As the United Nations declared 2025 the International Year of Quantum Science and Technology, India faces a critical choice: chase the mirage of quantum computing supremacy or secure the nation’s digital infrastructure today. Whilst headlines celebrate qubit milestones, a more urgent reality lurks: Adversaries are harvesting encrypted data now to decrypt later when quantum computers mature.
Union Communications Minister Jyotiraditya Scindia’s declaration that “quantum computing is not just another step forward but a giant leap” must be balanced with an uncomfortable truth: India’s quantum security deficit poses a greater existential threat than its quantum computing gap.
Quantum Security vs Quantum Computing: The Critical Distinction
The global conversation conflates two fundamentally different challenges. Quantum computing – building machines with 50-1,000 qubits- represents an aspirational technology race where India trails significantly. Quantum security, on the other hand, protecting today’s critical infrastructure from tomorrow’s quantum threats, is an immediate national security crisis where India can and must lead.
Consider the mathematics: Shor’s algorithm, running on a sufficiently powerful quantum computer, can break RSA and Elliptic Curve Cryptography (ECC) that protect 90% of internet communications. Every UPI transaction, Aadhaar authentication, defence communication, and classified file transmitted today using current encryption could be retroactively decrypted within years. This “harvest now, decrypt later” threat means adversaries are already capturing India’s encrypted data from defence networks to BFSI systems, betting that quantum computers will unlock these secrets by 2026-2028. Earlier it was estimated that Quantum computers will arrive between 2026 to 2030, but given the last year’s significant development in Quantum Computing, the scenario is changing fast with maturity of product launches.
As cybersecurity expert Robert Burns warned, “A practical quantum computer could not only render traditional online activities insecure; it could break most of the security underpinning the internet”. For India, this isn’t theoretical. Ajai Chowdhry, NQM Chairman, grimly noted, “During the Galwan incident, China brought down India’s electrical grid at the border without using quantum technology. Imagine the threats once quantum computing reaches full potential”.
The Zero Trust Imperative: Never Trust, Always Verify
Quantum threats demand architectural transformation beyond encryption upgrades. Zero Trust Architecture (ZTA)—the principle of “never trust, always verify”—becomes non-negotiable. ZTA assumes every user, device, and application is a potential threat, requiring continuous authentication through:
- Least Privilege Access: Grant only necessary rights, containing breaches
- Continuous Verification: Real-time behaviour analysis, not static trust
- Micro-Segmentation: Network compartments preventing lateral movement
- Quantum-Safe Protocols: Hybrid PQC+QKD encryption layers
Cisco’s research shows 73% of US organisations believe quantum threats are imminent, yet 81% admit inadequate preparation. India cannot afford such complacency.
India’s Quantum Security Reality: QNu Labs Leads the Charge
Whilst India’s 7-qubit quantum computer struggles for relevance, QNu Labs, a Bengaluru-based startup incubated at IIT Madras, demonstrates that India can lead in what matters most: quantum security deployment.
Major Deployments Achieved
- 500+ Kilometre QKD Network (2025): QNu demonstrated India’s first extensive Quantum Key Distribution network over existing optical fibre infrastructure under the National Quantum Mission, announced at ESTIC 2025 by Dr Jitendra Singh. Engineered by Southern Command Signals across Rajasthan’s Corps network with trusted nodes, this represents operational quantum-secure communications—not laboratory demonstrations.
- India’s Critical Sector Deployment (2024): Delivered 25 Armos QKD systems, marking India’s largest quantum security implementation. These protect naval communications against current and future threats.
- Army Networks (2022-2024): Winner of iDEX Open Challenge 2.0, QNu deployed 150-km QKD systems with trusted nodes for the Indian Army. Secured wireless networks at MCEME and MCTE using Quantum-secure VPN solutions combining QRNG with NIST-approved Post-Quantum Cryptography.
- QShield Platform (April 2025): Launched on World Quantum Day, QShield is the world’s first unified quantum-safe cryptography management platform across cloud, on-premises, and hybrid environments. It integrates QKD, Quantum Random Number Generators (QRNG), and Post-Quantum Cryptography into enterprise-grade SaaS.
- Global Reach: QNu’s Armos QKD systems deployed to Middle Eastern clients, many PSUs, payment providers, global banks, large telco giants, and showcased at India Mobile Congress 2025 with Quantum Safe networks demonstrated at DST, BSNL and TEC booths.
- A total of 30+ deployments have been made across the globe, with growth continuing to be strong.
