The latest fall on its Nasdaq share price, from US$15.11 on Monday to $9.34 last night, follows an article in the Wall Street Journal that Arqit – official name Arqit Quantum – had “given investors an overly optimistic view of its future revenue and the readiness and workability of its signature encryption system”. The newspaper cited “former employees and other people familiar with the company” as well as documents it had seen.
Arqit founder and chairman David Williams told investors last year – when it was planning a reverse takeover that gave it its Nasdaq listing and valued it at $1.4 billion – that Arqit had an “impressive backlog” of revenue and was ready “for hyperscale growth”.
This week’s reports were picked up by The Times, the London-based newspaper that has the same owner as the Wall Street Journal, which said there were allegations of “overstating contracts and giving unrealistic revenue projections”. The Times said that the bulk of “committed revenue” investors were told of related to research grants.
In its response, Arqit has not addressed the criticisms directly, but has published what it calls a “Post Quantum Cryptography Mythbuster” which says the threat to data security from existing weaknesses in public key infrastructure (PKI) “is rising rapidly and the development of quantum computing makes the problem critical”.
Williams says in his introduction to the paper: “Quantum Safe is a very high bar which hardly anyone who uses the phrase manages to achieve. Always ask the question: Could an actor with a universal quantum computer and a mind like [MIT mathematician] Peter Shor’s potentially crack this algorithm? The day that an adversary breaks your mathematical algorithm, you won’t know until it’s too late, and it will happen.”
The paper quotes Daniel Shiu (pictured), Arqit’s chief cryptographer, who worked at the UK’s signals intelligence agency GCHQ for 20 years. According to online biographies he was head of cryptographic design and quantum information processing, part of the initial national technical authority function assumed by the UK’s National Cyber Security Centre (NCSC), which is part of GCHQ.
Shiu, who represented GCHQ in helping to found and direct the UK’s National Quantum Technologies Programme, said as part of Arqit’s fightback: “Arqit’s QuantumCloud solution does not rely on a traditional mathematical algorithm to derive keys. Arqit’s entirely new system delivers symmetric key agreement using a lightweight software agent which is small enough to run on any device, and creates computationally secure zero trust encryption keys.”
Arqit said in its statement today that “legacy encryption was never intended to protect our hyper connected world, and quantum computers will soon compromise the mathematics at the heart of it”. The company said: “The world is being urged to create and adopt new protections now; security against quantum computing needs to be deployed even before quantum computers become powerful enough to break public encryption.”
Arqit refers to the US National Institute of Standards and Technology (NIST), which is hunting for a solution for cryptography in the quantum era.
NIST said last year: “Unfortunately, the implementation of post-quantum public-key standards is likely to be more problematic than the introduction of new classical cryptographic algorithms. In the absence of significant implementation planning, it may be decades before the community replaces most of the vulnerable public-key systems currently in use.”
Shiu said Arqit’s own keys “work within existing standardised symmetric encryption algorithms like AES 256 and the Arqit software can be implemented easily as a mid-life upgrade without requiring costly transformation” .