Quantum computing promises extraordinary power, but that same power may expose new security weaknesses.
Quantum computers are expected to deliver dramatic gains in processing speed and capability, with the potential to reshape fields ranging from scientific research to commercial innovation.
However, those same advantages could also make these machines attractive targets for cyberattacks, according to Swaroop Ghosh, a professor of computer science and electrical engineering at the Penn State School of Electrical Engineering and Computer Science.
Ghosh and co-author Suryansh Upadhyay, who recently earned his doctorate in electrical engineering from Penn State, examined these concerns in a new research paper that outlines key security weaknesses in current quantum computing systems. Published in the Proceedings of the Institute of Electrical and Electronics Engineers (IEEE), the study argues that protecting quantum computers will require more than software safeguards, emphasizing the importance of securing the underlying hardware as well.
In a question-and-answer discussion, Ghosh and Upadhyay explore how quantum computers differ from traditional machines, why their unique design introduces new security challenges, and what steps developers can take now to better protect these emerging technologies as they move closer to widespread use.
Q: What makes a quantum computer different from a traditional computer?
Ghosh: Traditional computing works using units of information called bits, which you can picture as a light switch in the “on” or “off” position. These positions are assigned values of one or zero, with one representing on and zero representing off. We program computers by using algorithms or educated guesses to develop the best possible solution for a problem, compiling this solution to generate machine-level instructions — directions specifying which bits need to equal one and which bits need to equal zero — that the computer follows to execute a task.
Quantum computers are built on quantum bits, or qubits. These qubits are much more versatile than standard bits, capable of effectively representing one, zero, or both at the same time, otherwise known as a superposition. These qubits can also be linked to one another, known as entanglement. By incorporating superpositions and entanglement into decision-making, quantum computers can process exponentially more data than bit-powered computing systems, while using an equivalent number of qubits.
This is useful for improving workflows in many industries, since quantum computers can process information much faster than traditional computers. One example is the pharmaceutical industry, where quantum computing can quickly process data and predict the efficacy of potential new drugs, significantly streamlining the research and development process. This can save companies billions of dollars and decades spent researching, testing, and fabricating innovative drugs.
Q: What are some of the main security vulnerabilities facing quantum computers right now?
Upadhyay: Currently, there is no efficient way to verify the integrity of programs and compilers — many of which are developed by third parties — used by quantum computers at scale, which can leave users’ sensitive corporate and personal information open to theft, tampering, and reverse engineering.
Many quantum computing algorithms have businesses’ intellectual property integrated directly in their circuits, which are used to process highly specific problems involving client data and other sensitive information. If these circuits are exposed, attackers can extract company-created algorithms, financial positions, or critical infrastructure details.
Additionally, the interconnectedness that allows qubits to operate so efficiently inadvertently creates a security vulnerability — unwanted entanglement, known as crosstalk, can leak information or disrupt computing functions when multiple people use the same quantum processor.
Q: What are current commercial quantum providers doing to address the security concerns? Can they use the same security methods implemented in traditional computers?
Upadhyay: Classical security methods cannot be used because quantum systems behave fundamentally differently from traditional computers, so we believe companies are largely unprepared to address these security faults. Currently, commercial quantum providers are focused on ensuring their systems work reliably and effectively.
While optimization can indirectly address some security vulnerabilities, the assets unique to quantum computing, such as circuit topology, encoded data, or hardware-coded intellectual property systems, generally lack end-to-end protection. Since quantum computers are still a relatively new technology, there is not much incentive for attackers to target them, but as the computers are integrated into industry and our day-to-day life, they will become a prime target.
Q: How can developers improve security in quantum computers?
Ghosh: Quantum computers need to be safeguarded from ground up. At the device level, developers should focus on mitigating crosstalk and other sources of noise — external interference — that may leak information or impede effective information transfer.
At the circuit level, techniques like scrambling and information encoding must be used to protect the data built into the system.
At the system level, hardware needs to be compartmentalized by dividing business data into different groups, granting users specific access based on their roles, and adding a layer of protection to the information. New software techniques and extensions need to be developed to detect and fortify quantum programs against security threats.
Our hope is that this paper will introduce researchers with expertise in mathematics, computer science, engineering, and physics to the topic of quantum security so they can effectively contribute to this growing field.
Reference: “A Primer on Security of Quantum Computing Hardware” by Swaroop Ghosh, Suryansh Upadhyay and Abdullah Ash Saki, 20 November 2025, Proceedings of the IEEE.
DOI: 10.1109/JPROC.2025.3630989
Other co-authors include Abdullah Ash Saki, who recently received his doctorate in electrical engineering from Penn State. This work was supported by the U.S. National Science Foundation and Intel.
Never miss a breakthrough: Join the SciTechDaily newsletter.
Follow us on Google and Google News.
1 Comment
Quantum computing gives yet more power to politicians and their police.
That’s the security risk to us all.