Separating the Quantum Computing Hype From the RealityWells Fargo Bank's Peter Bordow on the State of Quantum Computing, What to Expect Steve King (@sking1145) • July 19, 2022 29 Minutes
Future quantum computers will decrypt encrypted data, so businesses feel pressure to find quantum-resistant security solutions for data transmission. "We know there's a set of really good algorithms out there for breaking asymmetric encryption," says Peter Bordow of Wells Fargo Bank, "but what we don't know is what hasn't been developed yet."
Bordow estimates it will take five to eight years for a "production-ready" quantum platform to exist, depending on the use case. "Software-based, robust security solutions will always be part of the solution," he says, "but ... quantum mechanical solutions will put the icing on the cake ... reducing attack vectors significantly, if we can perfect quantum key distribution."
"Quantum computing platforms," Bordow says, "give us the ability to generate true randomness, true entropy, where there's no noise or interference within the system, that can be used to reverse-engineer or facilitate better brute force attacks against random numbers, determining random seeds and so on."
In this episode of "Cybersecurity Unplugged," Bordow also discusses:
- The philosophy of "Harvest now, decrypt later";
- The hardware and software approaches to quantum security;
- The implications of privacy-enhancing technologies, or PET.
Bordow is the senior vice president, principal architect and head of quantum systems and emerging technology for information and cybersecurity at Wells Fargo Bank. Before Wells Fargo, he spent 20 years in and around the information technology and cybersecurity business.
Bordow's statements in this interview reflect his personal opinions and not the opinions or official position of Wells Fargo Bank.
Anna Delaney: Welcome to Cybersecurity Unplugged, the CyberTheory podcast where we explore issues that matter in the world of cybersecurity.
Steve King: Good day, everyone. I'm Steve King, director of cybersecurity advisory services at CyberTheory. Today's episode will explore the current state of quantum computing and see if we can separate the hype from the reality. With me to explore the topic is Peter Bordow, senior vice president and principal architect, and head of quantum systems and emerging technology for information and cybersecurity at Wells Fargo Bank. Anything that Peter tells us today is his opinion and not the opinion or official position of Wells Fargo Bank. Before Wells, Peter spent 20 years in and around the information technology and cybersecurity business, and also managed to compose and play Blues, which earned him a Golden Music Award — Blues Artists of the Year back in 2000. Peter studied film scoring, arranging and composition at the Berklee College of Music, which may or may not have led to his interest in quantum. It seemed like that worked pretty well for some guys named Heisenberg, Einstein and Planck. But far be it for me to know that. Welcome, Peter. I'm glad you could join us today.
Peter Bordow: Thanks, Steve. It's my pleasure and honor to be here with you.
King: Thank you. Let's talk about quantum, particularly the 'harvest now, decrypt later' idea. 'Harvest now, decrypt later' is a pressing concern at the moment. We've got criminals, bad guys and nation states stealing personal data and company IP, knowing that future quantum computers will be able to decrypt any of that encrypted content. Businesses are already being urged to switch to some form of quantum proof security for data transmissions. I don't know what that would be, but maybe it'll help shed some light on that. How are we dealing with this? When do you think that capability will exist?
Bordow: ‘Harvest now, decrypt later' is an emerging hot topic in many industries, especially financial industry. I think you phrased it pretty well. Quantum computing platforms today are not cryptographically relevant, per se, but we know they will be. That doesn't stop bad actors, states or nation states from actively capturing encrypted data today that stayed in motion, mainly through rerouting of internet traffic. With the anticipation, that know that they will one day be able to decrypt that information. A lot of this is around shelf life of data value. In the financial industry, there's a long runway, if you will, of data shelf life. In some circumstances, things like mortgage information or personal information, like your name and address, phone number, ethnicity, and so on can be relevant for as many as 30 years. Those things are timeless. They're valuable in perpetuity. There is a lot of concern today about what to do about that. There's a number of different strategies that entities are taking today to help protect and safeguard against that eventuality. I'm sure you're aware that the National Institute of Standards and Technology (NIST) in Colorado has been working over the last few years on testing and validating a number of cryptographic algorithms that are quantum resistant. We don't say quantum proof in the field because there's no such thing as "proof" in security. But mathematically, we've shown that these new algorithms are very resistant to the known landscape of quantum attacks and in the world of what we know will be a threat. There are some steps that organizations can take today to make their current encryption and public key infrastructure more robust. The real concern is what we don't know, we don't know. In the world of quantum algorithms, we know that there's a set of good algorithms out there for breaking asymmetric encryption. But what we don't know is what hasn't been developed yet. If you look at the landscape of algorithms on classical platforms, there's tens of thousands of algorithms of every flavor and variety. But in the quantum world, there's only a handful of well-established algorithms that are available today. There's an enormous ecosystem of algorithmic solutions on quantum machines that have not been developed. We're always concerned about what we don't know that we don't know quite yet.
