In a groundbreaking development, Chinese researchers have claimed to have found a way to leverage D-Wave's quantum annealing systems to mount a promising attack on classical encryption methods. This significant breakthrough poses a “real and substantial threat” to the password-protection mechanisms that underpin critical sectors, including banking and defense.

Outlined in their paper titled "Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage," published in the September edition of the Chinese Journal of Computers, the research team, led by Wang Chao from Shanghai University, asserts that D-Wave’s machines can optimize problem-solving to devise effective attacks on public key cryptography. Utilizing an off-the-shelf D-Wave machine, the researchers targeted Substitution-Permutation Network (SPN) structured algorithms, which are foundational to the Advanced Encryption Standard (AES)—one of the most widely used encryption standards. The specific algorithms attacked include Present, Rectangle, and Gift-64, marking the first time a real quantum computer has posed a tangible threat to these critical encryption methods.

As quantum computing continues to advance, the global market is projected to reach $50 billion by the end of this decade. Major tech companies are launching commercial quantum-computing cloud services, while significant investments are being made in emerging players. However, surveys indicate that businesses remain deeply concerned about the cybersecurity risks posed by quantum advancements.

Research indicates that protecting data and managing cyber risks is viewed as a top challenge by C-suite executives and board members for 2024 and beyond. Organizations are urged to begin migrating to post-quantum encryption solutions now, as even data encrypted with traditional asymmetric encryption today can be harvested by adversaries and decrypted once sufficiently powerful quantum computers become operational.

The implications of quantum computing are vast, as these systems will be capable of breaking common encryption methods at alarming speeds. Cybercriminals could employ a “harvest-now, decrypt-later” strategy, targeting sensitive data with long-term value, such as health records and financial information. A proactive approach to quantum risk management is essential for organizations to limit their exposure to these emerging threats.

Key considerations for businesses include:

• Understanding the lifetime value of sensitive data
• Evaluating the impact of potential data breaches
• Developing contingency and mitigation plans to prevent quantum attacks
• Determining capabilities available today for implementation

As quantum-specific legislation and regulations emerge, organizations must act now to prepare for the quantum threat.