※ Research Think Tank on Information Society Policy ※※ A Barometer of Cutting-edge Information and Communication Technology ※
Author Introduction
LAI Junsen
Senior Engineer and Director of Optical Network Technology and Application Research Department, Technology and Standards Research Institute, China Academy of Information and Communications Technology, with primary research areas including quantum information, quantum communication, and quantum computing.
ZHAO Wenyu
Senior Engineer and Deputy Director of the Technology and Standards Research Institute, China Academy of Information and Communications Technology, focusing on high-speed optical communication, optical module devices, and quantum information.
ZHANG Haiyi
Senior Engineer and Director of the Technology and Standards Research Institute, China Academy of Information and Communications Technology, specializing in high-speed optical communication, quantum information, and network artificial intelligence.
Reference Format:
LAI Junsen, ZHAO Wenyu, ZHANG Haiyi. Analysis of Information Security Threats for Quantum Computing and Countermeasures [J]. Information and Communication Technology and Policy, 2024, 50(7): 24-29.
Analysis of Information Security Threats for Quantum Computing and Countermeasures
LAI Junsen ZHAO Wenyu ZHANG Haiyi
(Technology and Standards Research Institute, China Academy of Information and Communications Technology, Beijing 100191)
Abstract: Quantum computing has been theoretically proven to possess public key cryptography cracking capabilities that far exceed those of classical computing. In recent years, the rapid development of quantum computing has triggered information security threats to public key cryptography, becoming a focal point for global information security management institutions and the ICT industry. This paper analyzes the information security threats and impacts of quantum computing, explores the technical advantages and disadvantages of the two main countermeasures, namely, Post-Quantum Cryptography (PQC) and Quantum Key Distribution (QKD), and proposes development recommendations to address these threats.
Keywords: Quantum Computing; Information Security; Post-Quantum Cryptography; Quantum Key Distribution
0 Introduction
Quantum computing is expected to bring about a paradigm shift in computing and a leap in computational power, becoming a significant driving force for empowering the digital economy and accelerating the development of the information industry. However, it may also trigger information security threats by rapidly solving the underlying mathematical problems of cryptography. Currently, rapid advancements in technology and engineering research in quantum computing have raised significant concerns in the global information security industry regarding the risks of cryptography cracking. Post-Quantum Cryptography (PQC) offers new public key cryptographic algorithms by upgrading underlying mathematical problems, while Quantum Key Distribution (QKD) provides symmetric key sharing based on the principles of quantum physics. Both are the main solutions to address the information security threats posed by quantum computing.
1 Information Security Threats and Impacts of Quantum Computing
1.1 The Ripple Effect of Quantum Computing in Cracking Cryptography
Cryptography is a crucial cornerstone for ensuring the information security of cyberspace and maintaining the digital trust system, playing an irreplaceable role in ensuring the “authenticity” of physical identities, the “confidentiality” and “integrity” of data transmission, and the “non-repudiation” of critical actions. For symmetric encryption algorithms, such as the Advanced Encryption Standard (AES) and SM4.0 block cipher standard, quantum computers capable of effectively running Grover’s algorithm can enhance the efficiency of ciphertext cracking to some extent. However, the industry believes that increasing the length of symmetric keys can effectively counter this security threat[1]. For asymmetric encryption algorithms, such as RSA and Elliptic Curve Cryptography (ECC), quantum computers that can effectively run Shor’s algorithm can quickly solve underlying mathematical problems like prime factorization and discrete logarithms, thereby cracking public key cryptography and severely impacting various encryption applications such as key exchange, digital signatures, and identity authentication[2].
The ability of quantum computing to crack public key cryptography poses a ripple effect on network information security risks, potentially causing destructive threats to the digital trust system in cyberspace, disrupting the normal operation of political, economic, and social order, and posing a retrospective threat of “first intercept, then crack” to sensitive information that requires long-term confidentiality[3]. For instance, if digital certificates from internet service providers and government information websites are compromised, it could lead to large-scale user information leaks, website hijacking, and the spread of harmful information, posing political and social risks. If the monitoring and control information of critical infrastructure such as energy, electricity, and transportation is tampered with, it could result in significant safety incidents such as facility paralysis, destruction, and loss of life and property. If electronic certification systems in finance and healthcare are compromised, it could lead to forged contracts, policies, electronic medical records, and other risks threatening financial order and economic operations.
