Podcast | AI Meets Quantum in the Real World – with SandboxAQ

Paul Kassebaum: There’s a group of people now at CERN looking at what applications of quantum computing could be applied to high-energy physics, and it’s quite a rich area already. A couple of big roadmap documents were published last year.

Konstantinos Karagiannis: There’s been a lot of speculation about how fault-tolerant quantum computing might accelerate the power of artificial intelligence in the future. But what if those technologies switched roles? What if I told you that AI is already improving certain aspects of current quantum technology?

Find out how businesses and verticals can start to use these techniques for real use cases in quantum-sensing simulation and migration to post-quantum cryptography in this episode of The Post-Quantum World. I’m your host, Konstantinos Karagiannis. I lead Quantum Computing Services at Protiviti, where we’re helping companies prepare for the benefits and threats of this exploding field. I hope you’ll join each episode as we explore the technology and business impacts of this post-quantum era.

Our guest today is the technical director, global public sector, at SandboxAQ, Paul Kassebaum. Welcome to the show.

Paul Kassebaum: Hi. Thanks very much for having me.

Konstantinos Karagiannis: I figured we’d dive right in and captivate the audience. Let’s focus for a second on the AQ in the company name. How does SandboxAQ bring together the worlds of AI and quantum?

Paul Kassebaum: For engineers, a sandbox represents a place that’s safe to explore and not have to worry about breaking things as you’re investigating. And the A in the AQ stands for “artificial intelligence,” and the Q stands for “quantum information sciences and technologies.” The AI in our name is the key enabler for many of the quantum technologies. This is especially true for our sensing division.

We focus on three applications or technical verticals: cryptography management — which is a subsection of quantum communications — quantum sensing and quantum simulation. The AI is especially important for quantum-sensing technical verticals. Within that technical vertical of sensing, we have two engineering teams focused on different applications: One is focusing on using quantum sensors to detect very small variations in the Earth’s gravitational field as a way to get an absolute idea of where you are — latitude, longitude and altitude — on the Earth.

We’re taking quantum sensors that have been demonstrated in laboratory environments and putting them on extremely magnetically noisy aircraft. We use AI to disambiguate the magnetic fields coming from the electronic components on the airplane versus the Earth’s magnetic field.

The other application team, in the technical vertical of quantum sensing, is focused on, again, sensing magnetic fields, but this time in your heart. The electricity that’s driving the rhythm of your heart generates a magnetic field, and it’s an extremely weak field, and the variations of it are also very weak. There, the challenge, using AI, is to disambiguate your heart’s magnetic field from all the electronics in a hospital environment.

Unlike an MRI machine, which will have a dedicated room that’s meant to be a very magnetically quiet space, our device is designed to work in emergency rooms, which comes with all the magnetic noise of the environment of an emergency room without any magnetic shield around you or the device. Instead, we’re picking apart the signal from the noise using AI.

Konstantinos Karagiannis: That makes a lot of sense, and we are going to dive into all the offerings. It’s fair to say AI enables you to get the best data out of any of the solutions. How did all this evolve from Google’s parent, Alphabet?

Paul Kassebaum: I joined after the company spun out of that parent, so I don’t have direct firsthand experience from that. But what I’ve been told is that Sergey Brin, one of the founders of Google, had wanted to create or incubate a startup that would focus on quantum technologies that can work in the near term, as opposed to quantum computers, which will work in the long term, eventually. He pulled in the current CEO of SandboxAQ, Jack Hidary, to help incubate this idea to form a company within Alphabet, and it was incubated within Alphabet for about five years before it spun out.

Konstantinos Karagiannis: That’s deep, deep incubation.

Paul Kassebaum: That’s my understanding. They just threw a bunch of ideas on the whiteboard for a number of years: This technology, will it work in the short term or the long term? It’s a head scratcher, case by case. When it came out of Alphabet, the ideas that were being pursued were cryptographic management being motivated by the inevitability of quantum computers and different sorts of risks to the confidentiality today, the integrity of your messages and authentication into your systems once quantum computers are real.

