Y2Q Countdown. PHOTO: Cybercrime Magazine.

Y2Q Will Be Here Sooner Than You Think

Countdown to Q-Day

David Braue

Melbourne, Australia – Nov. 20, 2024

Cybersecurity Ventures predicts that Y2Q will arrive on or around Jan. 1, 2031.

For decades, cybersecurity experts have talked wistfully about the arrival of near mythical quantum computers whose mind-bending physics would enable the brute-force cracking of complex encryption algorithms in minutes rather than millennia.

There was only one problem: the actual construction of a quantum computer was still fantasy, existing only in the minds of engineers wrestling to turn the fundamentals of quantum physics into a new and usable computing paradigm.

The challenge once seemed so hard that “Q-Day” — the day, also known as Y2Q, when cryptanalytically relevant quantum computers (CRQCs) would finally be able to decrypt the world’s secrets — seemed decades away.

“Quantum computing became a bit of a joke in the cybersecurity field because it was always five years away,” explained Marin Ivezic, Partner, KPMG Middle East, who as a quantum computing expert for several decades — and manager of PostQuantum.com — has watched the technology crawl from early theory to the recent delivery of ever more usable systems.

“Everybody was always saying that the sky is falling and that quantum computers would arrive tomorrow,” Ivezic said, “but it was never really coming and would never really work.”

“We’re now at the stage where much of the science behind quantum computers is being solved, and nobody suspects anymore that quantum computers will not actually come in the next couple of years.”

“Nobody’s laughing anymore.”

Y2Q.ORG COUNTDOWN CLOCK

“Cybersecurity Ventures predicts that Y2Q will arrive on or around Jan. 1, 2031,” says Steve Morgan, editor-in-chief at Cybercrime Magazine.

“When it does, the world will either suffer unimaginable financial, security, and technological catastrophes that taken together will be an order of magnitude worse than cybercrime, which is estimated to cost the world $10.5 trillion USD annually by 2025 — OR the world will be a much safer place,” adds Morgan, who appeared as himself in VICE TV’s “Dark Side of the ’90s” documentary “Y2K: Paranoia Will Destroy Ya” about the real-life thriller that is known as the Y2K scare.

“It all depends on WHO possesses the quantum computer that will break public key cryptography.”

Y2Q.ORG COUNTDOWN CLOCK

January 1, 2031

FROM THEORY TO REALITY

Rather than speaking of quantum computers as purely hypothetical, advancements in recent years have shifted the conversation dramatically as scientists first figured out how to manage the interactions between qubits — the quantum world’s equivalent of the electronic world’s bit — whose complex characteristics make them the basis of quantum computers’ extraordinary computational power.

Where early research assumed quantum computers must operate at near absolute zero — a low-energy state whose incredibly low temperature enabled scientists to better control qubits’ chaotic behaviour — subsequent advancements have enabled room-temperature quantum computing based on qubits encased in silicon.

This not only means quantum computers could be installed outside of the controlled environment of physics laboratories, but that they can be manufactured using well-established microprocessor techniques that will allow large-scale manufacture of quantum computing chips.

Such advancements have experts like Ivezic confidently concurring with Cybersecurity Ventures on the upcoming arrival of Y2Q — and this certainty is finally spurring the industry to action.

The problem that Q-Day poses for businesses, governments, universities, healthcare providers, cryptocurrency systems, and basically every piece of technology device that relies on encryption is simple: once CRQCs become real — and become accessible to cyber criminals — all bets are off.

“We focus on the few cryptographic algorithms that will be broken when Q-Day happens,” Ivezic explained, “but one of the things the industry doesn’t talk about clearly is the fact that every single device will be impacted in some way.”

“When we look at big organizations, that’s not just the IT systems. It’s the operational technology running their processes. The building management systems in their offices. The personal devices of their people.”