1.2 Rapid Development of Quantum Computing and Increasing Security Threats
The RAND Corporation in the United States has predicted that quantum computers capable of cracking cryptography will emerge around 2033[4]. Current quantum computing prototypes still have a significant gap in key performance indicators such as qubit scale, coherence time, gate fidelity, measurement accuracy, and quantum volume before they can effectively run Shor’s algorithm and crack public key cryptography. However, it is important to note that, on one hand, major countries and tech giants around the world are maintaining high-intensity R&D investments in the field of quantum computing, with continuous breakthroughs in scientific and engineering research, rapid increases in qubit scale using superconducting, ion trap, and neutral atom technology routes, and ongoing breakthroughs in quantum error correction experimental research, indicating an accelerating trend in quantum computing development[5]. On the other hand, research on quantum algorithms for cracking cryptography is also deepening. In September 2023, Oded Regev from New York University proposed an optimized version of Shor’s algorithm, improving the efficiency of prime factorization calculations and reducing the hardware resource requirements for logical qubits, marking the most significant improvement since the introduction of Shor’s algorithm[6]. In October 2023, Seyoon Ragavan and Vinod Vaikuntanathan from MIT optimized the Regev algorithm, maintaining the number of operations while further reducing the resource requirements for logical qubits, significantly enhancing the feasibility of quantum prime factorization algorithms. Overall, the rapid enhancement of hardware capabilities in quantum computing prototypes, combined with the continuous optimization of the efficiency and feasibility of cracking algorithms, may lead to the imminent arrival of information security threats from quantum computing cracking public key cryptography.
2 Progress in PQC Research and Applications
2.1 Europe and America Have Accumulated Nearly Thirty Years of Research in PQC
Since the emergence of Shor’s algorithm in 1994, the theoretical feasibility of quantum computing cracking public key cryptography has prompted a swift response from the cryptographic community in Europe and America to research countermeasures. In 1996, the concept of PQC and algorithms such as lattice encryption were proposed, leading to extensive research in foundational theory, algorithm design, and cryptanalysis over the following two decades[2]. PQC upgrades the underlying mathematical problems by addressing the computational parallelism advantages brought by quantum state superposition and entanglement in quantum computing, designing new encryption algorithms that are resistant to known quantum computing attacks. The underlying mathematical problems of typical PQC algorithms such as lattice encryption and hash signatures have been theoretically proven to be secure against quantum computing attacks, gaining validation in the cryptographic community. In the past decade, with the acceleration of quantum computing development, the real threat of public key cryptography cracking has become more urgent, prompting Europe and America to expedite the development of PQC. The National Institute of Standards and Technology (NIST) in the United States, as the standard-setting body for existing public key cryptography, has placed high importance on the security threats posed by quantum computing. Since 2006, it has organized international seminars, established research project teams, and collaborated with the global cryptographic community to advance PQC research. The European Telecommunications Standards Institute has published over ten research, evaluation, and guidance reports in the field of post-quantum cryptography and has organized technical testing and demonstration applications[8]. Canada has established a testing platform for post-quantum cryptography to conduct integrated testing of various algorithms and protocols. After more than twenty years of research and validation, PQC algorithms and technologies represented by lattice encryption and hash signatures have reached a preliminary level of maturity and practical capability. In contrast, research on PQC algorithms, security assessments, and standard development in China started relatively late, with a weaker technical research foundation.
2.2 NIST Leads PQC Standardization and Achieves Preliminary Results
NIST officially launched a global solicitation and evaluation process for PQC algorithms in December 2016, which took 7 years and went through three stages: algorithm solicitation, algorithm evaluation, and standard formulation. In August 2023, NIST selected the Kyber, Dilithium, Sphincs+, and Falcon algorithms from 82 candidate algorithms submitted by 25 countries worldwide as the first batch of PQC algorithm standard solutions for next-generation public key encryption and digital signature applications. Draft standards for the Kyber, Sphincs+, and Dilithium algorithms were published in 2023[9], while the draft standard for the Falcon algorithm is expected to be released in 2024. Among the first four PQC algorithm standard options, the industry recognizes the Kyber and Dilithium algorithms based on lattice encryption for their leading encryption security, key size, and operational speed, making them the preferred choice for most encryption application scenarios. The Falcon algorithm, also based on lattice encryption, can be used for digital signatures, offering smaller signature sizes and overall better performance, but with higher implementation complexity, making it primarily suitable for encryption scenarios with abundant hardware resources. To avoid complete reliance on the security of lattice encryption algorithms, NIST also selected the Sphincs+ digital signature algorithm based on hash algorithms, although its signature size is large and operational speed is slow, it is expected to serve as a supplementary solution for digital signature applications. Additionally, NIST continues to organize a new round of solicitations for PQC digital signature algorithms, and may choose other PQC algorithm solutions for standardization in the future.
