THE CYBER INTERVIEW
ANDERSEN CHENG :
PREPARING FOR A POST-QUANTUM WORLD
We speak with Andersen Cheng , CEO at Post-Quantum , on the steps organisations should be taking to prepare for a post-quantum world
Andersen Cheng is the CEO of Post-Quantum , a cyber security company focusing on quantumsafe security and identity solutions . He was previously COO of the Carlyle Group ’ s European venture fund and a founding member of LabMorgan , the Fintech1.0 investment unit of JP Morgan .
Prior to that , Cheng was JP Morgan ’ s European Head of Credit Risk Management and was involved in many system implementations and risk management projects connected to credit risk , derivatives trading , EMU and Y2K .
We speak with Cheng about the role quantum technology will have on data security , the steps organisations should be taking and his predictions for the next decade .
Q . HOW COULD QUANTUM COMPUTERS CHANGE THE LANDSCAPE OF DATA SECURITY ?
» Today , the world relies on two primary public-key cryptography ( PKC ) standards for the secure communication of data : ‘ RSA ’ and ‘ Elliptic Curve ’. For example , the security of RSA relies on the principle that ‘ factorising ’ very large integers is so difficult it is impractical – deducing the factors of 15 to be three and five is easy , but deducing the factors of a 2048-bit number isn ’ t practical with a classical computer .
However , quantum machines have already been theoretically proven to be able to conduct the factorisation necessary to crack RSA . Peter Shor , an American mathematician , devised an algorithm in 1994 that , when paired with a sufficiently developed quantum computer , would render even very large RSA and Elliptic Curve keys vulnerable .
To boil it down , quantum computers are not superior to classical computers in every area – classical machines will continue to be used for the majority of tasks we undertake today . However , quantum computers are vastly superior when performing analysis on small amounts of data – precisely the quality needed to break encryption .
The issue is that , when existing encryption standards are broken , everything becomes vulnerable . PKC is used everywhere in our daily digital
18 November 2023