Written by the Center of Security Studies (KEMEA)
Quantum technologies are evolving at a quick pace. For Europe’s Law Enforcement Agencies’ (LEAs) security operations, their impact will be profound as quantum tools both help out and pose challenges at the same time: while they offer never-seen-before capabilities and applications, they also threaten to efficiently undermine the cryptographic foundation upon which data and communications are being protected. To that effect, the question is no longer whether quantum technologies will reshape security challenges and security responses, but whether LEAs will be ready.
Herein lies the quantum security paradox. While quantum technologies can infiltrate cryptographic systems such as the most commonly used RSA (Rivest–Shamir–Adleman) and ECC (Elliptic Curve Cryptography), making data vulnerable to the “harvest now, decrypt later” attacks, at the same time, quantum sensing and analytics offer operational benefits to LE. Thus, as is often the case with technology, the threats and the opportunities are emerging in parallel, LEAs must navigate them with outdated legacy systems, procurement red tape, and limited technical expertise and/or capacity.
Priority number 1 is quantum-safe cryptography. With the National Institute of Standards and Technology’s (NIST is a U.S. government agency that creates technical standards used globally to ensure interoperability) post quantum standards now established, the EU shall start the transition to new cryptographic algorithms like CRYSTALS Kyber (stands for Cryptographic Suite for Algebraic Lattices) and Dilithium. While KYBER pertains to encryption, Dilithium involves digital signatures. Yet, Post-Quantum Cryptography (PQC) adoption is not just another simple upgrade. LEAs face hurdles such as interoperability issues and the need for migration roadmaps that account for long term data retention.
Then, there is quantum enhanced sensing, with technologies such as quantum magnetometry, quantum radar, and ultra sensitive imaging that aim to assist in border control, counter terrorism, search and rescue, and forensic analysis. These tools shall be quite useful but require integration into legal frameworks and operational workflows.
Another domain is quantum-accelerated analytics, which addresses the growing data burden in modern investigations. While early testing in fraud detection and cybersecurity already shows promising results, faults still exist.
To employ these opportunities, the EU should bridge the gap between research, industry, and law enforcement, and not only co design methodologies and share testbeds, but also organise cross-sector training to ensure that quantum technologies are aligned with real operational needs. Ultimately, building quantum secure ecosystems is essential for ensuring that LEAs remain resilient, updated, and efficient. This is the only way to ensure that quantum technologies will eventually strengthen public safety rather than damage it.