2.3 The U.S. Accelerates PQC Migration and Application
With the preliminary establishment of PQC algorithm standardization, the U.S. has begun to accelerate PQC migration, with tech giants leading the way in launching PQC encryption application products and services. The U.S. government has issued multiple executive orders and bills to establish the important position of PQC migration, forming a “comprehensive approach” to promote the implementation of migration through clear strategic goals, funding support, and implementation plans. In May 2022, President Biden signed a national security memorandum requiring all U.S. departments to complete post-quantum cryptography migration by 2035. In December 2022, the U.S. Quantum Computing Cybersecurity Preparedness Act came into effect, aimed at promoting the migration of government information systems to PQC. In August 2023, the National Security Agency (NSA) and NIST jointly released “Quantum Preparedness: Transitioning to Post-Quantum Cryptography,” providing overall guidance for the industry to carry out PQC migration work. In September 2023, the National Cyber Security Center of the U.S. launched the “Post-Quantum Cryptography Migration Project,” clarifying the migration workflow and recommending 28 PQC technology product and service providers, including IBM, Amazon, and Cisco. With the support of the U.S. government, tech giants such as Google and Apple have begun to introduce post-quantum cryptography products and applications. In August 2023, Google announced that its Chrome browser would begin supporting PQC encryption services to protect secure communication between clients and servers. In February 2024, Apple plans to upgrade the security of its iMessage communication platform using PQC technology based on lattice encryption. In March 2024, Advanced Micro Devices (AMD) launched the Spartan UltraScale+ FPGA SoC product supporting PQC algorithms. In the initial stage of PQC upgrade migration and application, encryption application vendors generally adopt a hybrid encryption model of “dual locks, double insurance” using both traditional public key encryption algorithms and PQC algorithms, gradually transitioning to a mode that exclusively uses PQC algorithms.
3 Prospects for PQC Application Development
3.1 The Security of PQC Algorithms and Applications Needs Further Validation
Although PQC research has continued for nearly thirty years and has achieved preliminary progress in algorithm evaluation and standardization, there are still concerns in the industry about whether existing PQC algorithms can completely resist quantum computing attacks due to insufficient research on quantum computing hardware and cracking algorithms. During the PQC algorithm standardization process, NIST has chosen multiple algorithm options, continuously conducting solicitations and evaluations, considering both flexibility for different application scenarios and security concerns of “not putting all eggs in one basket.” Evaluating and validating the security of PQC algorithms will be an ongoing task throughout the lifecycle of PQC migration and application. In 2024, Chen Yilai[11] proposed a quantum algorithm to crack lattice encryption. Bambury and Nguyen[12] proposed a quantum-inspired algorithm that could weaken the complexity of the N-th truncated polynomial ring structure in lattice encryption. Although the effectiveness of these attack algorithms still requires in-depth evaluation and validation by the cryptographic community, the challenges they pose to the security of PQC algorithms have drawn significant attention from the industry.
3.2 International Standards for PQC Algorithms Will Continue to Be Developed
The International Organization for Standardization/International Electrotechnical Commission Joint Technical Committee 1 (ISO/IEC JTC1) Information Security Working Group (SC27) published a PQC research report SD8 in May 2020, summarizing various PQC algorithm options[13]. Currently, there are two main PQC international standards being developed by ISO/IEC JTC1: one proposed by Germany in April 2022 to supplement the existing international standard ISO/IEC 18033-2:2006/WD Amd 2 with PQC algorithms such as Frodo, Classic McEliece, and Kyber, which is currently in the working draft stage; the other proposed by Japan in October 2023, adopting a lattice-based encryption algorithm, which is currently in the preliminary research stage. Among them, the Frodo algorithm employs structured lattice encryption, providing more reliable security, but with poorer key and computational performance, suitable for high-security scenarios requiring long-term confidentiality. The Classic McEliece algorithm constructs key encapsulation based on error-correcting code schemes, having certain advantages in security, but with a large public key and slow key generation speed, it may excel in application scenarios that do not require frequent public key transmission. Notably, PQC algorithms such as Frodo, Classic McEliece, and NTRU, promoted by countries including Germany, the Netherlands, and Japan, have not been selected as NIST’s PQC algorithm standards due to their poorer performance and complex implementation. However, considering the need to maintain the independence and application security of PQC technology, various countries are actively promoting them to become international standards.
