Beyond Post-Quantum Cryptography: The Emerging Security Risks in Quantum Computing
Mohamed Yassine Ferjani
SubscribeSign in
Beyond Post-Quantum Cryptography: The Emerging Security Risks in Quantum Computing<br>What happens when your secrets run on someone else's quantum computer ?
Mohamed Yassine Ferjani<br>Jun 12, 2026
Share
Billions of dollars are pouring into quantum computing.<br>Governments are funding national quantum programs. Technology giants are investing heavily in quantum hardware. Every few months, another breakthrough makes headlines: a new error-correction milestone, a larger quantum processor, a more scalable architecture.
The progress is encouraging. Judging by recent results and the roadmaps of the major quantum hardware companies, I believe fault-tolerant quantum computers are not far away.
And whenever quantum computing enters the news, the security discussion almost always goes in the same direction: what happens when quantum computers break today’s encryption?<br>It’s an important question. Enterprises must migrate to post-quantum cryptography to protect against that threat. But you’ve heard this story a thousand times already.<br>Here, we’re addressing another problem:<br>What happens when you run your most valuable secrets on a remote quantum computer owned by someone else?
Most people think about quantum computers as a future threat to classical systems. Far fewer think about the security of the quantum computers themselves.<br>Yet as quantum computing increasingly moves into the cloud, new security concerns are emerging: side-channel attacks between users, malicious quantum circuits, and cloud providers with complete technical visibility into customer workloads.<br>We spend enormous effort worrying about quantum computers breaking privacy, while paying relatively little attention to the privacy risks of using quantum computers.<br>This concern isn’t hypothetical. Researchers have already demonstrated attacks on real quantum hardware.<br>The quantum cloud trust problem
The first thing to understand is that almost nobody owns a quantum computer.<br>Quantum processors are expensive, complex machines that require highly specialised environments. Most users access them through cloud platforms operated by companies such as IBM, Google, Amazon, Microsoft, Quantinuum, IonQ, and others.<br>This model is convenient. It is also where the security questions begin.<br>In classical cloud computing, we have spent decades developing mechanisms to reduce trust in the provider. Technologies such as trusted execution environments, confidential computing, secure enclaves, and homomorphic encryption aim to ensure that cloud operators cannot inspect sensitive workloads.<br>Quantum computing is not there yet.<br>Today, when a quantum job reaches a cloud provider, the provider generally has access to the circuit description, the compilation pipeline, the execution environment, and the measurement process. The computation ultimately runs on hardware fully controlled by the provider.<br>This creates a fundamental trust assumption.<br>Imagine a pharmaceutical company searching for a new drug candidate, or a biotech firm analyzing patient DNA. In these scenarios, the value is not only in the data being processed or the results being produced.<br>The quantum circuit itself (the algorithm) is the IP
Today, trust is primarily contractual.<br>The long-term goal should be cryptographic trust.
Multi-tenant quantum computers: when your neighbour becomes the attacker
Now suppose we trust the quantum computer provider. Could another customer still attack us?<br>To answer that, you need to know where the quantum cloud is heading: multi-tenancy.<br>Today, most quantum jobs run one at a time. Your circuit gets the machine for a moment, then the next user’s job takes over. Simple but wasteful.<br>As processors grow toward thousands of qubits, the economics push in one direction: share the chip. Multiple users, same processor, same time, each on their own patch of qubits. This is essential for making quantum computing more accessible and efficient, especially given the high cost of quantum hardware.<br>To be clear, multi-tenancy is not standard practice on the major platforms yet. But demand for scarce hardware keeps growing, and researchers widely expect it as machines scale. The classical cloud went through exactly the same transition, for exactly the same reasons.<br>Which is why security researchers are probing it now, before it ships.<br>In superconducting quantum computers, operations performed on one set of qubits can unintentionally influence nearby qubits through a phenomenon known as crosstalk. Engineers typically view crosstalk as a source of noise that must be minimised.<br>Security researchers see something else.<br>If the “noise” observed by one user depends on what another user is computing, that noise becomes a potential side channel.
In 2025, researchers demonstrated that crosstalk signatures could be used to infer structural information about a victim’s quantum...