The first annual World Quantum Readiness Day is set for Thursday, September 26, 2024. More than simply an awareness event, World Quantum Readiness Day is a call to action, spurred by technology leaders looking at an era-defining change in digital technology.
Developments in quantum computing are accelerating rapidly, and the start of the quantum era is the beginning of something we’ve never seen in data privacy. An entirely new system for protecting data is needed, and even information that has been protected for years or decades will be vulnerable to retroactive decryption using quantum computers.
World Quantum Readiness Day — an initiative started by cybersecurity trust leader DigiCert — is focused on leveraging Post-Quantum Cryptography (PQC) to prepare for the near-future moment when quantum computing is powerful enough to break even the strongest forms of today’s data encryption.
History of World Quantum Readiness Day
Securing the future with PQC
The quantum threat is the Y2K of this IT generation. But unlike Y2K, today’s professionals face the uncertainty of working on a ticking clock that doesn’t have a set end date. We know quantum decryption is coming, but we don’t know when it will arrive. Each new advancement in quantum tells us we’re getting closer, but the exact moment a quantum computer attains the ability to break long-trusted encryption is impossible to guess—even for quantum computing engineers advancing the science.
With Y2K, engineers had a deadline to watch. The fact that a disaster was averted was due largely to the fact that IT organizations took action based on urgency. With quantum, though, the urgency has been lagging, because too many people think the breakthrough is too far off to worry about. It’s not.
Accelerations in quantum development continue to increase, with the power of quantum computers increasing substantially as private and public entities invest more resources into the promising field.
The good news is that solutions to security threats already exist for quantum. And like Y2K, if IT professionals act now, the damage from quantum attacks will be much smaller when the breakthrough happens. But first, people need to know what they’re up against and how to deploy PQC to protect sensitive data. World Quantum Readiness Day invites organizations, engineers, and IT professionals all around the world to get up to speed on quantum developments and start building quantum-safe technology into their systems now.
Want to understand more about quantum computing and PQC? See DigiCert’s insights page.
World Quantum Readiness Day timeline
Stephen Wiesner invents conjugate coding, a basis of the “qubit” (quantum bit) and quantum computing.
Richard Feynman first lectures on advantages in quantum computing, launching widespread interest in developing the theory and technology.
Peter Schor presents Schor’s algorithm, showing that quantum can factor massive numbers much more efficiently than classical computers, including the numbers that serve as the basis of modern digital cryptography like RSA and ECC.
IBM and Stanford jointly publish a paper demonstrating how a working quantum computer successfully used Schor’s algorithm to factor a real number for the first time.
D-wave, a private company, releases D-Wave One, the first commercially available quantum computer for public use.
IBM makes quantum computing access available through its cloud services.
The United States’ National Institute of Standards and Technology (NIST) sends out an open call for proposals on quantum-safe cryptography algorithms that can protect data against the increasing concerns about quantum decryption potential.
Google claims it has achieved quantum supremacy, marking the first point where quantum technology is powerful and efficient enough to be practical.
IBM announces it has also achieved quantum supremacy.
NIST announces the first four PQC algorithms that have passed multiple rounds of scrutiny and met the benchmarks for quantum security, making them worth standardizing as a recommendation for governments and private organizations.
DigiCert launches PQC Labs for testing PQC algorithms in real environments.
DigiCert inaugurates World Quantum Readiness Day to increase awareness and spur action plans for protecting data against quantum decryption.
5 interesting facts about Quantum Mechanics
- The birthdate of Quantum Theory is December 14, 1900, when German physicist Max Planck presented his findings to the German Physical Society. This will make December 14, 2025, the Quasquicentennial of Quantum.
- Quantum computing is based in part on a quantum property called “entanglement,” where two particles behave in the exact same way at the same time, as if they were the same particle, even though they could be on opposite sides of the universe. Einstein called entanglement “Spooky Action at a Distance.”
- Another part of the foundation of quantum computing is “superposition,” where quantum objects exist in multiple states at the same time. This means, for example, an electron can exist in two places at once, and it can simultaneously behave as a wave and a particle. One of the most popular descriptions of physics comes from superposition — Shrödinger’s cat.
- Much of quantum mechanics continues to challenge and surprise scientists. Richard Feynman, one of the greatest physicists of the Modern Age, once said of his own profession, “I think I can safely say that nobody understands quantum mechanics.”
- Despite incredible advancements in quantum mechanics, the answer to one of the greatest challenges in all of science remains elusive. Physicists so far have yet to find a “Theory of Everything” that fully explains how the Standard Model (Newton and Einstein) and the Quantum Model can function in the same universe — even though the math of each on its own seems to be nearly flawless.