3.3 Upgrading PQC Migration is a Long-term Systematic Project
For PQC technology to transition from algorithm standards to product applications, extensive research and development, testing, verification, and updates are required to clarify key, ciphertext, and signature parameter settings, as well as computational processing and fault handling capabilities to complete adaptation and upgrades with target system architectures and environments. Conducting PQC upgrade migration is a complex system engineering project, which can generally be divided into three main phases: migration requirements analysis, upgrade plan formulation, and demonstration application promotion. First, the PQC migration requirements analysis includes clarifying the PQC upgrade requirements and migration checklist for information system standards, hardware and software modules, key management software, and code, analyzing algorithm performance, bandwidth, storage, and other technical requirements based on the checklist, and studying algorithm replacement and compensation plans. Second, the PQC migration plan formulation requires analyzing different information system security lifecycles and migration priorities based on the requirements checklist, and formulating specific migration implementation plans for different systems, establishing demonstration application projects, and providing technical product support and migration guidance for information system users. Finally, based on the effectiveness and issues of PQC upgrade migration in key industry sectors, gradually promote the migration of information security systems in other related industries, completing the overall upgrade of PQC across various sectors.
4 Analysis of the Advantages and Disadvantages of QKD Technology
4.1 QKD Can Enhance the Security of Symmetric Encryption
QKD enables the sharing of secure keys with theoretical security proof between the sender and receiver through the preparation, transmission, and measurement of quantum states of single photons or optical field regular components, combined with classical communication and identity authentication-assisted protocol post-processing. The keys generated by QKD can be combined with symmetric encryption algorithms like AES and SM4 for information encryption transmission, also known as quantum secure communication. The main advantages of quantum secure communication are: on one hand, the symmetric keys generated by QKD are guaranteed in security by physical principles, and the key distribution process is not susceptible to threats from quantum computing cracking; on the other hand, using QKD keys can enhance the session key update rate in symmetric encryption algorithms. By increasing the session key length in symmetric encryption algorithms and improving the key update rate, the overall security of ciphertext in quantum secure communication systems can be enhanced when facing quantum computing attacks. For dedicated network scenarios with metropolitan point-to-point optical fiber connections, QKD can be used to generate symmetric keys, authenticate identities based on pre-shared keys, and use a bit-by-bit encryption method with one-time pads to generate ciphertext, providing a higher security level for quantum encryption applications.
4.2 QKD Technology Applications Still Face Issues and Challenges
The practical and engineering levels of QKD technology need improvement, and the real security of systems and networks still requires validation, with further exploration needed for effective integration with Information and Communications Technology (ICT) systems and networks. First, the key generation rate and single-segment fiber transmission distance of commercial QKD systems still have significant room for improvement, and new protocol QKD systems such as measurement-device-independent and twin-field are still in the research and experimental exploration stages, far from practical use. The QKD systems, which rely on the transmission of extremely weak optical signals to generate keys and ensure security, pose fundamental challenges to improving the engineering level of systems and the robustness and reliability of deployment and operation. Second, the actual performance of QKD system components may not fully match the assumptions in theoretical protocol security proofs, necessitating research on attack defenses and relevant validation. Since quantum relay technology is not yet mature, large-scale QKD networking over long distances requires relying on “trusted relay” nodes for key storage and forwarding, which loses the quantum physical characteristics and undermines the security advantages of QKD keys. Finally, QKD technology only provides symmetric key generation functionality and is not a complete end-to-end encryption solution, requiring dedicated hardware systems and optical fiber resources for use. For most encryption application scenarios, the costs of system deployment and operation are often prohibitively high compared to the services and security benefits offered by QKD technology, making it difficult for users to accept, thus limiting market scale and industrial development. The integration deployment plans of QKD systems with ICT systems and networks, as well as encryption application scenarios, also require further exploration and development by the industry.
5 Recommendations for Countermeasures in China
Quantum computing is a major disruptive innovation that leads the direction of future technological revolutions and industrial changes. Accelerating the development and application of quantum computing has become a common consensus among major countries around the world. While leveraging the computational advantages of quantum computing to empower economic and social development, addressing the information security threats that may arise from quantum computing cracking public key cryptography is also a common concern and effort direction for information and communication authorities and industries worldwide.
Recommendations for China to address information security threats from quantum computing include the following aspects.
First, it is crucial to pay close attention to the development trends of quantum computing cracking public key cryptography, conducting research on information security threats and risk assessments, particularly focusing on the potential retrospective threats of “first intercept, then crack” to sensitive information requiring long-term confidentiality, as well as the destructive threats to government information systems, public internet platforms, critical infrastructure networks, and significant information systems in finance and healthcare, along with the digital trust system in cyberspace.