Mainstream business advisories are picking up the clarion call: Gartner, for one, recently published an executive explainer on the technology’s role in business — and urged businesses to get to work now to adopt the post quantum computing (PQC) encryption algorithms that were released in final form by NIST in Aug. 2024.

The threat isn’t only that Y2Q will hasten the cracking of encrypted systems, but that cybercriminals and nation-states are already warehousing encrypted data with the expectation that they’ll be able to crack it a few years down the track.

This practice — known as harvest now, decrypt later, or HNDL — poses a clear and present danger to every organisation relying on encryption to protect its data, and it’s a key reason executives must move sooner rather than later to progress their PQC transition.

“We have to think about that right now,” said Ivezic, “because whether Q-Day arrives in 5 years or 15 years, the ecosystem it will affect is massive — and organizations really need to start preparing today to be able to change every single device in their environment in some way before Y2Q.”



THE MILLENNIUM BUG ALL OVER AGAIN

This will all sound familiar to those who have been around the IT industry for a few decades: in the late 1990s, the IT industry’s collective realization that many computers and software packages could not handle dates with years from 2000 led to a massive global effort to audit and patch affected systems.

The effort put into fixing “Y2K” — which consumed billions of dollars and untold hours of software developers’ time as well as driving cultural fears about the potential impact of the “Millennium Bug” — was slammed by many when Jan. 1, 2000 rolled around and very little happened.

But that was exactly the point, explained Theresa Payton, a former White House CIO who now serves as CEO of security consultancy Fortalice Solutions.

“The reason why Y2K was something of a ‘much ado about nothing’ is because many of us spent 12, 18, and in some cases 24 months combing through source code, looking for hard-coded years, and looking for anything that was dependent upon 19-something,” she told Cybercrime Magazine.

Businesses need to take a similar approach to evaluating their exposure to Y2Q, Payton said, because encryption is so endemic to modern society that the implications of even some systems being left vulnerable to CRQCs are unthinkable.

“Most encryption is just one huge mathematical problem,” she explained, “and the reason why it serves to protect us very well is that today’s computers would need hundreds of years to crack them.”

“Quantum computing, however, will allow us to do mathematical problems at a speed and scale we’ve never seen — which means that unless we have new encryption that is PQC, and it has been implemented everywhere, the potential for this technology to be misused by criminals and nation-state operatives to unlock our systems and data is a real and present threat.”



SQUARING UP TO THE NATION-STATE THREAT

Improvements in quantum computing are coming from all corners of the scientific community, with existing early quantum computers from the likes of IBM proving the concept is sound but new technologies continuously refining the way it works.

One such concept — quantum annealing, which has been pioneered by Canadian firm D-Wave Systems to deliver a usable albeit low-powered quantum computer — created a stir in early October when researchers at China’s Shanghai University published a paper detailing their success in using a D-Wave quantum computer to find the prime factors of a series of RSA encryption keys up to 50 bits long.

This is the operation necessary for CRQCs to fulfil their destiny as disruptors of modern encryption — and while the researchers readily admitted that the technique was in its early stages, media accounts suggested that the researchers had cracked military-grade encryption.

Sceptics pushed back, noting that even contemporary computers can crack 50-bit encryption keys in the blink of an eye — but behind the debunking was the realization that every such advancement is bringing Q-Day closer, and with it the threat posed by cybercriminals and nation-state actors once they can use quantum computers to decrypt masses of data using the well-known Shor’s algorithm.

“Based on conversations with people who are very knowledgeable about Y2Q, I think it will arrive after 2030,” says Martin E. Hellman, who is best known for inventing — along with Whitfield Diffie and Ralph Merkle — the Diffie-Hellman Key Exchange public key cryptography system that performs encryption functions similar to RSA.

“But that doesn’t change the fact that adversaries (or our government) can ‘harvest now, decrypt later,’” he said.

”I am also concerned that there might be advances in cryptanalysis separate from quantum computers, all of which makes me happy that NIST is developing algorithms that hopefully would resist quantum computer attacks — and those potential advances in cryptanalysis.”

