Hello everyone. My name is Pavan Moti. So I am a senior technical lead at Oracle Corp. And so today my topic is basically we'll discuss about quantum computing and then how it impacts on the cloud security and then how we should be prepared for that actually. This would be my topic. Now for many years quantum computing was some, something we thought as far off like maybe 10 or 20 years away. But that's no longer true. Quantum computing is moving from theory of reality very quickly, and as it does, it poses some serious risk to the cryptographic foundations we rely on today to protect the cloud environments. So this talk is really about how we can start preparing now. Before, the quantum computing starts breaking the encryption, like today's standard encryption, and it exposes the sensitive data. So first of all, what is quantum computing, right? So let's dig in little more detail in that. So quantum computing operates using quantum bits or the, it's called Q bits also. So unlike classic bits which you know, are zero on zero or one. Qubits can be both zero and one at the same time. It's because of the property called super position, so they can also be entangled, meaning that the state of one qubit can be linked to another, allowing for highly parallel processing, extremely fast computation for certain type of problems. Now, why does that matter for security? Because quantum computers can run algorithms that are fundamentally different. And far more powerful than the classic ones. Let's take an example. Short algorithm, right? And it allows quantum computer to factor large prime numbers exponentially faster than the classic computers. And this threatens RSA and then ECC encryption. This is basically the public key cryptography views everywhere. It's ubiquitous in the cloud systems. So another example would be the Grover algorithm. The it can also get weakened by the symmetric encryption, right? So in short, quantum computing's game changer for cryptography. Now let's let's look at specifically how quantum computing threatens today's cloud environments. So today's cloud security lies heavily on R-S-N-E-C-C, for public reintroduction, for identity key exchange, TLS, everything. A sufficient, powerful quantum computer code use short solid rhythm to crack RSA 2 0 4 right in minutes, completely breaking these protections. The is the quantum, the cloud-based quantum computing market is expected to be worth around like $4 billion by in, in few years. So we are actually in 2023. It's this seven 98 million by 2028 in a couple of years, it's gonna grow exponentially higher. So we discussed about the, like the quantum computing we discussed about what the qubits are and then how it enables the massive pallet processing and all that. Yeah. So now let's talk about like how the quantum computing threatens the cloud security, right? There are like three key risks I want to highlight, one is breaking publicly encryption. Today's cloud secure lies heavily on RSA and and EC for public publicly encryption, for identity keys exchange, TLS, everything. So as a sufficient, powerful quantum computer could use short algorithm to crack, like I said, that like the 2 0 4 8 in minutes, right? And then also it weakens the Semitic encryption system again, like I've given an example about the Grover algorithm. How it gets how it gets weakened. And then also there is the third thing, harvest nav and decrepit later. So this is the very scariest part. Attackers are already stealing encrypt data, knowing what, when quantum computers become called powerful enough, they'll be able to decrepit later. So long-term sensitive data like health, healthcare records, financial data, government secrets, they're all at risks. And then also the D cert. The report says that 61% or more than 60% of our organizations are worried about this, and this is with good reason. Now how do we prepare for quantum computing security? So what can we do about it? So there, here are the five key strategies, like I want to show showcase here. The most promising long-term solution is. The new cryptographic to come up with a new cryptographic algorithms that are resistant to both classic and quantum attacks. So in 2022 NIST selected four algorithms, the crystal cuber for key exchanges, crystal's, digital lithium, falcon, and spinx for digital signatures. So these are all part of post quantum cryptography. Like there's a new cryptographic algorithms that we should, that the industry should embrace. As opposed to the the classic algorithms to prevent from the quantum attacks. And the second one is basically the quantum key distribution. This is a more exotic but very secure approach. Using quantum mechanics itself is secure exchange keys. Any attempts to eves drops can be detected because measuring a quantum state changes it. QKD is still limited, high cost limited range, but promising for defense, finance and government sectors. And the third one is basically using hybrid cryptographic systems. So in the near term, the best path is to combine traditional and quantum safe algorithms. It's basically allowing backward compatibility while also gaining stronger production. So Microsoft and Google are already testing this, for example. Kyber plus traditional Ts in Chrome and Azure environments. The fourth is basically the cloud vendor initiatives, right? Some major cloud providers are taking steps. Azure offers quantum safe, VPN options, IBM Cloud. I think they're te still in the testing phase for post quantum algorithms. And AWS already provides a lot of cryptographic inventory tools and migration guidance. So basically partnership with cloud vendors is key. Quantum readiness will increasingly be co. It'll be increasingly co differentiated. So the fifth point is basically the cryptographic inventory and risk assessment. This is very critical. Organizations need to identify where encryption is used, what key and are in place, and where the sensitive data is reside. Long, long term data systems like healthcare financial should be prioritized for updates, and then also zero test architecture. We'll also help reusing if there are any certain productions which are weak or broken. So we discussed about all these five points. Now let's talk about like how to prepare for quantum post quantum computing security. Like we discussed this five points. So now let's talk about the challenges. So this transition is not easy. There are three big challenges. One is compatibility. The migration cost and risk of inaction. And for with respect to com compatibility, like many quantum safe algorithms don't work well with legacy systems and devices. And then also migration cost also it will be significant investment. And then, the risk of inaction is much higher than than like the potential migration cost. So basically the average cloud breach already cost like around like $4.4 million straight. Okay, so once quantum attacks are practical, that could skyrocket. So doing nothing is the riskiest choice. So what is the path forward? So here are the practical steps every cloud aligned organization should take. Now the first is basically like we discussed, like the implement hybrid encryption. Then also monitor the ISD standards. And IS you this and stay current, like with the as this post quantum computing algorithms mature. And then also please collaborate with your cloud vendors such as your AWS, Microsoft and IBM, and then also conduct crypto audits. So quantum computing, again, is no longer a science fiction. It's coming. And then cloud security teams need to start preparing now to stay ahead of the curve. Yeah. So to wrap up so we are on the verge of quantum computing era and quantum era in the computing. So this brings enormous potential, but also significant risk to the security foundations of today's cloud environment. So by starting now through hybrid encryption crypto audits, cloud partnerships, and zero trust, it can be ready. Quantum resilience will be a key pillar. Of cloud security in the thank you and if you have any questions, please reach out to me or my email. Thank you.