- National Quantum Mission Support: As one of eight startups funded under NQM, QNu received investment from NQM. QNu’s products are available on the Government e-Marketplace (GeM) for nationwide procurement and have been tested, validated, and certified by various national and global bodies – TEC, TUV, VAPT, and more.
The Policy Imperative: From Ambition to Execution
Prof Abhay Karandikar’s celebration of NQM progress must translate into quantum security mandates, not just quantum computing aspirations.
Immediate Policy Actions Required:
Quantum Security Task Force under NQM
NQM/DST led Quantum Security Task Force should produce sector-wise quantum-safe transitions:
- BFSI: RBI’s 2024 directive urging banks to inventory cryptographic protocols needs enforcement deadlines, not suggestions
- Telecommunications: TEC’s QKD and Quantum-safe Cryptographic Systems standards must become licensing requirements by 2027
- Defence & Government: Accelerate QNu-style deployments across all critical networks
- Critical Infrastructure: Power grids, railways, airports to quantum-secure by 2026 (phase 1) and complete by 2027-2028.
Leverage the ₹1 Lakh Crore RDI Fund
Prime Minister Modi’s ₹1 lakh crore Research, Development and Innovation Scheme launched at ESTIC 2025 explicitly prioritises quantum technologies. Dr Jitendra Singh emphasised RDI addresses the “persistent gap between laboratory research and commercialisation”.
Allocate ₹10,000-15,000 crore specifically for quantum security infrastructure:
- ₹5,000 crore: National quantum-safe network buildout
- ₹3,000 crore: Indigenous component manufacturing (SPDs, encryptors, QRNGs)
- ₹2,000 crore: Startup ecosystem (target 50 quantum security companies)
- ₹2,000 crore: Talent retention programmes
Stop the Brain Drain
India ranks second globally in quantum-related graduates after the European Union yet top talent migrates to US, EU, and China’s better-funded programmes. Quantum Scientists in India command ₹14-17 lakh entry salaries- competitive domestically but nowhere near international offers.
Solutions
- Fast-track Promotion: TRL 7+ quantum security products qualify for Government procurement premium pricing
- Equity Participation: RDI Fund recipients must offer employee stock options
- Quantum Hubs: Establish five regional quantum security centres (Bengaluru, Pune, Hyderabad, Delhi, Kolkata) with world-class facilities
- Global Reverse Migration: Target diaspora quantum scientists with ₹50 lakh-₹1 crore packages plus research funding
Indigenous Supply Chain Development
QNu and startups struggle with foreign dependency on photonic components, FPGAs, single photon detectors—all dominated by Chinese suppliers. The ₹720 crore quantum fabrication facilities must prioritise security hardware over computing chips.
The 2035 Vision: Quantum Security Leader
India’s December 2025 quantum roadmap targets 50% of global quantum software markets and 10 globally competitive startups by 2035. This is achievable—but only if we prioritise differently.
Revised Priorities
- Security First (2026-2028): Quantum-secure all critical infrastructure
- Commercial Scale (2029-2032): 100+ quantum security deployments globally
- Computing Competence (2033-2035): Leverage security revenues to fund computing R&D
Chowdhry’s warning resonates, “India must prioritise quantum security to safeguard critical infrastructure, financial systems, and national security”. His pragmatism offers the path: “We will create our own quantum computers. For the period we don’t have a quantum computer, we’ll buy a few quantum computers to do research on.”
The Honest Calculus
As Minister Scindia urged India to “step into the quantum age with boldness, brilliance, and a clear sense of purpose” that purpose must be crystal clear: secure India’s digital sovereignty today, not chase quantum computing supremacy tomorrow.
The question isn’t whether India can build a 1,000-qubit computer by 2031. The question is whether India’s banks, defence networks, and critical infrastructure will remain secure when China or the US achieves quantum supremacy. QNu Labs proves India has the technology. The ₹1 lakh crore RDI Fund provides the capital. The National Quantum Mission offers the framework. What’s missing is the courage to prioritise protection over aspiration—to recognise that in quantum technology, security isn’t a subset of computing; it’s the foundation of digital sovereignty.
As Chowdhry wisely noted, “Don’t ask what quantum earns next year. Ask what India loses if we don’t build it now”. For India, the clock is ticking not in qubits, but in harvested encrypted data awaiting decryption.
The writer is Chief Marketing Officer at QNu Labs, India’s pioneering quantum cybersecurity company incubated at IIT Madras. An IIM-Calcutta alumnus with 22+ years of global marketing leadership, she has led quantum security thought leadership initiatives positioning India’s “Made in India, Made for the World” quantum capabilities across defence, government, and enterprise sectors globally
