The Monetary Authority of Singapore (MAS) has issued an advisory[1] to financial institutions on quantum computing and the cybersecurity risks that it could pose, including potentially breaking commonly used encryption and digital signature algorithms.

Similar concerns have been raised elsewhere. Some related and ongoing developments include:

  • National Institute of Standards and Technology’s (NIST) initiation of a global standardization process for post-quantum cryptography[2]. Recognizing that large-scale quantum computing could disrupt public-key cryptosystems that are currently in use, and “seriously compromise the confidentiality and integrity of digital communications on the internet and elsewhere,” NIST’s project is aimed at developing cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.
  • The World Economic Forum is conducting research into quantum key distribution technology to establish secure communication channels for distributing encryption keys.[3]

In its advisory, MAS stressed that financial institutions need to be crypto-agile to efficiently migrate away from vulnerable cryptographic algorithms to post-quantum cryptography without compromising their IT systems. MAS’s recommended measures include:

  • Maintaining an inventory of cryptographic solutions used, and carrying out a risk assessment to classify these based on sensitivity, criticality and risks.
  • Having proper governance in place (including with third-party vendors) to understand, assess and mitigate the potential threats of quantum technology, and supporting quantum security solutions.
  • Planning for contingencies where risks materialize ahead of predicted timelines.
  • Engaging with industry and research institutes to share know-how.

Should you have any concerns, feel free to reach out to your usual contact at the firm.

Disclaimer: While every effort has been made to ensure that the information contained in this article is accurate, neither its authors nor Squire Patton Boggs accepts responsibility for any errors or omissions. The content of this article is for general information only, and is not intended to constitute or be relied upon as legal advice.

[1] Advisory on Addressing the Cybersecurity Risks Associated With Quantum, MAS

[2] Post-quantum Cryptography, NIST

[3] Transitioning to a Quantum-secure Economy, World Economic Forum