Quantropi prepares for the future of cybersecurity

Y2K might well be behind us, but forward-looking technologists are now preparing for a different major event: the prospect that a quantum computer can break much of the cryptography organizations rely upon today. Quantum technology, previously criticized for being perpetually five years away, is now growing ever closer. This is especially true in the field of cybersecurity, as we detail in Tech Trends 2025.

While quantum computers promise unprecedented computational power, they may also pose significant potential risks to current cryptographic methods. Michael Redding, chief technology officer at Quantropi, an Ottawa-based quantum security firm, highlights the urgency of this issue: "Quantum computing will be the biggest leap forward in computing capability in history. Once it takes off, we’re going to be adopting it quicker and more widely than we did cloud.”¹

Transactions worth trillions of dollars occur each day on the internet, and they must be secured.² Current encryption systems for these transactions involve digital signatures that must be verified by both parties, along with an exchange of keys once trust has been established. Such systems rely on the difficulty of factoring large prime numbers³ so that attackers cannot easily determine the keys to a transaction. If encryption keys are long or complex enough, classical computers simply don’t have the time to work through all the possible combinations and hack a system. However, Redding says, “a powerful quantum computer can solve all prime factor–based encryption with ease. Encryption as we know it would be done and dusted in one cycle. We’re dealing with exponential change, not linear change.”

The bedrock of our current digital security infrastructure is thus vulnerable to quantum attacks that are not just theoretical—they are imminent. Redding says, “Even if this problem is going to manifest sometime in the next 10 to 20 years, enterprises should care right now because of the concept of ‘harvest now, decrypt later.’” This concept refers to the ability of bad actors to steal and store (with relative ease and low cost) troves of organizational data, and simply wait for quantum computing to be powerful and accessible enough to later compromise the encryption keys and decrypt that data. When it comes to sensitive intelligence or trade secrets that need to stay protected for years or decades, current encryption standards are no longer sufficient, Redding says, because eventually cracking those codes is simply a matter of time.

To wit, even today’s noisy quantum computers, when combined with machine learning, are close to breaking encryption, making it imperative for organizations to adopt quantum-resistant security measures sooner rather than later. As Redding notes, “With machine learning, the timeline could be shortened from 10-plus to less than five years. Some large banks in North America are even anticipating quantum-safe encryption to be a necessity as soon as 2027. We better listen.”

Quantropi uses quantum algorithms to produce exponentially higher permutations of possible keys for information security. Its approach to post-quantum cryptography encompasses three guiding principles:

• Trust: Sharing a secret between two or more parties, with each being able to trust the other, is the foundation of secure digital transactions, according to Redding.
• Uncertainty: When all uncertainty is pushed to the attacker, they have no way of solving a key unless they happen to guess it correctly out of a (nearly) infinite set of possibilities.
• Entropy: Noise and true randomness are essential for strong encryption keys. "What’s the point of having a strong lock if you have a weak key?” Redding says.

Quantropi has made it fast and easy for customers to use strong entropy to create hardened cryptographic keys. It says it uses the world’s best quantum random-number generators and streams entropy quantum-securely at scale to any device that needs it. Redding says, “Instead of putting an $8,000-dollar quantum entropy device in my cell phone, I can download it quantum-securely and use that to make my cryptographic keys. It’s an ‘easy button’ solution that can run on today’s servers, desktops, mobile, and the Internet of Things.”

That accessibility of post-quantum security comes at a time when governments are paying attention. In response to the looming quantum threat, the US-based National Institute of Standards and Technology (NIST) published new recommended standards for quantum-safe cryptography in August.⁴ That means that many companies that now adhere to US government standards for cryptography will, in the future, seek solutions that meet the NIST requirements. “In less than five minutes, if you are using a virtual private network for your security, you can set up post-quantum secure systems,” Redding claims.

Looking forward, Redding emphasizes that quantum security is not just about preparing for the future; it’s about taking action today. As quantum computing continues to advance, it will reshape the very landscape of information security. Redding says, “Cryptographically relevant quantum computers will trigger a security-upgrade cycle that could be 10 times the preparation we saw for Y2K. Quantum computing is going to accelerate digital transformation, infrastructure, and much more, including substantial changes in cryptography.”