And that’s just fundamentally not true. And that’s a good thing. Because we wouldn’t have cybersecurity if that were true. We use problems that are hard for classical computers to compute in order to protect our data. And what quantum safe cryptography or post quantum cryptography is, is something that both, quantum computers and classical computers both suck at. So the challenge is that we believe that in the future, quantum computers will be good at computing the kinds of problems that we’re currently using for cryptography. And quantum safe cryptography or post quantum cryptography, is those problems that the math is hard for both quantum computers and classical computers.

**Tom Temin**

So the problem then or the challenge, is one to protect current computing algorithms from quantum or to protect current computing with algorithms that are resistant to quantum. And then later to protect quantum itself from itself.

**Scott Crowder**

Yeah, exactly. So what happened is in the mid 90s, a guy named Peter Shor, on a blackboard proved that the future quantum computer of sufficient scale and quality and caveat caveat caveat, would be able to do factoring in discrete log. Which is the math that we use for a public key encryption today, that basically all of society’s e-commerce works on. So I want to send you something secret, I first need to send you a key that you can unlock it. But I wrapped that with a public key encryption, so that nobody else can steal it. The math underlying that is either discrete log, or it’s factoring or things like that. And this guy, Peter Shor, proved on a blackboard that a future quantum computer could solve something that would take billions of years with a regular old computer, could take days with a quantum computer. And that’s the challenge. The challenge is, we need to find a new cryptographic method that quantum computers can’t break either. But at the same time, make sure that classical computers can’t break it. Because there’s a lot of classical computers out there right now.

**Tom Temin**

Sure. Now, the [National Institute of Standards and Technology] at the Commerce Department has come out with guidelines on quantum resistant algorithms. Is that the basis, now that is what industry is working on? Because I imagine industry help develop those.

**Scott Crowder**

Right, exactly. IBM Research worked very closely with NIST. In fact, three of the four that NIST chose for standardization, were submissions from IBM Research and its collaborators. The good news is that, we found types of math that we believe fall into that category of both, classical computers and quantum computers will have trouble breaking. And now we’re at the point where we want to make sure that everything wrapped around that math, is solid also. Because you can introduce vulnerabilities from how you implement the algorithms, not just the algorithms itself. Good news is the algorithms exist. Really, really brilliant people have come up with algorithms that are cryptographically safe for quantum computers. But now we just have to make sure we put the standards in place, wrappers around it, so it’s ready to go and ready to be implemented.

**Tom Temin**

We’re speaking with Scott Crowder, he is the vice president for Quantum Adoption at IBM. And how is it possible to really know, since quantum computers as they’re envisioned, don’t really exist despite claims have come out from time to time? Is it another guy on a blackboard figuring it out, or how do we test these things with the current state of technology?

**Scott Crowder**

Yeah. So I think that is one clear way that we can test on the quantum side, the theory. And on the classical side, which is just as important. In fact, you could argue even more important to make sure that classical computers, there’s no vulnerabilities that classic computers can find, because that’s the threat today. For those we’ve been hacking at this for over a decade, for some of the methods that are being proposed for the standards from NIST. And that’s what NIST been doing for the past, it’s probably been seven years now, before they announced these are the algorithms that we want to standardize?

**Tom Temin**

And can quantum effects be simulated by classical computers just for purposes of running experiments?

**Scott Crowder**

They can for small problems. If you have problems with qubit sizes less than 50 qubits. Then yes, you can simulate it on the world’s largest supercomputer. The challenge is, once you get above that, then you can’t. Where we are today, to be very clear, is that the quantum systems that exist today are not large enough or low enough error rate to be practically better than classical computers. And they’re even farther away from being cryptographically relevant, but we’re making progress really, really quickly. And we think this decade will be the decade where they do become practical. And we need to prepare for the day when they become cryptographically relevant.

**Tom Temin**

Yeah. What is the challenge to getting to quantum? Is it a manufacturing issue? I mean, you need to have processors that operate in qubits, like Noah’s Ark. What’s keeping it from maturing faster?

**Scott Crowder**

It’s maturing really quickly. If you think about it, we put out a roadmap, the end of 2019, so about three years ago. We were at that point at 27 qubits systems. We now are at 433. And we’ll be over 1,000 this year. That’s one of the axis of practical that makes it better, better than classical. The second one that’s really important, is the error rates and the algorithms you use to mitigate errors with quantum computers. And that’s another axis that we need to continue to improve on. Right now, we’re at about 99.9% fidelity or .1% error rate in our operations. If you get a little bit better than that, then you can start doing error mitigation techniques that will make it practical. So if you look at our roadmap out, into getting to about 5,000, by the middle of this decade, and continuing to reduce our error rates down to below three nines or above three nines fidelity. You get to a very interesting point, by the middle of this decade, where we think quantum computers will be practical.

