Skip to Content
Computing

China is beating the US when it comes to quantum security

Quantum key distribution is being touted as the future of cybersecurity, and China has gone all in.
December 12, 2019
John Prisco EmTech Future Compute
John Prisco EmTech Future Compute
John Prisco EmTech Future ComputeBen Esakoff

It’s been six years since hackers linked with China breached the US Office of Personnel Management’s computer system and stole sensitive information about millions of federal employees and contractors. It was the sort of information that’s collected during background checks for security clearances––very personal stuff. But not all was lost. Even though there were obviously some massive holes in the OPM’s security setup, some of its data was encrypted. It was useless to the attackers.

Perhaps not for much longer. It’s only a matter of time before even encrypted data is at risk. That’s the view of John Prisco, CEO of Quantum Xchange, a cybersecurity firm based in Bethesda, Maryland. Speaking at the EmTech Future Compute event last week, he said that China’s aggressive pursuit of quantum computing suggests it will eventually have a system capable of figuring out the key to access that data. Current encryption doesn’t stand much of a chance against a quantum system tasked with breaking it.

China is moving forward with a “harvest today, read tomorrow” approach, said Prisco. The country wants to steal as much data as possible, even if it can’t access it yet, because it’s banking on a future when it finally can, he said. Prisco says the China is outspending the US in quantum computing 10 times over. It’s allegedly spending $10 billion alone to build the National Laboratory for Quantum Information Sciences, scheduled to open next year (although this number is disputed). America’s counterpunch is just $1.2 billion over five years toward quantum information science. “We’re not really that safe,” he said.

Part of China’s massive investment has gone toward quantum security itself, including the development of quantum key distribution, or QKD. This involves sending encrypted data as classical bits (strictly binary information) over a fiber-optic network, while sending the keys used to decrypt the information in the form of qubits (which can represent more than just two states, thanks to quantum superposition). The mere act of trying to observe the key changes its state, alerting the sender and receiver of a security breach.

Bu it has its limits. QKD requires sending information-carrying photons over incredibly long distances (tens to hundreds of miles). The best way to do this right now is by installing a fiber-optic network, a costly and time-consuming process.

It’s not foolproof, either. The signals eventually scatter and break down over long stretches of fiber optics, so you need to build nodes that will continue to boost them forward. These networks are also point-to-point only (as opposed to a broadcast connection), so you can communicate with only one other party at a time. 

Nevertheless, China looks to be all in on QKD networks. It’s already built a 1,263-mile link between Beijing and Shanghai to deliver quantum keys. And a successful QKD demonstration by the Chinese Micius satellite was reported across the 4,700 miles between Beijing and Vienna.

Even Europe is making aggressive strides: the European Union’s OPENQKD initiative calls for using a combination of fiber optics and satellites to create a QKD-safe communications network covering 13 nations. The US, Prisco argues, is incredibly far behind, for which he blames a lack of urgency. The closest thing it has is a 500-mile fiber-optic cable running down the East Coast. Quantum Xchange has inked a deal to use the cable to create a QKD network that secures data transfers for customers (most notably the financial companies based around New York City).

With Europe and China already taking QKD seriously, Prisco wants to see the US catch up—and fast. “It’s a lot like the space race,” he said. “We really can’t afford to come in second place.”

Update: This story has been amended to note that the funding figures for the National Laboratory for Quantum Information Sciences are disputed among some experts. 

Deep Dive

Computing

Conceptual illustration of quantum computing circuity, in multiple colors
Conceptual illustration of quantum computing circuity, in multiple colors

Quantum computing has a hype problem

Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.

winning team for Pwn2own 2022
winning team for Pwn2own 2022

These hackers showed just how easy it is to target critical infrastructure

Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.

child outside a destroyed residential building in Kiev
child outside a destroyed residential building in Kiev

Russia hacked an American satellite company one hour before the Ukraine invasion

The attack on Viasat showcases cyber’s emerging role in modern warfare.

A rescuers search for bodies under the rubble of a building destroyed by Russian shelling, amid Russia's Invasion of Ukraine, in Borodyanka, Kyiv region, Ukraine, April 11, 2022. (Photo by Sergii Kharchenko/NurPhoto via AP)
A rescuers search for bodies under the rubble of a building destroyed by Russian shelling, amid Russia's Invasion of Ukraine, in Borodyanka, Kyiv region, Ukraine, April 11, 2022. (Photo by Sergii Kharchenko/NurPhoto via AP)

Russian hackers tried to bring down Ukraine’s power grid to help the invasion

As Russia’s ground war stalls, hackers attempted to cause a blackout for two million people.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.