Skip to main content
(TimeStopper)
(Photo credit: TimeStopper)

How the Pentagon's New Cloud Initiative Ignores the Quantum Threat

Thomas Keelan

If the Pentagon doesn’t start thinking about how emerging technologies will interact, it could miss its best opportunity to secure U.S. military secrets for the future. Next month, bidding will close on the multi-billion contract to move military IT systems to the cloud, the so-called Joint Enterprise Defense Infrastructure (JEDI). But while the Pentagon focuses on the security benefits of one emerging technology – cloud computing – it is ignoring the accompanying threat of another: quantum hacking.

Within the next decade, cybersecurity experts predict that quantum computers may be able to break many types of modern encryption. This includes the types used to secure data going to and from the cloud. Yet nowhere in the draft contract for JEDI is the threat of quantum hacking addressed.

If the Department of Defense wants the next generation of military secrets to stay secret, then it must start thinking of these two emerging technologies in combination, not isolation. The JEDI cloud therefore offers a chance to kill two birds with one stone: to proactively use today’s shift to cloud computing as a chance to also prepare for the future threat of quantum computers.

Since World War II, military operations have become increasingly data and network-centric. The latest example of this trend was the DoD’s Third Offset Strategy, which focused on technological superiority to deter, outmaneuver, and if necessary defeat America’s opponents. Now cloud computing is the latest high-tech advance to improve military performance. Moving more IT systems to the cloud will give America’s military more efficiency and flexibility in using data, an edge that one day might prove critical.

But cloud computing could also become a double-edged sword. Centralizing much of the Pentagon’s IT operations in a single cloud ecosystem will make the military more productive and adaptable, but it also raises a huge security concern.

The U.S. military already struggles with theft of state secrets. For example, in June it was discovered that China had stolen over 600 gigabytes of classified U.S. submarine warfare data. A monolithic, single-source JEDI cloud could pose an even greater cybersecurity risk. For the first time, many different kinds of classified information – possibly including nuclear weapon designs – may be found in the same place. To hostile actors this will make JEDI an irresistible target.

And when quantum computers arrive, they will have the power to knock the locks off the JEDI treasure chest. Quantum processors work with quantum bits, or qubits, that exist as both a one and a zero at the same time, potentially providing significantly more computing power than current digital technology. That dramatically increased computing power poses a threat to the modern cryptography system by cracking the complex math puzzles that most digital encryption (including cloud encryption) is based on.

However, DoD’s real quantum encryption problem is based on logistics, not computing. A quantum computer capable of hacking cloud encryption is not estimated to arrive until at least 2026. And cybersecurity experts have already developed new, quantum-secure cryptography to protect our data from these future attacks.

But these same experts have highlighted how it can take big organizations like DoD up to 10 years to fully change their encryption. In industry speak, they have limited “crypto-agility.” Even if the DoD starts now, it will be a neck-and-neck race to make military data quantum-secure before the arrival of quantum hacking.

That is why making JEDI quantum-secure is so important for the military’s future data security. As Alan Panezic, vice president of cybersecurity firm ISARA states: “The DoD has to embrace cryptographic agility now. By moving to the cloud, you’re already fully analyzing all aspects of security and efficiency, and so it’s the easiest time to figure out where your quantum weaknesses are. If you don’t, it’s a huge lost opportunity.”

Yet right now this is exactly the opportunity the Pentagon is passing up. As the cloud, quantum, blockchain and AI start to converge and become part of standard military operating procedure, a mindset that ignores how they’ll interact risks America falling increasingly behind the pace of its competitors.

The move to a military cloud is a timely and crucial one, but by thinking about JEDI in isolation and ignoring the emerging threat of quantum technology, the DoD is setting itself up for a future crisis. If preparations for a quantum-equipped adversary don’t begin now, one day soon the cloud will start raining American secrets.

Related Articles

A Missile-Defense Layer in Space Is Affordable and Makes Sense

Rebeccah L. Heinrichs & Henry A. Obering III

Critics warn about sky-high price tags while blocking efforts to divine the actual cost....

Continue Reading

Why Blockchain Is No Silver Bullet For Cyber Threats

Arthur Herman

since the blockchain database isn’t stored in any single location, it means its records are easily verifiable...

Continue Reading