**Tom Temin**

Sure, because if you have .1, or .01%, or .001% errors, at the scale of many thousands of qubits, that’s millions and millions of errors. So you really have to get those quite low and then have really powerful ways of correcting for it.

**Scott Crowder**

That’s absolutely correct. That’s right. So that’s the big challenge in the industry right now. There are definitely hurdles that we still need to overcome. I think the exciting thing is how much progress we’ve made, and we stay on the same slope we’re currently on, then it starts to intercept in a couple of years, if not a little earlier than that.

**Tom Temin**

So then really manufacturing, programming, error rate reduction, and cybersecurity have to progress in tandem. For it to become a practical reality, sometime in the next decade.

**Scott Crowder**

Yes, I would argue that the cybersecurity needs to be ahead of it. And the reason why it needs to be ahead of it is because, there’s a concern about collect your data now and decrypt it later. And the reality in industry is, that a lot of industries have platforms that need to live for long periods of time. So your telco network, or your automobile manufacturer, or in the federal space, you can think of a lot of analogues to that. You’ve got platforms that need to be in the field for five, 10, 20, 40 years. So you need to start thinking about how do you make them quantum safe now, because they’re going to be in the field when quantum computers in the future become powerful enough. And then obviously, for very, very sensitive data. There’s a fear of people collecting data now and then being able to encrypt later. So the cybersecurity elements of this need to lead it not lag the quantum computing roadmap.

It might be the biggest thing in computing since the microprocessor. But quantum computing doesn’t come with guaranteed security. Among the challenges, developing cryptography algorithms that resist quantum computing. Government and industry are both pursuing this goal. For a view from the industry side, the ** Federal Drive with Tom Temin** spoke to the Vice President for Quantum Adoption at IBM, Scott Crowder.

**Tom Temin**Let’s start with a brief definition of quantum computing. The word is on everybody’s lips, but I’m not sure everyone precisely knows what it is.

**Scott Crowder**Sure. Quantum information science, or quantum computing, uses the principles of quantum mechanics to do calculations in a completely different way than we do classically. And that information science is exciting, because it scales differently than the way we’ve been doing calculations since we’ve been counting chickens on our fingers. In quantum computing, every time you add a qubit, you double the state space that you can explore. That goes up really, really quickly. And once you got a quantum computer with something on the order of 160 qubits or so, you’ve got a state space that’s larger than the number of atoms on the planet Earth. And when you get up to qubit sizes in the three hundreds, that state space is larger than the number of atoms in the known universe. It doesn’t mean it can compute anything. It’s not an all powerful computer. But people have shown on the blackboard that it can do certain types of computation that you just would never be able to do on a classical computer.

**Tom Temin**And for people that understand classical binary operations, it no longer applies, does it?

**Scott Crowder**That’s right. So it’s a different approach than what we do with binary math and classical computation. One of the things that people like from a popular science point of view think, is that when computers just get big enough, they’ll be able to solve any problem. And that’s just fundamentally not true. And that’s a good thing. Because we wouldn’t have cybersecurity if that were true. We use problems that are hard for classical computers to compute in order to protect our data. And what quantum safe cryptography or post quantum cryptography is, is something that both, quantum computers and classical computers both suck at. So the challenge is that we believe that in the future, quantum computers will be good at computing the kinds of problems that we’re currently using for cryptography. And quantum safe cryptography or post quantum cryptography, is those problems that the math is hard for both quantum computers and classical computers.

**Tom Temin**So the problem then or the challenge, is one to protect current computing algorithms from quantum or to protect current computing with algorithms that are resistant to quantum. And then later to protect quantum itself from itself.

**Scott Crowder**Yeah, exactly. So what happened is in the mid 90s, a guy named Peter Shor, on a blackboard proved that the future quantum computer of sufficient scale and quality and caveat caveat caveat, would be able to do factoring in discrete log. Which is the math that we use for a public key encryption today, that basically all of society’s e-commerce works on. So I want to send you something secret, I first need to send you a key that you can unlock it. But I wrapped that with a public key encryption, so that nobody else can steal it. The math underlying that is either discrete log, or it’s factoring or things like that. And this guy, Peter Shor, proved on a blackboard that a future quantum computer could solve something that would take billions of years with a regular old computer, could take days with a quantum computer. And that’s the challenge. The challenge is, we need to find a new cryptographic method that quantum computers can’t break either. But at the same time, make sure that classical computers can’t break it. Because there’s a lot of classical computers out there right now.