Adopting a PQC Readiness Plan
Step one: Inventory your cryptographic assets
Start building a complete log of all your certificates, algorithms, and other crypto assets.
Step two: Prioritize security for crypto assets that need long-term protections
Rank your crypto assets to prioritize assets that produce signatures for long-term trust. These include roots of trust and firmware for long-lived devices.
Step three: Explore and test integrating PQC into your networks and systems
PQC standards are still being developed through NIST, but existing PQC tests will give you a better idea of how these algorithms will work and what it takes to get full security up and running in time for quantum threats.
Step four: Start building crypto agility into your processes
Once you have a sense of what’s in your asset library, you can build a plan that will allow you to respond quickly to threats as quantum continues to advance.
Read more about the process of developing quantum readiness.
World Quantum Readiness Day FAQs
What is PQC?
Post-Quantum Cryptography (PQC) is any algorithm that has met industry and government standards for stopping quantum computers from decrypting secure data. These standards are based on an open call for proposed algorithms, a rigorous multi-year testing period by top cybersecurity and technology experts, and final adjustments. Four PQC algorithms have met the standard through the first round, with more in public review.
To be considered true PQC, a security algorithm must protect against quantum attacks, possess the capability to be retrofitted onto existing data and code, and must be light enough to run alongside classical computing security algorithms without burdening systems.
What is Harvest Now, Decrypt Later?
HNDL is the official designation for a type of attack where a party steals encrypted data now, knowing it would be impossible to decrypt using classical computers. This party holds the decrypted data in storage, anticipating a day when quantum computing will allow them to decrypt that longtime-secured data using quantum breaking.
Experts have raised alarms about this for two major reasons:
- Harvest Now, Decrypt Later thefts may already be underway and even responsive IT teams may not realize how much of their data could soon be in the hands of people who can access it in the future.
- There’s no retroactive time limit on the effectiveness of HNDL, so data that has been proven to be secure for years or decades may be hacked under this method. Some of the most critical data in the world, long thought to be in an “unbreakable vault” could be stolen, held, and decrypted by quantum computers in the future.
The only way to combat Harvest Now, Decrypt Later is to begin protecting all data with PQC, in order of priority, according to what’s most critical and will need to be shielded the longest against quantum threats.
Why should organizations be ready for quantum computing before quantum computers are generally available?
In addition to Harvest Now, Decrypt Later, there’s some uncertainty around advancements in quantum computing capabilities. We know the technology is rapidly progressing toward the point when quantum computers will be capable of breaking today’s proven algorithms, but we don’t know when that will be. This is partially because quantum R&D is underway all around the world at private companies, public institutions, and government agencies. It’s also because the properties of quantum states are exceptionally nuanced and difficult to control, so predicting how a particular computer will behave is less exact than in other forms of computer engineering.
This uncertainty means that the moment when a quantum computer reaches the point where it’s powerful enough to break today’s algorithms could be years away, or it could be months away. Organizations need to understand that testing, integrating, and implementing sustainable quantum protections take time. This is a new kind of threat. Anyone who adopts the mentality that quantum is far over the horizon may be caught unprepared when PQC implementation timelines overrun advancements in quantum computing.
The best recommendation of top cybersecurity experts: it’s better to be ready earlier than needed than wait for developments to close in on widespread decryption and find out too late there isn’t enough time to protect your critical data.
Is it too late to start a Post-Quantum strategy?
No, not at all. In fact, experts agree the best day to start building a Post-Quantum strategy is the day you find out about the quantum computing dangers to data security. Even if you’re just finding out about quantum threats, it’s not too late, as long as you start working on a strategy immediately.
Is there a way to vet my strategy?
Yes. Fortunately, despite the incredible power and a lot of unknowns surrounding quantum computing, we know how quantum computers can attack and break existing security algorithms. We don’t have to wait for the full capabilities of quantum to arrive before we find out how to protect against it. That means the security provided by Post-Quantum Cryptography is already working ahead of the threat.
You can start building your PQC implementation plan immediately, which includes testing functional PQC algorithms on parts of your existing systems and data.
Organizations like DigiCert have begun offering sandboxes and support, where you can start working with PQC today. You can try out DigiCert PQC Labs, where you’ll find testing algorithms, quantum resources, and access to experts who can help you examine work with PQC and build an implementation plan that will effectively protect your data against Harvest now, Decrypt Later and the upcoming quantum breakthrough.
World Quantum Readiness Day dates
| Year | Date | Day |
|---|---|---|
| 2024 | September 26 | Thursday |
| 2025 | September 25 | Thursday |
| 2026 | September 24 | Thursday |
| 2027 | September 23 | Thursday |
| 2028 | September 28 | Thursday |
Log In With Google