PQShield, a UK post-quantum cryptography startup, today comes out of stealth mode with the announcement of a £5.5m seed funding raise, and news that it has won Bosch as its first customer.
It is a sign that both investors and companies are waking up to the threat of quantum computing, which can easily break conventional cryptographic standards, particularly those used in the most popular public key algorithms.
A quantum tool in the hands of the attackers would really tip the balance.
“It is not that quantum computing can break all cryptography,” says Ali El Kaafarani, PQShield’s founder and CEO. “It’s just unlucky that they are very good at breaking the one that was picked for public key infrastructure.” (For a deeper dive, look up Shor’s algorithm.)
Given that public key infrastructure is baked into everything, every internet browser, every corporate database — and maybe most alarming every connected device including cars and aeroplanes — the arrival of quantum computing is a huge threat.
It is so severe that the US National Security Agency warned in 2015 it must ‘act now’ to safeguard its systems from the quantum threat. Since then researchers have been working with America’s National Institute of Standards and Technology (NIST) to define new quantum-ready cryptographic standards — many of the mathematicians on PQShield’s 15-person team have been part of that standard-setting effort. There are now five different branches of mathematics that have emerged as alternatives for quantum-proof cryptography.
Luckily so far, quantum computers have been so clunky and unusable that they have posed little real threat. But last year researchers at Google achieved “quantum supremacy” — meaning they used a quantum computer to crack a problem that would have taken conventional computers thousands of years to crack. It was a sign that useful quantum computers are getting closer.
“When you have big companies like Google and IBM working on this, you know that a breakthrough could happen any time,” says El Kaafarani.
Once this happens it will be only a matter of time before a quantum tool is in the hands of malicious hackers who could use it to break security measures.
“Cybersecurity is always a race between the cryptographers and the hackers. A quantum tool in the hands of the attackers would really tip the balance,” he says.
El Kaafarani, a research fellow at Oxford’s Mathematical Institute and former engineer at Hewlett-Packard Labs, decided to turn his research into a company after becoming alarmed about the disconnect between current corporate security levels and the looming quantum threat.
Many corporations have been slow to wake up to dangers, says El Kaafarani, but the deal with Bosch shows that the tide may be turning.
PQShield, which was spun out of Oxford University, is backed by Kindred Capital, Crane Venture Partners, Oxford Sciences Innovation and angel investors including Andre Crawford-Brunt, Deutsche Bank's former global head of equities.
Recent post-quantum cryptography funding rounds:
July 2016 Post-Quantum (US) $9.3m
November 2018 ISARA Corporation (Canada) £10m
December 2018 KETS Quantum Security (UK) £2m
April 2019 SpeQtral (Singapore) $1.9m
July 2019 Crypta Labs (UK) £2.7m
September 2019 Crypto Quantique (UK) £8m
February 2020 QuintessenceLabs (Australia) amount not disclosed