It’s more than a hype; Quantum’s impact on cyber security with Aliro Quantum
Cybersecurity, a key buzzword in 2024 in the world of quantum. But exactly how important is quantum's impact on cyber-security? In this exclusive interview with Michael Cubeddu, the Co-Founder and VP of R&D of Aliro Quantum, we explore what companies need to understand about Quantum Secure Communication and why quantum’s impact on cybersecurity is more than a hype.
To start, please give us a little introduction on your current role and what you do.
I am Michael Cubeddu, the Co-Founder and VP of R&D of Aliro Quantum. I have been in the quantum space for over 7 years as a student and researcher at Harvard, and now as an entrepreneur – publishing papers, filing patents, creating products, and fostering relationships. At Aliro, my work focuses on harmonizing the business, product, and research directions of the company. I engage with customers, prospects, partners, and the broader quantum community to better improve our product, research, and intellectual property efforts.
How do you think quantum will impact cyber-security? Do enterprises need to be approaching this challenge now, or is that hype?
It’s not all hype. Quantum computing is poised to have a significant impact on cybersecurity. Its potential to break current cryptographic protocols will fundamentally change how data is protected. Enterprises need to be proactive in their approach to protect themselves and their data from both quantum and novel classical attacks. While it's important not to be swayed by hype, ignoring the quantum threat will lead to significant vulnerabilities now and in the future. The good news is, there are concrete actions that enterprises can take today: stay informed, assess your current cryptographic inventory, conduct regular risk assessments, develop a more cryptographically-agile infrastructure, and formulate a plan to integrate quantum-resistant technologies into your cybersecurity portfolio.
The urgency for developing quantum-secure methods to protect data arises from the potential of quantum computers to break the widely-used encryption standards we use every day, like RSA and ECC. This is a monumental issue: we use these encryption standards to safeguard our medical data, to keep our emails private, and to ensure the security of financial transactions. These methods are used to secure critical infrastructure, including water and electricity. Harvest Now Decrypt Later attacks are also a major concern. Adversaries can collect encrypted data today with the intention of decrypting it once quantum computing becomes sufficiently advanced, posing a threat to long-term data confidentiality.
We don’t know the exact date that a cryptographically-relevant quantum computer will exist, but the estimate continues to shrink - not because time is passing, but because breakthroughs in quantum computing hardware and theory are coming at an increasingly rapid pace. The best thing enterprises can do is start looking into their own vulnerabilities, assessing the risk profiles of their systems and data, and exploring the options available to protect themselves in this quantum era.
You are cofounder of Aliro Quantum, the Quantum Networking Company, which focuses on quantum communication - and in particular Quantum Secure Communication. What do organizations need to understand about this technology?
As quantum computing development continues to grow toward large-scale fault tolerance, the race to secure global communications against quantum threats intensifies, with Post-Quantum Cryptography (PQC), Quantum Key Distribution (QKD), and Quantum-Secure Communications (QSC) at the forefront. These three methods are not mutually exclusive, they have different capabilities and security properties, but there is only one method that is information-theoretically secure: QSC.
QSC is one of the applications of entanglement-based quantum networks that we focus on at Aliro Quantum. This method uses end-to-end entanglement to protect data, essentially fighting quantum (and classical) attacks with quantum physics in a way that does not expose any sensitive data to adversaries or the network itself. This method has an additional benefit: it can be used for applications beyond secure communication, such as distributed quantum computing and distributed sensing.
If your organization needs very highly-secured communication - whether that’s email correspondence, financial transactions, or other sensitive information, integrating QSC into your data transmission systems will offer unparalleled security as well as versatility with other quantum-native services.
Quantum.Tech covers quantum computing, cryptography as well as sensing; what area are you most excited about and why?
I’m very excited about each of these areas! The entanglement-based networks that we work with, unlike the prepare-and-measure QKD networks that came before, are inherently multi-purpose, and have applications across all three verticals:
- Protecting data through physics with Quantum Secure Communication is a priority application of the entanglement-based networks that Aliro Quantum builds.
- Somewhat ironically, the same entanglement-based networks that can implement QSC and protect data against quantum attacks can be used to interconnect quantum computers for increased computational power. It’s not unlikely that this is how the first practical quantum computer will be created.
- Entanglement-based networks can be used to connect quantum sensors for sensing applications not possible via classical means. Entanglement-based quantum networks facilitate distributed quantum sensing, where multiple quantum sensors are deployed together, sharing entangled particles to measure a property more accurately than any single sensor could achieve alone. This is particularly useful for monitoring large-scale infrastructures, such as power grids, pipelines, or large geographical areas for environmental monitoring.
Where can we catch up with you at Quantum.Tech?
You can catch me at two different talks on April 24, as part of the Cryptography Spotlight:
- At 2 pm: How can CISO’s keep data secure with the onset of quantum? I’m excited to join this panel discussion to talk specifically about how organizations are preparing their businesses, security posture, and connectivity for the quantum age, and how your organization can plan, design, and implement quantum-secure cybersecurity solutions today.
- At 4 pm: PQC, QKD, or QSC: Which is Better? I’ll be digging into the competitive landscape of quantum-resistant technologies, focusing on Post-Quantum Cryptography (PQC), Quantum Key Distribution (QKD), and Quantum-Secure Cryptography (QSC). I’ll talk about the strengths and weaknesses of each approach, the trade-offs involved, the feasibility of hybrid solutions in the face of emerging quantum threats, as well as highlight key national strategies and initiatives in quantum security.
You can also catch me and my colleague Michael Gaffney at the Aliro Quantum exhibitor booth - that’s booth D6 on the map.
About Aliro Quantum
Aliro Quantum, The Quantum Networking Company™, offers AliroNet™ to run entanglement-based quantum networks that are capable of delivering a wide variety of applications from secure communications to clustered quantum computing and distributed quantum sensing. Aliro, spun out of NarangLab at Harvard University, includes world-class experts in quantum and classical networking and is leading the charge in quantum network development by offering the foundational technologies needed for organizations around the world to build scalable and powerful distributed quantum systems. AliroNet™ users include utility companies, telecommunications providers, public sector organizations, enterprises, and researchers who are simulating, designing, piloting, orchestrating, and building the world's first entanglement-based quantum networks. Visit us at www.aliroquantum.com.
Subscribe to Our Free Newsletter