## AWS for Industries

# Preparing for Post-Quantum World in Banking with Amazon Web Services

Banks must continually innovate to gain a competitive edge in protecting customer transactions and data. For decades now, modern banking has relied on the TLS (formerly known as SSL) protocol to encrypt and provide confidentiality for online transactions. In turn, the security of TLS relies on the assumption that it’s extremely difficult for even the most powerful computers to solve two mathematical problems when dealing with very large numbers: finding the prime factors of integers and finding discrete logarithms. However, the promise of quantum computing now introduces the possibility that these two problems can be solved in the future, thus rendering current encryption algorithms obsolete. This also makes banking transactions insecure and vulnerable to eavesdropping. In this post, we provide a high-level introduction to the challenge that quantum computing poses to banking security, and offer an approach that financial institutions can take today to begin preparing for a “post-quantum” world.

## Securing today’s transactions

### Integer factoring

To begin with, almost all online banking transactions are secured by the TLS protocol running over HTTP (HTTPS). The current version of TLS (1.3) uses two widely known algorithms to secure each connection. The first is the RSA algorithm, which is used to authenticate the bank’s server to the customer. RSA uses a public and a private key pair, where both keys consist of a pair of numbers. Both of these pairs include a very large common number of at least 200 digits, which we shall call N. The prime factors of N are used to derive the two other numbers used for the Public and Private keys. The key here (no pun intended) is that if one can find the prime factors of N, then it becomes trivial to derive the other two numbers that form the public and private keys. Finding the prime factors of small numbers (i.e., 15 = 3 x 5) is easy, but it becomes increasingly harder even for computers when dealing with much larger numbers of 200 digits or higher.

### Discrete logarithm

The second algorithm TLS uses is the Diffie Hellman algorithm. Specifically, it uses a variant of Diffie-Hellman called Elliptic-curve Diffie-Hellman. This algorithm lets two parties establish a shared secret over a public network through the use of exponential and modular arithmetic. The security of Diffie Hellman relies on the difficulty of solving the Discrete Logarithm Problem for very large numbers – Given it’s easy for any modern computer to compute Y=g^{x} mod n , even for large numbers. However, given Y, g, and n, it’s computationally much more difficult to work backward and find the exponent. Just as it is in integer factoring, finding the discrete logarithm becomes increasingly intractable for much larger numbers. The fact that computers today can’t solve either integer factoring or discrete logarithms for very large numbers in a reasonable amount of time is what makes online banking secure today.

### Shor’s Algorithm

However, in 1994 MIT professor Peter Shor devised an algorithm eponymously named Shor’s Algorithm. This breakthrough algorithm is capable of solving both integer factoring and discrete logarithms exponentially faster than previous algorithms. There’s a version of this algorithm that can run on a classical computer. But there’s one step that makes the algorithm impractically slow when running on a classical computer for very large numbers.

On the other hand, a quantum computer can use a technique called Quantum Fourier Transform to transform this problem into a problem of finding the period of a function. Finding this period leads to finding an exponent p, which in turn makes it possible to find the factors of a very large number. A sufficiently powerful quantum computer can use Quantum Fourier Transform to render modern encryption algorithms useless.

### Qubits

But what exactly is a “sufficiently powerful quantum computer?” And do they exist today? The short answer is no – a quantum computer sufficiently powerful enough to break encryption algorithms isn’t known to exist today. Before explaining why, let’s first review the fundamental unit of data in quantum computing – the qubit.

Quantum computers rely on qubits instead of bits as their basic unit of data. Unlike a bit which can be either 0 or 1, a qubit can be a 0 or 1 or a superposition of both 1 and 0. In other words, it can simultaneously be in two states at once with probabilities assigned to each state. If this sounds a bit counterintuitive, don’t worry. Quantum computing is based on Quantum Physics, which deals with the nature and behavior of very small particles, and these behaviors make no sense when compared to our everyday experience. The important thing to know about qubits is that one qubit can represent two bits of information. In fact, N qubits can represent the same information as 2^{N} bits. So, 1 qubit = 2 bits, 2 qubits = 4 bits, 3 qubits = 8 bits, and so on.

You can create circuits out of qubits and perform operations on them just like you can with bits. But because each qubit can represent more information, you can theoretically run certain types of algorithms much faster and with fewer steps on a quantum computer. When running Shor’s algorithm, a quantum computer can take advantage of superposition to calculate multiple possible answers at once to find the correct answer faster.

### Decoherence

So back to our question – why aren’t quantum computers that are capable of breaking encryption in existence today? The problem is decoherence, which refers to the inability of a qubit’s ability to maintain its state. Qubits, like bits, need to be physically represented in the real world. You can represent a single bit with a light bulb or a tiny voltage on a semiconductor chip. On the other hand, qubits can be represented by subatomic particles, such as electrons or photons. Due to quantum physics, their states are inherently unstable and susceptible to noise and other disturbances.

Because of noise and disturbances, quantum computers typically experience one error for every 1,000 operations. This means that it takes at least one thousand redundant physical qubits to make one fault tolerant, logical qubit. Breaking RSA encryption in a reasonable amount of time would require thousands of these fault tolerant, logical qubits. Therefore, you would need millions of qubits to break RSA encryption. State-of-the-art quantum computers today have only between 50 and 100 qubits. That is why “sufficiently powerful” quantum computers with enough stable qubits have yet to be known to be built.

### Yet to be known to be built?

We say “yet to be known to be built” because we can’t dismiss the possibility that if a government or organization somewhere in the world were to successfully build a sufficiently powerful quantum computer, that it might, for obvious reasons, be in their best interest to keep it a secret, especially if they have hostile intent. It’s no secret that there are governments around the world aggressively supporting the research and development of quantum computers.

### Securing the networks of tomorrow

For this reason banks, as well as other institutions that rely on modern encryption algorithms, have already begun exploring how quantum computing technologies can be used to secure digital transactions. In particular, AWS customers can now experiment with hybrid post-quantum TLS ciphers for AWS Key Management Service (AWS KMS) and AWS Certificate Manager (ACM). These hybrid ciphers features combine the security of current TLS key exchange ciphers with the latest post-quantum ciphers.

Beyond hybrid ciphers, scientists have been exploring how other approaches, such as Quantum key distribution (QKD) and Quantum Entanglement, can secure future communications. These approaches take advantage of even more fascinating and counterintuitive properties of quantum physics. Understanding these approaches and their potentially useful applications requires expertise across multiple domains (i.e., number theory, cryptography, quantum physics). Such cross-domain expertise can be challenging to recruit to any organization.

Therefore, although practical quantum computers may still be years away, financial institutions that have yet to or have only just begun embarking on their post-quantum journey should also consider collaborating with research labs such as Amazon Quantum Solutions Lab (QSL) to accelerate the development of their quantum solutions. With QSL, you’ll have access to expert physicists and computer scientists who can work with you to help identify the best strategies in preparing for a post quantum world. These are strategies for not only securing encrypted communications, but also for running increasingly more compute-intensive workloads that are critical to the financial services industry. And these are workloads such as financial risk modeling, portfolio optimization, options pricing, and fraud detection. Quantum Solutions Lab also partners with other leading companies in the related fields of machine learning (ML), optimization, and high-performance computing.

It remains unclear as to when fault-tolerant quantum computers sufficiently powerful enough to break encryption will arrive. However, it isn’t too early to begin preparing. Click here to learn how you can start preparing for a quantum future.