Hoping to get ahead of unknown and unpredictable risks, the Linux Foundation announced the launch of the Post-Quantum Cryptography Alliance (PQCA), a group dedicated to addressing security vulnerabilities that are likely to emerge when quantum computing technology begins to infiltrate IT infrastructure, financial systems and national security.
Founding members include tech giants Amazon Web Services, Google, IBM, and NVIDIA, as well as cybersecurity firms and research institutions.
“With the rapid advancements in quantum computing, the need for robust cryptographic solutions that can withstand attacks from future cryptographically relevant quantum computers has become paramount,” Jim Zemlin, executive director of the Linux Foundation, said in the Tuesday news release.
The coalition includes industry leaders, academic institutions, and developers, and they have to prepare cryptographic systems for the advent of quantum processors that are powerful enough to break current encryption standards.
Quantum computers leverage the strange properties of subatomic particles to perform calculations exponentially faster than classical computers. While still in early developmental stages, quantum systems are projected to advance at a clip that could outpace the encryption upgrades required to keep critical data locked down.
The alliance's goal is to accelerate the transition to “post-quantum” cryptography, meaning new encryption methods that would be secure against code-cracking quantum algorithms. The alliance is committed to developing open-source software implementations—starting with the recently standardized ML-KEM algorithm—to help facilitate adoption across sectors and industries.
“IBM has already played a key role in driving the development and adoption of post-quantum cryptography, and with quantum technology advancing rapidly, industry collaboration will be key,” said IBM fellow Ray Harishankar in the announcement.
Quantum computing vs. cryptocurrency
The PQCA’s mission takes on heightened urgency given the continued growth and institutional acceptance of cryptocurrencies like Bitcoin, which rely heavily on cryptographic security to authenticate transactions on their decentralized networks.
Research suggests Bitcoin’s encryption would remain largely impervious to quantum brute-force attacks in the near term, with University of Sussex calculations indicating cracking complex cryptographic keys would require quantum computers millions of times more advanced than existing systems.
However, experts believe sufficiently powerful quantum computers could emerge within the next decade. The Linux Foundation initiative indicates IT infrastructure as a whole remains ill-prepared for this prospective cryptographic upheaval.
“The necessary conversion to post-quantum cryptography represents one of the largest and most complex technology migrations in the digital era,” said Jon Felten, a senior director at Cisco, another member of the alliance.
The alliance builds on years of research into quantum-resistant cryptography, much of it originating from the University of Waterloo, home to the Institute for Quantum Computing and the birthplace of the PQCA’s first hosted project, Open Quantum Safe.
"The important work of [University of Waterloo researchers] Michele Mosca and Douglas Stebila since starting the open-source project a decade ago will greatly impact post-quantum technologies and the security of data for industry and customers,” said Norbert Lütkenhaus, executive director of the Institute for Quantum Computing.
Edited by Ryan Ozawa.