IBM’s z17 Embraces the Quantum Countdown With Safety in Mind
There is the ever-so-slight possibility that by the time you read this, quantum computers will have become capable of breaking cryptography that, as of this writing in summer 2025, is considered unbreakable.
“We don’t really know when a quantum computer is going to actually be present that can break the cryptography that we’re using,” said Anne Dames, an IBM Distinguished Engineer who works in cryptographic technology development. Some estimates foresee the post-quantum age arriving within five years.
Dames spoke with TechChannel about the quantum-safe capabilities of the new mainframe at IBM’s z17 launch event in April. While much of the excitement around the z17 has focused on its AI capabilities, the system is also embracing the other nascent, much-ballyhooed technology of the mid-2020s.
Y2Q is Coming
The indeterminate date when quantum computers will be able to break encryption is known as Y2Q, in honor of the last time the forces of computer science were mustered to meet a massive, looming threat. Thanks to monumental efforts, the Y2K bug did not bring down the world’s computer systems as was feared.
But back then, the software engineers had the luxury of a deadline; they had until Jan. 1, 2000, to make sure computers wouldn’t mistake the year 2000 for 1900 due to the two-digit programming problem.
This time, the cybersecurity world doesn’t know when the quantum threat will manifest itself. That’s because, as Dames explained, if a group was on the cusp of a crypto-busting breakthrough, they wouldn’t advertise it. But if predictions that Y2Q is five years away are correct, “that’s not a lot of time in the development landscape,” Dames said.
Quantum computing leverages the power of the quantum bit (qubit), which, unlike the binary bit, exists in a state of superposition—as both 1 and 0 until measured. Though difficult to leverage practically due to a high susceptibility to error, quantum computing can provide an exponential power increase over classic computing, bringing that much more force to bear in compute-intensive cryptography-cracking ventures.
IBM is stressing the threat with the release of the z17, set for general availability June 8. “We start with a platform that really has quantum-safe technology baked in to protect the infrastructure,” Dames said. “Then, we enable the clients by providing hardware security modules so that they can use those algorithms to protect their applications and data. And then we provide tooling to help you figure out your strategy and help you understand where you’re using crypto, so that you can be prepared to address the most critical areas first.”
Post-Quantum Algorithms
Quantum-safe capabilities first came to the mainframe with the introduction of the z16. As Y2Q gets closer, IBM has built upon that security architecture.
To protect its infrastructure, the z17 leverages “post-quantum” algorithms that have been selected by the National Institute of Standards and Technology (NIST) as standard security tools for the new paradigm. IBM Research, along with its academic and industry partners, developed three of those standardized algorithms, Dames explained.
Available for both the z16 and z17, the Crypto Express 8S module lets applications access the algorithms. “Applications encrypt data or decrypt data, or generate digital signatures or establish keys. Those algorithms are present there in the hardware security module to help with those needs,” Dames said.
But first, effectively deploying these tools requires analysis of the systems they will help protect. “We [users] still need to go through that process of evaluating all of our applications and infrastructure to understand where there are quantum vulnerabilities,” Dames said. “… Customers, vendors, everyone will have to go in and take a look at where they’re using cryptography so that they can make sure that they have protected against the vulnerabilities associated with an attack that might be launched from a quantum computer.”
With that in mind, the z17 features a new solution called IBM Z Crypto Discovery and Inventory. “This tool is going to help inventory the use of crypto by collecting data from different sources on the platform and providing a view to see where cryptography is used,” Dames explained. Then—with the help of watsonx Code Assistant for Z, Dames said—the fixing can begin.
Industry Adoption
How large Y2Q looms in the minds of IBM clients depends on how big their assets are, Dames noted. Those who will most urgently adopt the technology will be those with the most to lose. “Think about your banks, think about your organizations that have IP that they want to keep secret. Think about organizations like governments that are protecting secrets that they really need to keep safe. Some of those organizations, they are all-in on developing a strategy, figuring out what they need to do,” Dames observed.
Other organizations will adopt quantum-safe technologies “because number one, they want to be safe,” she said. “And number two, regulation is eventually going to require it. Because what happens is, as those algorithms are published, then they get incorporated in industry standards. And when they get incorporated in industry standards, that means there’s a compliance requirement coming their way.”
Attackers Lie in Wait
While the cybersecurity professionals prepare for Y2Q, their foes are making their own plans as they wait for quantum computing to become practical. One way they can ready their attacks is the “harvest now, decrypt later” approach. “If they’re able to harvest that communication and it has something significant in it, then they can use a quantum computer, when one is available, to decrypt that data and get at those secrets,” Dames warned. “Because some data stays secure for many years, and that’s the data that’s most at risk.”
Compounding the quantum security challenge is the fact that bad actors may not even have to acquire their own quantum computer to wreak havoc. “That might be in the cloud,” Dames said. “He [the attacker] doesn’t have to have a quantum computer. He’ll be able to get access.”
In the meantime, the white hats and black hats are both doing their homework. “You can get access to quantum computers today. They’re not very strong and very powerful today, but people are using tools to start to understand how they can unlock the innovation behind quantum computing,” Dames said. “So there are people that are doing development in that space.”
Uncertainty Prevails
Serving the majority of the world’s financial transactions, the mainframe is omnipresent, much like the security technology that keeps its data secure. “Crypto is used everywhere. It’s used for communications, it’s used in infrastructure, it’s used in automobiles, it’s used everywhere in our digital society,” Dames noted. “That’s why it’s really so important for us to make sure that we are leveraging the right kind of cryptography and we’re providing those capabilities to our partners.”
The last time the field of computer science prepared for such a large-scale threat, Dames was part of the Y2K mobilization effort. “I was on call in case something did not work. I had to be ready in order to address any client needs that would occur during that time,” she recalled.
Like with Y2Q, the magnitude of the mission was clear, but unlike Y2Q, the calendar brought a sense of clarity. “It was definitely something that was in the critical path, but you knew when it was going to happen,” Dames said. “That’s the big difference.”