Quantum computing leverages quantum bits or qubits to perform certain calculations far more efficiently than traditional binary-based systems. This advancement brings profound implications for asymmetric cryptography, which is widely used today to secure communications.

Every online transaction, whether accessing banking services, sending emails, or connecting to a corporate VPN, depends on cryptographic methods to secure data that quantum computing could potentially render insecure. Another challenge with the advent of quantum computing is that today’s data might be intercepted while encrypted, stored, and then decrypted by quantum computers once available.

The timeline for this to happen could be closer than we think – some estimates showing this could be only 10 years from now.

The quantum threat to today’s cryptography

Current asymmetric encryption systems such as RSA depend on the complexity of factoring large numbers—a task technically feasible but prohibitively time-consuming for classical computers, potentially taking millions of years. In contrast, this becomes trivial for quantum systems by executing Shor’s algorithm, which can solve these problems exponentially faster.

Quantum computing thus renders many of today’s encryption methods ineffective, exposing Internet-based traffic to “harvest now, decrypt later” attacks as adversaries store encrypted data so they can decrypt it once quantum decryption becomes feasible.

Medical records, financial transactions, operational information for critical infrastructure such as power grids, water systems, and transportation networks, along with data related to national security are all potential targets for cybercriminals and nation-state actors who are waiting for the opportunity to decrypt and exploit this.

Ensuring that traffic traverses known and trusted networks can reduce the opportunities for data interception by adversaries, but with today’s Internet, senders have little control over the network paths where their data travels. Traffic follows the best path as selected by the network, and intermediate hops are not authenticated by the sender or receiver.

How to quantum-proof your infrastructure

Upgrade to quantum-safe algorithms
While upgrading to quantum-safe algorithms represents the ultimate solution to the quantum threat, it is a complex and time-consuming process. The National Institute of Standards and Technology (NIST) only approved the first set of quantum-resistant algorithms in mid-2024, and these new algorithms are still being tested and are not yet widely adopted. This means that making immediate upgrades is challenging and potentially risky. In addition, making inventories of legacy systems, involving partners and vendors, and upgrading them will inevitably require a long time.

Keep your critical communication on private links
Another approach to mitigate interception risks is to isolate critical systems from the Internet, keeping communications on dedicated lines. However, such setup is only possible over a single ISP and is designed for point-to-point or intra-organization connectivity, so is less suited to cloud environments or cases with numerous edge locations / remote users. Another option is to deploy a quantum-safe VPN or SD-WAN to encapsulate critical traffic. However, these still have limited path control capabilities and each vendor has its own proprietary standards which limit interoperability and risk vendor lock-in.

Choose secure network paths with SCION
SCION limits the exposure of your data to only trusted networks. Users, by selecting authenticated network paths, can reduce the risk of data being hijacked and intercepted by adversaries while in transit. In addition, SCION allows splitting data across multiple paths, making it more challenging for an on-path adversary to intercept all communication paths to decrypt it later. This, in conjunction with other mechanisms, makes SCION a powerful defense to mitigate post-quantum risks.

Is SCION quantum-resistant?

While most implementations are not yet fully quantum-resistant, SCION’s built-in cryptographic agility allows for a smooth upgrade. Indeed, a quantum-safe SCION network is already live.

SCION path control feature reduces attack surface for “harvest now, decrypt later” attacks

SCION is designed to ensure that data flows through predetermined secure paths, thereby reducing the risks of interception by off-path adversaries and providing an added layer of security. The SCION data plane leverages message authentication codes (MACs) that are based on symmetric encryption, known to be safe from quantum computers.

SCION’s cryptography (PKI) can be readily upgraded to be quantum-resistant

As of February 2025, most SCION PKI implementations use ECDSA curves, therefore they are not yet quantum-safe. However, cryptographic agility is a core design principle behind SCION, meaning that SCION PKI certificates can be swiftly upgraded to quantum-resistant algorithms. This adaptability makes SCION an excellent solution for securing critical communications against quantum threats.

SCION networks, such as the Secure Swiss Finance Network, are constructed within a uniform trust environment (ISD) with its own Trust Root Configuration (TRC) – a collection of X.509 certificates negotiated through a member-driven voting mechanism. To join a SCION network, each member must obtain a certificate from the ISD’s Public Key Infrastructure (PKI) which is independent of third-party Certificate Authorities (CAs).

Each network’s root of trust, i.e., the trust root configuration (TRC), is periodically updated. Intermediate certificates also undergo frequent rotations every three days as in typical deployments. As such, SCION networks can be incrementally updated, as demonstrated by our experimental quantum testbed in Singapore.

The SCION quantum-safe deployment in Singapore

To demonstrate the viability of post-quantum security using SCION, an experimental testbed was jointly developed by the Network Security Group at ETH Zurich, the Singapore ETH Centre, the Fraunhofer Institute Singapore, and the National University of Singapore (NUS) / National Quantum-Safe Network (NQSN).

This testbed leverages an upgraded version of the SCION PKI that makes use of the CRYSTALS-Dilithium quantum-safe algorithm that is now used by the NIST FIPS 204 standard. Additionally, it extends the secure exchange of keys using the DRKey protocol to support Quantum Key Distribution (QKD). With these additions, a proof-of-concept application was also developed where peer networks can select the level of security of their communications, such as requiring a PQC control plane, QKD-enabled DRKeys, split messages through disjoint paths, and others.

The testbed network and its proof-of-concept application were showcased at various venues in Singapore, including the “SEC-ETH-DAY” at ETH Singapore, “Quantum Security” at the Fraunhofer QUASAR-CREATE workshop, and before the BMI and AA delegation during the “Singapore International Cyber Week”.

CONCLUSION

For critical infrastructure and custodians of information who are at risk of having their data intercepted and read a decade from now, SCION can help mitigate the risk by providing trusted domains and secure and reliable paths that ensure data only flows through trusted networks.

As quantum computing continues to evolve, the deployment of technologies such as SCION will be crucial in safeguarding the future of global digital communications. SCION is ready for it!