Author – Tanuja Goria (National Law Institute Bhopal)
Abstract
In the rapidly evolving landscape of technology, two disruptive forces—quantum computing and artificial intelligence (AI)—are poised to redefine the paradigms of cybersecurity. Quantum computing threatens to dismantle the foundational cryptographic systems that secure our digital world, while AI introduces sophisticated methods for both defending and attacking these systems. As these technologies mature, they present a dual challenge: safeguarding against the quantum threat and mitigating AI-driven cyberattacks. For India, a nation with burgeoning digital infrastructure and ambitions to be a global tech leader, the question arises: Is India prepared to navigate and secure its cyberspace against these emerging threats?
The Quantum Threat to Cryptography
Traditional cryptographic systems, such as RSA (Rivest–Shamir–Adleman) and ECC (Elliptic Curve Cryptography), rely on the computational difficulty of problems like integer factorization and discrete logarithms. These problems are considered hard for classical computers, ensuring the security of encrypted data. However, quantum computers, leveraging algorithms like Shor’s algorithm, can solve these problems exponentially faster, rendering current encryption methods vulnerable.
For instance, a sufficiently powerful quantum computer could factorize large integers used in RSA encryption, compromising the confidentiality of sensitive data. Similarly, Grover’s algorithm offers a quadratic speedup for unstructured search problems, effectively reducing the security of symmetric key algorithms like AES by half. This means that AES-256, considered highly secure today, would offer only AES-128 level security in a quantum context.
Recognizing these impending threats, the U.S. National Institute of Standards and Technology (NIST) has initiated efforts to standardize post-quantum cryptographic (PQC) algorithms. Notable among these are :
- CRYSTALS-Kyber is a cryptographic protocol based on lattice structures, designed to facilitate secure key exchanges.
- CRYSTALS-Dilithium is a lattice-based digital signature algorithm that guarantees the authenticity and integrity of messages.
- SPHINCS+: A stateless hash-based signature scheme offering strong security guarantees.
These algorithms aim to provide security against both classical and quantum adversaries, ensuring the longevity of encrypted communications in the quantum era.
AI-Driven Cybersecurity Challenges
While quantum computing presents a future threat, AI introduces immediate and evolving challenges to cybersecurity. AI’s capabilities in data analysis, pattern recognition, and decision-making have been harnessed to both bolster and breach security systems.
Automated and Intelligent Attacks
AI enables the automation of cyberattacks, allowing malicious actors to identify vulnerabilities, craft phishing emails, and deploy malware with unprecedented efficiency. Machine learning models can analyze vast datasets to uncover system weaknesses, making attacks more targeted and effective.
Adversarial Machine Learning
Attackers can exploit the very AI systems designed to protect us. By introducing subtle perturbations to input data, adversaries can deceive machine learning models, causing misclassifications or erroneous decisions. This is particularly concerning in applications like facial recognition or intrusion detection systems.
Deepfakes and Social Engineering
AI-generated deepfakes—synthetic media where a person’s likeness is convincingly replicated—pose significant threats to identity verification and trust. These can be used in social engineering attacks, where individuals are manipulated into divulging confidential information or performing actions that compromise security.
India’s Readiness: Current Initiatives and Gaps
India has recognized the significance of quantum and AI technologies, initiating several programs to bolster its capabilities. However, challenges remain in terms of implementation, standardization, and workforce development.
National Quantum Mission (NQM)
In April 2023, the Indian government approved the National Quantum Mission with a budget of ₹6,003.65 crore, aiming to develop quantum technologies over an eight-year period. The mission’s objectives include:
- Developing intermediate-scale quantum computers with 50–1000 qubits.
- Establishing satellite-based secure quantum communications over distances up to 2000 km.
- Creating inter-city quantum key distribution (QKD) networks.
- Advancing quantum sensing and metrology applications.
Four Thematic Hubs (T-Hubs) have been established in premier institutions:
- IISc Bengaluru: Focus on quantum computing.
- IIT Madras and C-DOT: Quantum communication.
- IIT Bombay: Quantum sensing and metrology.
- IIT Delhi: Quantum materials and devices.
These hubs aim to foster research, development, and collaboration in their respective domains.
