Quantum computers could crack the cryptography that underpins financial stability
Soldiers in ancient Greece would send secret dispatches by wrapping a strip of parchment around a staff and writing across it. Their messages could be deciphered only by someone with a staff of the same thickness. It is one of the earliest examples of cryptography. Today’s secrets, such as Internet communication, digital banking, and electronic commerce, are protected from prying eyes by powerful computer algorithms. Yet these hitherto impenetrable cryptographic codes could soon be history.
Quantum computers can reach a level of optimization that would crack many of today’s encryption keys in less time than it takes to generate them using conventional digital computers. Financial institutions should future-proof their cybersecurity systems without delay. Failure to do so will imperil financial stability.
A quantum revolution
Quantum computing is the use of quantum phenomena such as superposition and entanglement to perform computations. The basic unit of a quantum computer is the quantum bit (or qubit, for short). It is typically realized by the quantum properties of subatomic particles, such as the spin of electrons or the polarization of a photon. Whereas each binary bit used in today’s digital computers represents a value of either zero or one, qubits represent both zero and one (or some combination of the two) at the same time. This phenomenon is called superposition. Quantum entanglement is a special connection between pairs or groups of quantum elements. Changing the state of one element affects other entangled elements instantly—regardless of the distance between them.
Increasing the number of qubits delivers an exponential rise in calculation processing speed. Two traditional binary bits are needed to match the power of a single qubit; four bits are required to match two qubits; eight bits are needed to match three qubits; and so on. It would take about 18 quadrillion bits of traditional memory to model a quantum computer with just 54 qubits. A 100 qubit quantum computer would require more bits than there are atoms on our planet. And a 280 qubit computer would require more bits than there are atoms in the known universe.
Quantum computers have the potential to massively out-process digital computers that follow classical laws of physics. William Phillips, the Nobel Prize–winning physicist, has compared the leap from today’s technology to quantum with that from the abacus to the digital computer itself. Until recently, this so-called quantum advantage or quantum “supremacy” was just a theory. In 2019, however, Google used a quantum computer to perform a specific computation task in just 200 seconds. The same task would, the company said, have taken the most powerful digital supercomputer at that time 10,000 years.
The possibilities
Complex computational tasks are like finding the way out of a maze. A traditional computer would try to escape by following every path in sequence until it reached the exit. Superposition, by contrast, allows a quantum computer to try all the paths at once. This drastically reduces the time to find a solution.
By solving problems with more accuracy and speed than digital computers, quantum computers have the potential to accelerate scientific discovery and innovation, revolutionize financial market modeling and simulations, and empower machine learning and artificial intelligence. They could be used to model subatomic particles, molecular interactions, and chemical reactions. This could revolutionize chemical engineering and material science and allow the design of new materials, such as solid-state batteries. Quantum computers could also help us understand climate change.
Quantum computers could transform the financial system, too. They could perform more accurate Monte Carlo simulations—used to predict the behavior of markets through pricing and risk simulations—almost in real time. There would be no need to simplify these models with unrealistic assumptions. Quantum computers could also solve optimization tasks—such as allocating capital, determining portfolio investments, or managing the cash in ATM networks—in a fraction of the time it takes digital computers. Quantum computers could also speed the training of machine learning algorithms. The time it takes digital computers to do this increases exponentially with each dimension that is added. Not so with quantum computers.
And the perils
There are risks, however. The computing power of these mighty quantum machines could threaten modern cryptography. This has far-reaching implications for financial stability and privacy. Today’s cryptography is based on three main types of algorithms: symmetric keys, asymmetric keys (also known as public keys), and hash functions. With symmetric keys, the same key is used to encrypt and decrypt a message. Asymmetric cryptography uses a pair of related keys (one private and the other public). A message encrypted by one key can be decrypted only by that key’s pair. These algorithms are widely used for digital authentication, digital signatures, and data security. Hash functions convert digital input into a unique set of bytes of fixed size. They are used to store passwords securely and to support digital identities.
These cryptographic algorithms have mostly succeeded in safeguarding data. Even today’s most advanced digital supercomputers and cryptanalysis techniques cannot break them fast enough. However, quantum computers will be able to solve hard mathematical problems exponentially faster than digital supercomputers. This will make asymmetric cryptography obsolete and will weaken other cryptographic keys and hashes. Theoretically, a fully functioning quantum computer could break an asymmetric key in a matter of minutes. Public keys are especially vulnerable because most of them are based on the factorization problem: it is hard for digital computers to find two prime numbers from their product. Quantum computers, by contrast, can do it effortlessly.
Asymmetric keys are widely used to secure communications over the internet. Successful attacks against these algorithms would compromise connections used by the financial system, including mobile banking, e-commerce, payment transactions, ATM cash withdrawals, and VPN communications, to name just a few. Vulnerable applications that rely on public-key cryptography also include popular digital assets such as Bitcoin and Ethereum, as well as password-protected web applications. The best known of these protocols, HTTPS, is used by 97 of the world's top 100 websites.
For some applications, it may be too late already. Any information assumed secure today could be captured and stored to be deciphered later once sufficiently powerful quantum computers are created. In fact, almost any encrypted personal or financial message sent and stored today could be deciphered retroactively by a powerful quantum computer. Most financial institutions and regulators are not yet alert to these novel risks.
Race against the machine
The race to develop new quantum-safe encryption standards and algorithms has begun already. In the United States, the National Institute of Standards and Technology is running a competition to develop quantum-safe encryption algorithms. It hopes to announce a winner by 2024. The European Telecommunications Standards Institute is also taking a lead. These efforts are feeding into the activities of other standard-setting bodies. Because of retroactive risks, however, financial institutions have a narrow window to implement the new standards.
Financial institutions must take immediate steps to prepare for a cryptographic transition. They should start by assessing retroactive and future risks from quantum computers, including from information that may already have been captured and can be exploited years later. Financial institutions should then develop plans to migrate current cryptography to quantum-resistant algorithms. This includes taking an inventory of public-key cryptography they use themselves as well as that used by any third-party suppliers. Vulnerable algorithms will need to be transitioned to post-quantum cryptography. Financial institutions should also build cryptographic agility so that algorithms can be upgraded smoothly. Experiences of algorithm replacements, even though much simpler than the transition to post-quantum standards, show that they can be extremely disruptive. They often take years or decades to accomplish.
The IMF has an important role to play in raising the awareness of its members about the risks to financial stability from quantum computers and in promoting quantum-safe standards and practices. The Fund should encourage member countries to collaborate closely in developing quantum-safe encryption standards to ensure interoperability and adopt encryption migration plans for their financial sectors.
Today’s quantum computers are very sensitive. Any environmental disturbance, such as heat, light, or vibration, pulls qubits out of their quantum state and turns them into regular bits. This produces computation errors. Still, machines that compute with fewer errors and are capable of cracking codes are not far off. Financial institutions should recognize the risks and secure their systems before it is too late. After all, history is full of cautionary tales of supposedly unbreakable codes being cracked by new technology.
This article is based on IMF Working Paper 21/71, “Quantum Computing and the Financial System: Spooky Action at a Distance?”
Opinions expressed in articles and other materials are those of the authors; they do not necessarily reflect IMF policy.