King: In terms of quantum computing hype versus reality, what is your assessment of the current state of our quantum programs in the United States? How far ahead do you think China is? What's the global impact when China gets there first?
Bordow: Great questions. A little context here: IBM, one of the most well-known developers of quantum computing platforms, has had a cloud-based solution available for seven years now, I believe. There's been a lot of iterations. They've gone from a handful of qubits - the quantum equivalent of a digital bit - up to now they've announced over 100. I think, 127 is the latest platform with plans or designs on releasing 1000-qubit machine in the next 12 months or so, according to their public roadmaps. But the reality is that these quantum platforms are not ready for primetime quite yet. It almost sounds like a broken record when you say anytime now, but it is anytime now, in terms of what that date will be, when quantum platforms become "production ready." I think you'll get a good variety of answers. We'd like to say when you ask an engineer and architect a question, you'll get at least two or three different answers. My personal opinion after looking at the landscape over the last seven years, knowing and experiencing 30 years of IT development in hardware systems, I'm going to say a good bet is about five to eight years before some production-ready platforms are available. There's a lot to that. But I think it depends on the use case. If you're trying to crack or factor prime numbers for a cryptographic algorithm, that's one thing. But if you're trying to do chemical simulations, or if you're doing optimized search operations, or even if you're doing anomaly detection, or potentially applying for privacy-enhancing technologies, that landscape might be quite a bit shorter. It all depends on the number of usable qubits that you need to perform any particular use case. It's not an easy answer. But I would say that it's an exciting time. We've all got our eye on the short-term horizon for these developments. Next year, 1000-qubit machines will be becoming quite common. Who knows, the year after that it might be 10,000-qubit machines, and then 100,000-qubit machines, and then we get into some exciting space, in terms of bad actors or bad actor nations. As you can imagine, it is difficult to get a thorough and accurate assessment of the state-of-art Chinese efforts to develop quantum platforms. As a closed society, we don't have good visibility into reality. All we know is from headlines and press releases, which would indicate that they are on par with the rest of the quantum technology community, in quantum communications, quantum security and quantum computing. But again, you don't know what you don't know. We always have a heightened sense of awareness and alert for signs that would indicate that there's great advancements on that other side. In terms of the threat, though, we'd like to think that any productive developments in the quantum technology community would benefit the whole community. There's a profound sense of information sharing and collaboration. That's even across international lines. The community is very robust in their cooperation in exchanging information and publishing papers. As the old expression goes, we may not all be in the same boat, but we're all rising to the same tide. I think there's a lot of incentive for international communities to continue working together. Hopefully this will all shake out in the next 5 to 10 years and we'll all be one happy global community in the tech industry. We'll see how it goes.
King: Alright. I'll buy that. In terms of algorithms and quantum mechanics principles, there seems to be two camps in quantum. The first is the hardware-based approach - the QKD - quantum key distribution, which I think uses fundamental quantum mechanics principles to facilitate secure communication. The second is a software approach, post-quantum cryptography based on algorithms that, unlike RSA, are not based upon factoring a large semi-prime number. In the future, large primes will be breakable by high performance quantum computers. In your opinion, which is the preferred approach? Or will we continue to use both?
Bordow: I think we will be best served by the multi-layer model that we often use in information security. I think there are advantages to the algorithmic approach or the software approach of more robust algorithms and key lengths. But I don't think that's the silver bullet. This again goes back to what we don't know that we don't know yet. There's a lot of mathematical theory and proofs around what is the magic number for key length? Or what is the magic formula for developing asymmetric encryption. But that's a moving target. I think while it's logistically easier to implement these algorithmic and software-based solutions in the existing infrastructure and enterprises, in the long term we're looking at a layered approach. I think software-based robust security solutions will always be part of the solution. But I think quantum mechanical solutions will put the icing on the cake, if you will. That's going to be your more secure blast radius - reducing attack vectors significantly. If we can perfect quantum key distribution and there are a couple of different flavors of that too, like there are some mildly complex schemes where you're transmitting photons across a fiber optic cable. Photon loss, which is caused by Eve in the man-in-the-middle attacks are calculated and detected. These are very well understood protocols, and easily implementable. There are some off-the-shelf products today that you can buy and put into use. I think more exotic solutions, where you've got entanglement-based authentication methods that are still being developed. But I think they're going to be a key aspect of the overall ecosystem. I think, eventually, we're going to end up in a hybrid environment, from mobile devices to desktop devices, to data center applications, and especially with satellite communications as well. I think we're going to see a multi-layered multi-faceted approach.
