阿德里安·科勒萨与索林·博洛斯_从武器到目标量子计算机悖论.pdf

1、FromWeapontoTarget:QuantumComputersParadoxMdlina BSorin Bolos,sorin.bolostransilvania-Adrian Coles,Andrei KAndrei Lut,as,Dan Lut,as,Radu Mrgineanradu.margineantransilvania-Andrei MRadu PMiruna Ros,August 2,2024Executive SummaryThe impact of quantum computing on the classical computing based cybersec

2、urityhas been discussed extensively over the past 30 years.This led to development ofthe so-called post-quantum cryptography.In the same time,relatively little atten-tion has been paid to the security of quantum computers.This paper examinesissues related to the security of quantum computers and qua

3、ntum computing pro-cess.We investigated in this direction trying to identify possible vulnerabilities andattack vectors in the most popular quantum computing infrastructures.We looked at the main quantum computer providers,like IBM and IonQ,andthe different ways their resources could be used by end

4、users.Furthermore,weanalyzed the most popular quantum software development kits,like Qiskit,andthe entire quantum programming workflow they imply.The result of our analysis is a set of threat models and attack vectors on the dif-ferent phases of the quantum programming workflow.For some identified a

5、ttackvectors we derived proof-of-concept attacks.In the realm of classical attacks on classical computing resources,in particular,on quantum computing software stack,including the cloud services that must beused to let end users access centralized quantum computers,we identified flawsregarding the w

6、ay authentication tokens are managed,which make them vulner-able to being stolen and used to impersonate victim users.In the same class ofattacks,we developed one that corrupts quantum SDKs packages to transparentlytamper with end users quantum circuits,injecting attackers circuits alongside vic-tim