Quantum computing promises to unlock a new wave of processing power for the most complex calculations, but that could prove to be just as harmful as it is helpful: security specialists warn that malicious hackers will be able to use quantum machines to break through today’s standards in cryptography and encryption. Today, a startup called PQShield that is working on “future-proof” cryptographic products — software and hardware solutions that not only keep data secure today, but also secure in anticipation of a computationally more sophisticated tomorrow — is announcing some funding as it finds some significant traction for its approach.
The startup, spun out of the research labs at Oxford, has raised $20 million, a Series A that it will be using to continue its research and, in conjunction with partners and customers, product development. The startup is already staffed with an impressive number of PhDs and other researchers across the U.K. (its base remains in Oxford), the U.S., France and the Netherlands, but it will also be using the funds to recruit more talent to the team.
Addition, the investment firm founded by Lee Fixel, is leading this round, with Oxford Science Enterprises (formerly known as OSI) and Crane also participating. The latter two are previous backers from PQShield’s $7 million seed round in 2020.
If machine learning is shaping up to be one of the more popular (and perhaps most obvious) applications for quantum computing, security is perhaps that theme’s most ominous leitmotif.
The National Institute of Standards and Technology in the U.S. identified the risks of using quantum computing for malicious security intent some eight years ago and has been receiving research submissions globally in search of coming up with some standards to counteract that threat. (PQShield is one of the contributors.) Based on signals from other government bodies like the Department of Homeland Security — coupled with a memo from the White House just earlier this month mandating that the government’s intelligence and defense services make the switch to “quantum-resistant” algorithms in 180 days — it looks like the standards process will be completed this year, getting the wheels in motion for companies that are building solutions to address all this.
“One memo can change everything,” PQShield’s CEO and founder Ali El Kaafarani said in an interview.
PQShield (the PQ stands for “post-quantum”) has been working with governments, OEMs and others that are part of the customer base for this technology — adopting it to secure their systems, or building components that will be going into products that will secure their data, or in some cases, both. Its customers include both private and public organizations impacted by the threat. Bosch is one OEM name that it has disclosed, and El Kaafarani said more will be revealed when PQShield announces its first commercially available solutions. (Other sectors it’s working with include automotive OEM, industrial IoT and technology consulting, it says.)
PQShield’s solutions, meanwhile, are currently coming in three formats. There is a system on a chip that is designed to sit on hardware like smartcards or processors. It also is making software by way of a cryptographic SDK that can be integrated into mobile and server apps and technologies used to process data or run security operations. And thirdly, in a new addition since it raised its seed round, it’s making a toolkit aimed at communications companies designed specifically to secure messaging services. This latter is perhaps the one that might most immediately touch the consumer market, which has been fertile ground for malicious hackers, and has increasingly become a focus for regulators and ordinary people concerned about how and where their data gets used.
All of these, El Kaafarani said, are designed to work together, or separately as needed by a would-be customer, with the key being that what it is building now can be used today, as well as in a quantum computing future.
The idea of a “quantum threat” might sound remote to most people, considering that we’re still some years away from quantum computing becoming a commercial, scalable industry, but the reality is that malicious hackers have been collecting data that will help them “solve” current cryptographic keys using those machines for years at this point. Some of this data has been publicly shown off, and much has not. All of this has been leading, El Kaafarani noted, to an “inflection point where people are now ready to think about the next phase of public key infrastructure,” which he summed up in layman’s terms as the difference between “math that is still easy to solve, and math that will still be very difficult to solve, even on a quantum computer,” due to particular combinations of math problems and aspects of complexity theory.
Quantum computing, even at its still largely nascent stage, has been fueling a lot of startup and big-tech activity. Atom Computing (which designs quantum computing systems) and Terra Quantum (building quantum computing as a service, given the likely high cost of these machines) each raised $60 million earlier this month. Intel, IBM and Amazon are among those that have making significant investments in quantum servers and processors for years now. There are others also working specifically on quantum security.
In that context, PQShield’s groundbreaking role in helping develop standards, and its existing network of customers and partners, spells a clear opportunity and promise for investors. “Thanks to an industry-leading team, decades of combined experience and a best-in-class product offering, PQShield has quickly emerged as a front runner and true authority in post-quantum cryptography for hardware and software, a field with enormous market potential,” said Fixel in a statement. “PQShield is already helping to define the future of information security, and we are excited to support their ongoing growth.”