**Tom Temin**Sure. Now, the [National Institute of Standards and Technology] at the Commerce Department has come out with guidelines on quantum resistant algorithms. Is that the basis, now that is what industry is working on? Because I imagine industry help develop those.

**Scott Crowder**Right, exactly. IBM Research worked very closely with NIST. In fact, three of the four that NIST chose for standardization, were submissions from IBM Research and its collaborators. The good news is that, we found types of math that we believe fall into that category of both, classical computers and quantum computers will have trouble breaking. And now we’re at the point where we want to make sure that everything wrapped around that math, is solid also. Because you can introduce vulnerabilities from how you implement the algorithms, not just the algorithms itself. Good news is the algorithms exist. Really, really brilliant people have come up with algorithms that are cryptographically safe for quantum computers. But now we just have to make sure we put the standards in place, wrappers around it, so it’s ready to go and ready to be implemented.

**Tom Temin**We’re speaking with Scott Crowder, he is the vice president for Quantum Adoption at IBM. And how is it possible to really know, since quantum computers as they’re envisioned, don’t really exist despite claims have come out from time to time? Is it another guy on a blackboard figuring it out, or how do we test these things with the current state of technology?

**Scott Crowder**Yeah. So I think that is one clear way that we can test on the quantum side, the theory. And on the classical side, which is just as important. In fact, you could argue even more important to make sure that classical computers, there’s no vulnerabilities that classic computers can find, because that’s the threat today. For those we’ve been hacking at this for over a decade, for some of the methods that are being proposed for the standards from NIST. And that’s what NIST been doing for the past, it’s probably been seven years now, before they announced these are the algorithms that we want to standardize?

**Tom Temin**And can quantum effects be simulated by classical computers just for purposes of running experiments?

**Scott Crowder**They can for small problems. If you have problems with qubit sizes less than 50 qubits. Then yes, you can simulate it on the world’s largest supercomputer. The challenge is, once you get above that, then you can’t. Where we are today, to be very clear, is that the quantum systems that exist today are not large enough or low enough error rate to be practically better than classical computers. And they’re even farther away from being cryptographically relevant, but we’re making progress really, really quickly. And we think this decade will be the decade where they do become practical. And we need to prepare for the day when they become cryptographically relevant.

**Tom Temin**Yeah. What is the challenge to getting to quantum? Is it a manufacturing issue? I mean, you need to have processors that operate in qubits, like Noah’s Ark. What’s keeping it from maturing faster?

**Scott Crowder**It’s maturing really quickly. If you think about it, we put out a roadmap, the end of 2019, so about three years ago. We were at that point at 27 qubits systems. We now are at 433. And we’ll be over 1,000 this year. That’s one of the axis of practical that makes it better, better than classical. The second one that’s really important, is the error rates and the algorithms you use to mitigate errors with quantum computers. And that’s another axis that we need to continue to improve on. Right now, we’re at about 99.9% fidelity or .1% error rate in our operations. If you get a little bit better than that, then you can start doing error mitigation techniques that will make it practical. So if you look at our roadmap out, into getting to about 5,000, by the middle of this decade, and continuing to reduce our error rates down to below three nines or above three nines fidelity. You get to a very interesting point, by the middle of this decade, where we think quantum computers will be practical.

**Tom Temin**Sure, because if you have .1, or .01%, or .001% errors, at the scale of many thousands of qubits, that’s millions and millions of errors. So you really have to get those quite low and then have really powerful ways of correcting for it.

**Scott Crowder**That’s absolutely correct. That’s right. So that’s the big challenge in the industry right now. There are definitely hurdles that we still need to overcome. I think the exciting thing is how much progress we’ve made, and we stay on the same slope we’re currently on, then it starts to intercept in a couple of years, if not a little earlier than that.

**Tom Temin**So then really manufacturing, programming, error rate reduction, and cybersecurity have to progress in tandem. For it to become a practical reality, sometime in the next decade.

**Scott Crowder**Yes, I would argue that the cybersecurity needs to be ahead of it. And the reason why it needs to be ahead of it is because, there’s a concern about collect your data now and decrypt it later. And the reality in industry is, that a lot of industries have platforms that need to live for long periods of time. So your telco network, or your automobile manufacturer, or in the federal space, you can think of a lot of analogues to that. You’ve got platforms that need to be in the field for five, 10, 20, 40 years. So you need to start thinking about how do you make them quantum safe now, because they’re going to be in the field when quantum computers in the future become powerful enough. And then obviously, for very, very sensitive data. There’s a fear of people collecting data now and then being able to encrypt later. So the cybersecurity elements of this need to lead it not lag the quantum computing roadmap.