Tough Challenges (And Expert Solutions)

While quantum technology promises groundbreaking advancements, it also presents significant risks, particularly to the security of digital systems. Existing encryption methods for protecting sensitive data will likely be rendered obsolete by quantum computers.

While Nvidia CEO Jensen Huang predicts that “very useful quantum computers” may still be 15 to 30 years away, it’s essential for businesses to begin the work of infrastructure upgrades now—particularly since experts say the journey to quantum-safe infrastructure will likely be slowed by multiple technical, operational and strategic hurdles. Below, members of Forbes Technology Council detail some of the challenges standing in the way of achieving quantum-safe infrastructure, as well as realistic strategies and solutions.

1. The Lack Of Visibility Into Cryptographic Assets

A key challenge is the lack of visibility into cryptographic assets, which leaves organizations unsure of what needs upgrading. To address this, an organization must map its cryptographic landscape, identify vulnerabilities and develop a phased plan to transition to quantum-safe algorithms. Prioritizing critical systems ensures an effective, secure upgrade to tackle evolving quantum threats. – Amit Sinha, DigiCert

2. The Complexity And Cost

Migrating to quantum-safe infrastructure is challenging due to the complexity and cost, especially when it comes to cloud environments. Organizations should start by inventorying their current cryptographic systems. Prioritize upgrading critical systems and invest in cryptographic agility. A hybrid approach and robust governance can also aid the transition. – Pradeep Kumar Muthukamatchi, Microsoft

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

3. Transitioning Current Encryption Protocols

One challenge in achieving quantum-safe infrastructure is transitioning existing encryption protocols to quantum-resistant algorithms. This can be addressed by adopting hybrid cryptographic systems that combine classical and quantum-resistant methods, allowing gradual implementation while maintaining security during the transition to a quantum-capable future. – Ken Pomella, RevStar

4. Deploying Quantum-Resistant Algorithms In Existing Systems

One major challenge in creating quantum-safe infrastructure is deploying quantum-resistant cryptographic algorithms in existing systems. Current protocols, including Rivest-Shamir-Adleman and elliptic curve cryptography, depend on math problems that quantum computers can solve with Shor’s algorithm. This makes transitioning to post-quantum cryptography critical for data security. – Vaibhav Dani, Map Communications

5. A Lack Of Expertise

The lack of expertise is one of the main challenges—as is time. Governments and infrastructure owners must invest in people who are able to evaluate and implement the cutting-edge technologies that will support a secure and connected future. Only by starting to pilot and build quantum teams and infrastructure today will we be able to access the economic and innovative potential to come. – Stephanie Simmons, Photonic Inc.

6. Achieving New NIST Standards

A big challenge will be upgrading systems to the new NIST standard post-quantum cryptography encryption algorithms, which requires careful planning and coordination. This can be addressed by implementing crypto-agility—so systems can quickly switch between algorithms—and developing transition plans that prioritize critical systems to ensure security and compliance with the published NIST PQC timeline. – Gregory Webb, AppViewX

7. Protecting Long-Lived Data At Rest

The main challenge to overcome will be protecting long-lived data at rest. Adopting longer keys and protecting access to encrypted content (to guard against “harvest now, decrypt later” attacks) should be the immediate concerns. Adoption of appropriate NIST-approved encryption mechanisms and preparing for selective re-encryption should be taken up as a priority. – Amrit Jassal, Egnyte

8. Creating Quantum-Resistant Key Management Systems

A key challenge for quantum-safe infrastructure is creating key management systems that are resistant to quantum threats. Public-key encryption and elliptic curve cryptography, which are vulnerable to quantum attacks, must be replaced with post-quantum cryptographic solutions like lattice-based methods. Combining classical and quantum-safe algorithms ensures secure transitions and long-term data protection. – Greg Ombach, Airbus

9. Maintaining Backward Compatibility With Legacy Systems

Maintaining backward compatibility with legacy systems will be a major challenge because of the differences in encryption architectures. Prioritizing critical systems, using hybrid cryptographic models, engaging in cryptographic agility, leveraging automation for updates and educating teams are some of the ways to handle this challenge. – Aditya Malik, ValueMatrix.ai