Second, accelerate the research, security assessment, and standard development of PQC algorithms, master PQC technology products and solutions, and actively participate in international standard research on PQC, contributing Chinese algorithm solutions. Organize testing and validation of PQC technology products and pilot applications, and develop upgrade work plans for PQC in different industry sectors, steadily promoting PQC applications and migration.
Third, based on China’s practical foundation of QKD technology development and application, further strengthen R&D efforts on QKD technology and product engineering, enhance system performance metrics and real security, reduce application deployment and operational difficulties and costs, and open market development space by improving product quality and reducing costs, while deepening exploration of effective solutions for the integration deployment of QKD with ICT systems and networks.
Fourth, conduct research on the technological integration and application fusion of PQC and QKD to form a comprehensive quantum information security solution that leverages the strengths of both technologies and adapts to different application scenarios, addressing development shortcomings and building competitive advantages, thus establishing a systematic solution to counter future information security threats from quantum computing.
6 Conclusion
With the rapid development of quantum computing, the security risks of existing public key cryptography systems are increasing day by day, and addressing the information security threats posed by quantum computing has become one of the critical issues that cannot be ignored in the field of network information security. By developing new types of mathematically difficult problems and constructing new public key cryptographic algorithms resistant to quantum computing attacks, also known as post-quantum cryptography, is the mainstream solution to counter the information security threats posed by quantum computing in most application scenarios, including digital signatures, identity authentication, and key exchange. Exploring quantum secure communication applications based on quantum key distribution in high-security demand private networks is expected to provide a beneficial supplement to counter information security threats from quantum computing. Forming a complementary application of post-quantum cryptography and quantum key distribution is likely to become the future development trend in addressing information security threats from quantum computing.
Analysis of information security threats for quantum computing and countermeasures
LAI Junsen, ZHAO Wenyu, ZHANG Haiyi
(Technology and Standards Research Institute, China Academy of Information and Communications Technology,Beijing 100191, China)
Abstract: Quantum computing has been theoretically proven to have a public key cryptography cracking capability that far exceeds that of classical computing. In recent years, the rapid development of quantum computing has triggered the information security threat of public key cryptography, which has become raising concern for the global information security authorities and the Information and Communications Technology (ICT) industries. This paper first analyzes the information security threats and impacts of quantum computing. Then, it discusses the technical characteristics and application trends of the two main countermeasures, namely, post quantum cryptography (PQC) and quantum key distribution (QKD). Finally, it puts forward the development suggestions for dealing with the information security threats of quantum computing.
Keywords: quantum computing; information security; PQC; QKD

This article was published in Information and Communication Technology and Policy 2024, Issue 7

Organized by: China Academy of Information and Communications Technology
Information and Communication Technology and Policy is a professional academic journal sponsored by the Ministry of Industry and Information Technology and the China Academy of Information and Communications Technology. The journal focuses on information communication technology trends, public policy, national/industry/business strategies, and publishes cutting-edge research results, analysis of focal issues, interpretation of hot policies, etc., promoting the innovation and development of technologies and industries such as 5G, industrial internet, digital economy, artificial intelligence, big data, and cloud computing, guiding national technology strategy choices and industry policy formulation, and building a high-end academic exchange platform for industry, academia, research, and application.
Journal Honors and Inclusion Status
AMI (2022 version) A-level extended journal
RCCSE Chinese Core Academic Journal
Selected in the high-quality scientific journals grading catalog of the China Association for Science and Technology in the field of information communication
Submission Guidelines for Information and Communication Technology and Policy!
To further improve the journal’s informatization level and provide better services for scholars, our official website (http://ictp.caict.ac.cn) has officially been launched, and we welcome submissions!

Recommended Reading
Special Topic: Application Ecology Construction and Development Suggestions for Quantum Computing Cloud Platforms; Special Topic: Current Status and Trends of Quantum-Classical Hybrid Computing Development; Special Topic: Overview of Quantum Secure Communication Technology for Time-Sensitive Networks Jointly Developed by the National Science and Technology Quantum Communication Network Co., Ltd. and Associate Professor Ma Zhangchao’s Team from Beijing University of Science and Technology; Introduction: Quantum Information Create New Tracks for Future Industries; Table of Contents and Abstract of Information and Communication Technology and Policy, Volume 50, Issue 7, 2024You “Looking” at me?