Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Quantum Attacks Targeting Nuclear Power Plants: Threat Analysis, Defense and Mitigation Strategies

Yaser Baseri, Edward Waller

Abstract

The advent of Cryptographically Relevant Quantum Computers (CRQCs) presents a fundamental and existential threat to the forensic integrity and operational safety of Industrial Control Systems (ICS) and Operational Technology (OT) in critical infrastructure. This paper introduces a novel, forensics-first framework for achieving quantum resilience in high-consequence environments, with a specific focus on nuclear power plants. We systematically analyze the quantum threat landscape across the Purdue architecture (L0-L5), detailing how Harvest-Now, Decrypt-Later (HNDL) campaigns, enabled by algorithms like Shor's, can retroactively compromise cryptographic foundations, undermine evidence admissibility, and facilitate sophisticated sabotage. Through two detailed case studies, \textsc{Quantum~Scar} and \textsc{Quantum~Dawn}, we demonstrate multi-phase attack methodologies where state-level adversaries exploit cryptographic monoculture and extended OT lifecycles to degrade safety systems while creating unsolvable forensic paradoxes. Our probabilistic risk modeling reveals alarming success probabilities (up to 78\% for targeted facilities under current defenses), underscoring the criticality of immediate action. In response, we propose and validate a phased, defense-in-depth migration path to Post-Quantum Cryptography (PQC), integrating hybrid key exchange, cryptographic diversity, secure time synchronization, and side-channel resistant implementations aligned with ISA/IEC 62443 and NIST standards. The paper concludes that without urgent adoption of quantum-resilient controls, the integrity of both physical safety systems and digital forensic evidence remains at severe and irreversible risk.

Quantum Attacks Targeting Nuclear Power Plants: Threat Analysis, Defense and Mitigation Strategies

Abstract

The advent of Cryptographically Relevant Quantum Computers (CRQCs) presents a fundamental and existential threat to the forensic integrity and operational safety of Industrial Control Systems (ICS) and Operational Technology (OT) in critical infrastructure. This paper introduces a novel, forensics-first framework for achieving quantum resilience in high-consequence environments, with a specific focus on nuclear power plants. We systematically analyze the quantum threat landscape across the Purdue architecture (L0-L5), detailing how Harvest-Now, Decrypt-Later (HNDL) campaigns, enabled by algorithms like Shor's, can retroactively compromise cryptographic foundations, undermine evidence admissibility, and facilitate sophisticated sabotage. Through two detailed case studies, \textsc{Quantum~Scar} and \textsc{Quantum~Dawn}, we demonstrate multi-phase attack methodologies where state-level adversaries exploit cryptographic monoculture and extended OT lifecycles to degrade safety systems while creating unsolvable forensic paradoxes. Our probabilistic risk modeling reveals alarming success probabilities (up to 78\% for targeted facilities under current defenses), underscoring the criticality of immediate action. In response, we propose and validate a phased, defense-in-depth migration path to Post-Quantum Cryptography (PQC), integrating hybrid key exchange, cryptographic diversity, secure time synchronization, and side-channel resistant implementations aligned with ISA/IEC 62443 and NIST standards. The paper concludes that without urgent adoption of quantum-resilient controls, the integrity of both physical safety systems and digital forensic evidence remains at severe and irreversible risk.
Paper Structure (48 sections, 4 equations, 5 figures, 15 tables, 1 algorithm)

This paper contains 48 sections, 4 equations, 5 figures, 15 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Contributions
  3. Scope and Organization
  4. Related Work
  5. Quantum Threat Assessments for Critical Infrastructure
  6. Post-Quantum Cryptography Migration
  7. Side-Channel Vulnerabilities and Performance
  8. Protocol-Level Quantum Hardening
  9. Forensic Integrity and Evidentiary Concerns
  10. Summary and Positioning
  11. Cryptographic Standards and QC in OT/ICS
  12. Classic Cryptographic Standards and : Assessing Risks
  13. Quantum-Safe Cryptography
  14. Quantum Threat Landscape: Architectural Vulnerabilities and Migration Framework
  15. Level-Specific Vulnerability Analysis
  16. ...and 33 more sections

Figures (5)

  • Figure 1: Purdue Model (ISA-95) architecture showing quantum-vulnerable security boundaries across L0--L5 levels in nuclear OT/ICS. /Firewalls denote cryptographic trust boundaries exploited in Sections IV--V.
  • Figure 2: Quantum Scar multi-phase attack flow
  • Figure 3: Quantum Scar attack timeline with conditional phase dependencies. Variable $T$ represents CRQC onset year from expert assessments (Fig. 4); $\alpha$ denotes weaponization period; $\epsilon$ represents execution preparation window; $\tau_{cert}$ is certificate lifecycle; $\tau_{rotation}$ is rotation schedule. Success probabilities reflect ISA/IEC 62443 SL-3/4 implementations. Sensitivity: $\partial \mathbb{P}/\partial S_1 > \partial \mathbb{P}/\partial S_2 > \partial \mathbb{P}/\partial S_3$.
  • Figure 4: Quantum Dawn multi-phase attack flow
  • Figure 5: Quantum Dawn attack timeline with conditional phase dependencies. Variable $T_0$ represents initial compromise; $\delta$ denotes collection period; $T_{CRQC}$ represents quantum capability onset; $\epsilon$ represents execution preparation window; $\tau_{cert}$ is certificate lifecycle; $\tau_{rotation}$ is rotation schedule. Success probabilities reflect ISA/IEC 62443 SL-3/4 implementations. Sensitivity: $\partial \mathbb{P}/\partial S_1 > \partial \mathbb{P}/\partial S_2 > \partial \mathbb{P}/\partial S_3$.