King: It's hard for me to imagine all of this going on at the satellite communication level. Isn't that instability, which you just referred to, part of the barrier to figuring out how to get this stuff to work?
Bordow: Like any technology, there are early days, there are maturity days and then there's production days. If you scan the headlines, you'll see that there have been quite a few press releases and announcements about successful ground to satellite-based QKD implementations. To the best of my knowledge, none of these are in production today. But there's a large community hard at work here. And that's government research, academic research, private industry research, and in many cases, partnerships, among those entities that are working hard to make that a reality. I think, we're not too far away. My personal opinion is, we're probably two to three years away from a production to QKD system that leverages satellite communications.
King: That's pretty impressive.
Bordow: Keep in mind that quantum key distribution is a security layer for exchanging keys. The keys are still vulnerable. There's always going to be attack vectors that you haven't considered. That's like one of the organic rules of nature. It's not the panacea. It's not the silver bullet. It's not the end all, be all solution. I think there's a long row to hoe here.
King: I'm sure that's true. Talk to me about the whole privacy-enhancing technology business or PET that we see huge adoption in digital services that depend on data. New technical approaches to preserving privacy and confidentiality was policy evolution. Can you help our audience understand what a PET is and how it can be helpful in every regard?
Bordow: Privacy-enhancing technologies is an umbrella term that relate to a family of privacy enhancing technologies as the same would apply. We're talking about things like homomorphic encryption, where you can perform mathematical operations on encrypted data without having to decrypt them. This is an interesting field, a lot of mathematics involved behind all of this. A little out of my specialty area. There is differential privacy, where datasets are obfuscated by removing any data elements that would give an attacker the ability to reverse engineer a whole dataset. In other words, if we take customer profiles, and we apply differential privacy to that dataset, no one would be able to use any of the obfuscated fields to be able to determine what the real data elements are. In a lot of these schemes, there are key mathematical principles that rely on randomness, entropy, if you will. In the information security profession, and in the field, we have for a long time relied mainly on what we call pseudo random number generation. We can generate randomness, with what has been an acceptable level of entropy. But quantum computing platforms give us the ability to generate true randomness, true entropy, where there's no noise or interference within the system, that can be used to reverse engineer or facilitate better brute force attacks against random numbers, determining random seeds, etc. I think there's going to be some interesting research, and there probably is today. There's some papers out there that you can search on archive that talk about the application of true quantum entropy to these privacy-enhancing technologies to make them even more secure, especially when you consider things like multi-party computing, confidential computing and a number of the other approaches. It's an interesting convergence of the two fields together.
King: My understanding of quantum is paper thin, but it looks like the environmental issues are going to be difficult challenges. The whole entanglement business is or however you want to consider the instability of the systems; it’s a big problem that hasn't been solved yet. Can you give us an update on where that's at from an entanglement point of view?
Bordow: When we talk about system stability, qubit stability and decoherence times and other things, it's important to note that different modalities, different hardware or engineering approaches to qubits have different performance characteristics. The most popular one or the most well-known one is what we call superconducting qubits. That's the basis for IBM's machine. It's the basis for Google's machine and for Getty's machine. Very common. There are very short coherence times, which is not getting too technical. Coherence times is essentially the window that you have to perform whatever operation you want to perform on the quantum platform. Those times are short right now on those platforms. But there's a lot of interesting work being done in photonics using photons as qubits, as opposed to electrons or even in cold atom technology. There are a couple of companies out there that super cool individual atoms using lasers, and they can get much better coherence times. There's often tradeoffs. There's gate fidelity, coherence and a lot of different parameters associated with the overall usability or efficiency or stability of a qubit. While your entanglement times are a bit longer, perhaps your noise or interference coefficients are higher, or vice versa. I think there's no clear declared winner yet in this space. But there's certainly the equivalent of an arms race, which makes it interesting. Every few weeks, if you keep a close eye out, you'll see announcements and things like extending coherence times, or even software and hardware-based error correction on qubits. It's hard. At this point, it's determined a front runner, or even a potential winner in the space. But they are working hard on addressing the problem.
King: But until like it solves, we won't be able to have a practical quantum-based solution of a computer essentially that we can use for anything and with reliability.