10. Computational Overhead And Hardware Compatibility

Quantum-safe infrastructure requires bridging the theoretical model of cryptography and practical application. Challenges include computational overhead and hardware compatibility. Solutions involve the development of lightweight, quantum-resistant algorithms and fostering collaboration among early adopters across industries. – Sandro Shubladze, Datamam

11. Rethinking Trust Models

A key challenge in achieving quantum-safe infrastructure is rethinking trust models in public-key cryptography. Address this by adopting blockchain-based quantum-proof identity systems, where decentralized, tamper-proof networks replace traditional key exchange mechanisms, future-proofing security while maintaining transparency and scalability. – Jo Debecker, Wipro

12. A Lack Of Available Educational Resources

One of the key challenges I have seen during my career is a lack of educational resources within organizations. IT professionals and business leaders must be educated about quantum threats and the importance of post-quantum cryptography to facilitate smoother implementations and adoption. – Rahul Bhatia, HCL Tech

13. Developing Modular System Designs

Adopting NIST’s post-quantum cryptography standards is a good start, but the evolution of cryptographic algorithms requires modular system designs to enable easy upgrades of tools and methods. While internal systems can adapt quickly due to centralized control, external integrations demand stronger collaboration, planning and governance to ensure compatibility and quantum-safe security. – Victor Shilo, EastBanc Technologies

14. Addressing ‘Store Now, Decrypt Later’ Attacks

A challenge in developing quantum-safe infrastructure could be managing encrypted data that’s already at risk from “store now, decrypt later” attacks. Adversaries could steal encrypted data today and decrypt it when quantum computers become viable. The solution involves identifying and re-encrypting sensitive, long-lifespan data with quantum-resistant algorithms now, prioritizing high-risk sectors like healthcare and finance. – Deepak Gupta, Cars24 Financial Services

15. Inventorying And Prioritizing Cryptography

One of the challenges is developing a technical inventory of cryptography, both current and ongoing. Companies must audit ciphers to determine which ones to replace first with post-quantum cryptography. However, migration will be an ongoing process, as we expect NIST to standardize more post-quantum cryptography ciphers in the coming years—tracking which countries and companies require which standards will be critical. – Kim Bozzella, Protiviti

16. High Computational Power Needs

The need for substantial computational power to support quantum-resistant algorithms will be an issue. To overcome this, industries must invest in next-generation hardware and collaborate on developing efficient, scalable encryption methods that can withstand quantum threats, ensuring long-term security without sacrificing performance. – Kalyan Gottipati, Citizens Financial Group, Inc.

17. Balancing Security With Performance During Migration

A critical challenge in developing quantum-safe infrastructure is balancing security with performance during cryptographic migration. Address this by adopting hybrid algorithms, which enable seamless transitions while ensuring minimal disruption and sustained efficiency. AI-detected vulnerabilities can be human-verified to prioritize critical areas, ensuring accuracy and robustness in the process. – Vishal Pawar, CloudOMax Corp.

18. Obtaining Full Buy-In From Leadership

Buy-in from leadership is crucial, but convincing them to invest in what seems like a distant need is challenging. Bad actors often act with more urgency than decision-makers. Highlight the importance of planning quantum-resistant encryption now by stressing the serious consequences of failing to act proactively. – Paul Peloquin, Thumbscore

19. Ensuring Interoperability With Diverse Global Systems

A critical challenge in achieving quantum-safe infrastructure is ensuring seamless interoperability between quantum-safe protocols and diverse global systems. Different industries and nations may adopt varying standards, creating fragmentation. This can be addressed by fostering global collaboration, enabling smooth transitions without disrupting cross-border operations or data exchanges. – Sarah Choudhary, Ice Innovations

20. The Lack Of A Sense Of Urgency

A key challenge to overcome will likely be the lack of a sense of urgency. There may be a tendency among organizations to underestimate the urgency of transitioning to quantum-safe solutions, leading to delays in adopting the necessary measures before a threat becomes imminent. Lack of urgency could be addressed by eliminating knowledge gaps and establishing clear governance structures for the transition to quantum-safe infrastructure. – Tarun Eldho Alias, Neem Inc.