Jim Bidzos, founder, chairman of the board and CEO at Verisign and a former RSA Security CEO who founded the RSA Conference, welcomes NIST’s leadership in developing PQC algorithms.

“Scientific breakthroughs are notoriously difficult to forecast,” he told Cybercrime Magazine, “and it’s definitely not too early to be planning for [Y2Q].”

IS NOW THE TIME TO PANIC? (TL;DR: YES)

Consensus, then, currently puts Y2Q in the 2030 timeframe — just five years from now — at which point, Payton warns, hostile nation-states like China will gain a strategic advantage if they can retain their quantum lead over Western countries.

“Everything we know about cybersecurity — every lock secured by current encryption methods — could get blown wide open,” she said, warning that “our choice is a simple one: to await the devastation of the first cyber attack fueled by quantum decryption, or to build the defenses to stop it.”


Cybercrime Radio: Is America Losing The Quantum Race With China?

Former White House CIO Theresa Payton


That’s a stark choice, and it means executives responsible for data security are on notice that they need to act now, and act effectively.

Given the rate of advancement, however, we may not have that long, warns Taher Elgamal, an Egyptian-American cryptographer and entrepreneur known as the “Father of SSL” Internet encryption protocol.

“If you remember, we knew when Y2K was going to arrive,” said Elgamal, who believes Y2Q could come as late as the mid 2030s, “so we started preparing much earlier.”

“But no one really knows at all,” he added. “The question is when should we start to prepare knowing that adversaries will gain knowledge about current communications then.”

While quantum technology is evolving quickly, not all security experts believe Y2Q will come on a specific date as a full “quantum apocalypse” — but rather, that it will involve the slow dance between technology companies’ evolving quantum systems and the continuous improvement of information protection strategies.

“I have always thought the notion of a ‘quantum apocalypse’ is overstated,” said Bruce Schneier, an internationally renowned security technologist and author of more than a dozen books including the seminal Applied Cryptography and the recent New York Times bestseller A Hacker’s Mind.

Even if some hypothetical alien technology could break all of cryptography overnight, Schneier has previously written, we could still have secrecy based on information theory — albeit with significant loss of capability.

Not everyone is so optimistic, however: some cite the speed with which quantum computing technology’s timeline has accelerated. “What has been startling is how quickly the Y2Q deadline has moved from ‘20 years out’ to an imminent, foreboding ‘Within the next five years,’” says Nicole Perlroth, author of the New York Times bestseller “This Is How They Tell Me The World Ends.”

“It reminds me of the answer I used to get from government officials and cybersecurity professionals every time I would ask them: How far out are we from a cataclysmic cyberattack with physical implications? ‘18 to 24 months’ — just close enough to add urgency, but far enough away that I wouldn’t hold them to their answer if they were off,” adds Perlroth, who spent a decade as a cybersecurity reporter at The New York Times.

“I do not know how far off Y2Q is,” says Perlroth, “but I am intimately aware of how much data has been hacked, stolen, and harvested by America’s chief cyber adversaries — namely China — and fear the day that it all becomes widely available to Shor’s algorithm. I would say that whenever that day is, we would be wise to invest in novel, quantum-safe cryptographic protocols right now and will pay a costly price if we don’t.”

David Braue is Editor-at-Large at Cybercrime Magazine and an award-winning technology writer based in Melbourne, Australia.

Y2Q.org is a community initiative with facts, figures, predictions, statistics, and submissions published in Cybercrime Magazine, co-moderated by Marin Ivezic, Partner, KPMG Middle East and author at PostQuantum.com. We provide expert opinion on Y2Q, the quantum threat, and quantum security. Our sources are computer, cybersecurity, cryptography, encryption, quantum, and technology thought leaders globally. 

For more resources on quantum computing, Cybercrime Magazine recommends PostQuantum.com, SecureQuantum.com, and AppliedQuantum.com.