Bordow: It's a hard question to answer because there's so many variables. It's like standing in a control room tweaking different knobs. What's your circuit depth for your algorithm? How efficient is your algorithm? How many qubits do you need to perform your operation? And then how long do you need the stability of those qubits to survive to complete the various sequential operations? How long is the circuit setup time? If you can make your algorithms more efficient, that's one approach. If you can make the hardware platforms more stable, that's another approach. By twisting these knobs and moving these levers, there will eventually be a sweet spot where we can be more productive in the intersection of engineering and software.
King: Is IBM leading in your estimation, and leading the way in that regard today?
Bordow: That's a hard question to answer. If you ask IBM, they'll say yes. If you ask Rigetti, they'll say no. If you ask D-Wave or other platform developers, they'll say no. It all depends on the eye of the beholder and where you're standing and what your use case applications are.
King: Didn't they do the breakthrough, though, in terms of decrypting or the ability to manipulate encrypted data?
Bordow: The homomorphic encryption?
Bordow: Separate from quantum platforms, IBM has been an effective pioneer in fully homomorphic encryption. We don't want to mischaracterize this, that's still a field that has a long way to go. There are a lot of restrictions on what operations you can perform on this encrypted data, very simple arithmetic functions today. But IBM has been one of the leaders in that space, you can just look at the headlines and look at the papers that they've published. But there's a long way to go in that area. Before I got involved professionally, in the quantum technology space, I was a hobbyist. IBM was one of the very first folks to put out a publicly accessible platform, where Joe Yerdon could create an account, login, and go through some fundamental tutorials on what a qubit is, how to manipulate the fundamental logic gates on their platform, and then begin to write some real fundamental algorithms. They were doing that five years ago, or maybe even longer. It's not always the first to market that will be the eventual leader. But it is the first to market that gets all of the notoriety, the hype, the reputation and rides that momentum to help motivate the rest of the industry. IBM has done a lot of things very well and they've done a lot of things not so well. But they've always been at the forefront. You have to give credit where credit is due, that's for sure.
King: To give us a little bit of context, when we talk about slowing these functions down, what are you talking about in terms of timing? For example, on whatever you're using - atoms or photons. If you're going to slow that down, what are we talking about in terms of slowing it down to what?
Bordow: That's a good question. I'm not going to try and rely on my aging memory for exact values here. But I can tell you that there's orders of magnitude and difference between the coherence times on a superconducting platform. This may be off base. Big disclaimer here. But I think we're talking a handful of microseconds, I think somewhere 10 to 15 microseconds, and I'm sure there's going to be listeners out there already Googling, checking my numbers here. Don't rely on what I say. Go ahead and Google this. But in other platforms, like photonic platforms or cold atom technology, you can get a 10 or greater fold increase in coherence times, which is enough to run a handful of operations. You can't run 1000 lines of code like you can on a traditional machine. But we're getting there little by little.
King: Yet, you're still talking about 1000-fold increase in overall speed of operations. It's pretty amazing what we're doing there actually. It's Star Wars-like stuff. Good for you. I'm glad. It must be a fun job up there at Wells.
Bordow: I have the coolest job in the world and I work with the coolest people in the world. I am so privileged to work with the folks that I do. At Wells and in this industry. I've been around the block for a long time and the level of collaboration and cooperation in this industry is staggering. It's a lot of fun and I'm privileged to be here.
King: I wish that were true on the cybersecurity side of the fence as well. But we have ways to go in that regard for whatever reason there. I think there's some personality and ego involved. I still have a final question that is back to Blues guitar. Do you still play and record? Or is that a thing of the past?
Bordow: I've taken a bit of a hiatus. Work has been time consuming the last couple of years. I have been working on my next album release, the working title is Net Prophet. It's a play on words. I've got a third of the album down. As you may or may not know, I get paid not to sing so part of the challenge is finding good vocalists to match my aggressive, if not brutal and belligerent, guitar style. Always on the lookout for good vocalist.
King: That's great. Peter, we only scratched the surface here so I'm going to bring you back, if I can, in about three or four months and dive a little deeper. But it was great talking with you. As you say, you do have an incredibly perfect job up there. I'm glad that you have it and you're enjoying it. Thanks for taking the time out today to share with our audience a little bit about quantum computing. It's always a mystery for most folks.
Bordow: Always happy to jump on a call with you, Steve. It's been a pleasure; very enjoyable conversation. Happy to come back.
King: Alright, great. Thanks, Peter, and thank you to our audience for spending another 30 minutes with us today. Hope you enjoyed it, and we'll see you next time.
Delaney: Thank you for joining us for another episode of Cybersecurity Unplugged. You can connect with us on LinkedIn or Facebook at CyberTheory, or send us an email at firstname.lastname@example.org. For more information about the podcast, visit cybertheory.io/podcast. Until next week. Thanks again.