Artificial Intelligence Initiatives
India’s AI strategy encompasses various programs:
- National Mission on Interdisciplinary Cyber-Physical Systems (NM-ICPS): With a budget of ₹3,660 crore, this mission supports research in AI, machine learning, and related technologies.
- AI Safety Institute: Announced in January 2025, this institute focuses on ensuring the ethical and safe application of AI models, promoting domestic R&D aligned with India’s diverse socio-economic context.
Challenges and Gaps
Despite these initiatives, several challenges hinder India’s preparedness:
- Lack of Indigenous PQC Standards: India currently relies on international standards like those from NIST. . Developing indigenous PQC frameworks tailored to India’s specific needs is crucial for strategic autonomy.
- Workforce Shortage: There’s a significant gap in professionals trained in quantum computing, cryptography, and AI-driven cybersecurity.
- Legacy Systems: Critical sectors, including banking and defense, often operate on outdated infrastructure, making the transition to quantum-safe systems complex.
- Private Sector Engagement: While startups like QNu Labs have made strides in quantum cybersecurity, broader industry participation and investment are needed.
The Way Forward: Strategies for Enhanced Preparedness
To address the dual challenges posed by quantum computing and AI, India must adopt a multifaceted approach:
1. Develop Indigenous PQC Standards
Establishing national standards for post-quantum cryptography will ensure that encryption methods are tailored to India’s unique requirements and threat landscape. Collaboration between government agencies, academia, and industry is essential to achieve this goal.
2. Invest in Education and Workforce Development
Integrating quantum computing and AI cybersecurity into academic curricula will cultivate a skilled workforce. Scholarships, research grants, and specialized training programs can attract talent to these critical fields.
3. Modernize Infrastructure
Upgrading legacy systems in critical sectors to be quantum-resistant is imperative. This involves not only technological enhancements but also policy reforms to mandate such transitions.
4. Foster Public-Private Partnerships
Encouraging collaboration between government bodies and private enterprises can accelerate innovation and deployment of quantum and AI technologies. Incentives for startups and established companies to invest in R&D will be beneficial.
5. Enhance International Collaboration
Participating in global initiatives and forming alliances with countries leading in quantum and AI research can facilitate knowledge exchange and joint development of security protocols.
Conclusion
To fully benefit from the rise of quantum computing and AI while staying safe from their risks, India should take bold and timely steps. It is important to increase investment in research, build strong digital infrastructure, and train a skilled workforce that can handle future technologies.
India must also focus on creating its own cybersecurity standards to reduce dependence on foreign systems. Modernizing outdated systems will ensure we are prepared for quantum threats. At the same time, encouraging collaboration between the government, private sector, startups, and academic institutions can drive innovation and faster progress.
By acting now, India can become a secure, self-reliant, and leading nation in the global cybersecurity space shaped by AI and quantum technologies.
FAQ’s
1. What is Post-Quantum Cryptography (PQC)?
Post-Quantum Cryptography refers to cryptographic algorithms that are secure against attacks by both classical and quantum computers. Unlike traditional encryption methods like RSA and ECC, PQC uses mathematical problems that even quantum computers find hard to solve, such as lattice-based, code-based, or hash-based systems.
2. Why is quantum computing a threat to current encryption systems?
Quantum computers can run algorithms like Shor’s algorithm, which can efficiently factor large numbers and compute discrete logarithms—making them capable of breaking RSA and ECC encryption. This would make encrypted data accessible to unauthorized users once quantum computers become practically viable.
3. What are CRYSTALS-Kyber and CRYSTALS-Dilithium?
These are quantum-safe cryptographic algorithms selected by the U.S. National Institute of Standards and Technology (NIST).
- CRYSTALS-Kyber is used for secure key exchange.
- CRYSTALS-Dilithium is used for digital signatures.
They are based on lattice cryptography and are resistant to quantum attacks.
4. How is AI affecting cybersecurity?
AI has both defensive and offensive applications in cybersecurity:
- Offensively, it enables faster, automated attacks, deepfakes, and adversarial examples that can fool AI systems.
- Defensively, it helps detect threats faster, automate responses, and predict vulnerabilities.