We’re aiding the migration to what’s called post-quantum cryptography — new algorithms for encryption that work on today’s computers and secure today’s communications from being scooped up today and decrypted in the future by quantum computers. We also want to help you migrate your cryptography systems that help enable keeping the integrity of your messages and authentication of your systems — this user really is who they say they are — accelerating your ability to make those systems quantum-resistant before quantum computers become real. Those are at risk once quantum computers are real and people are faking their identities with quantum computers in the future.

That’s our quantum-communications side, which came out of the gate right away from Alphabet. Another thing that came out of the gate was the magnetic-navigation team and the magnetic-cardiography team — those two quantum-sensing applications I mentioned earlier — as well as a team dedicated to using today’s high-performance computers to simulate physical systems governed by quantum physics — for example, medicines and materials.

Konstantinos Karagiannis: This whole idea of AI merging with quantum, I figured it must play strongly in your simulation and optimisation solution. Can you talk about that? I know a lot of people, when they hear SandboxAQ, they probably do think of the PQC context, and we will dive into that in a moment.

Paul Kassebaum: AI is extremely important for our simulation vertical as well. You may have heard of projects like AlphaFold, which came out of Google DeepMind, using today’s big HPCs — high-performance computers — to predict the structure of how proteins fold. It turns out that these AI models are very hard to use beyond their training set. Unfortunately, that’s the whole point of AI: You train it, and then it can deal with things it hasn’t seen before. Unfortunately, that hasn’t rung true in the drug-discovery space. Most AI systems don’t generalise very well.

At SandboxAQ, we pair AI methods with physics-simulation methods to synthesise new data. We can trust the computational results to treat them as if they were experimental data to expand the training set of AI systems. Wherever we want to push the boundary of what an AI can extrapolate beyond its training set, we add to the training set using physics simulations.

We’ve developed techniques that allow us to take advantage of massive clusters of GPUs available through cloud service providers and efficiently do those physics simulations. We also use a different sort of AI called active learning to help us get the most out of our next data point that we bother to spend the computational resources on synthesising. In other words, active learning helps you figure out, “What’s the piece of information I’m missing that would give my machine learning system the greatest learning improvement? Is this data unique? Is this data telling my AI system it doesn’t already know?”

Konstantinos Karagiannis: This might be a bit of a stretch, but there’s always been this idea of hybrid where you’re doing some things classical, some things quantum. Is any of this approach going to allow us to get something closer to an advantage by filling in gaps or helping along what we can accomplish with these qubits that are still a little more fragile?

Paul Kassebaum: The bulk of our work is focused on algorithms that work on today’s computers. We recently acquired a company called Good Chemistry, out of Vancouver, Canada. Along with that acquisition, we did take on a few folks who do focus on quantum algorithms that work only on quantum computers, and we’re happy to have them on board. We’re trying to figure out a near-term use case for those engineers and researchers. The bulk of the team is focused on, what can we do on today’s massive clusters of GPUs, and we have a small team that we acquired recently. We’re trying to look at where we might leapfrog once quantum computers become more capable.

Konstantinos Karagiannis: I can imagine that being linked up with Google doesn’t hurt when it comes to needing some extra horsepower.

Paul Kassebaum: Absolutely. But, curiously, one of the reasons Jack Hidary insisted on Alphabet spinning out SandboxAQ is to allow us to choose the cloud service provider we need for each use case. Since we’re not part of Alphabet anymore, we don’t have incentives to play only with GCP — Google Cloud Provider. We do work with AWS, Azure and GCP.

Konstantinos Karagiannis: That does sound liberating. The Security Suite is starting to generate a little buzz in the PQC world, can you tell our listeners about that offering?

Paul Kassebaum: The vision for it is a new way to manage your cryptography in an organisation so you have situational awareness of what the state of your cryptography is at any given point — if there are any policy violations of your cryptography, and if there are, also a system to easily deploy new cryptography or make changes to your cryptography.

It’s very rarely the case that a cryptographic vulnerability is isolated to swapping out a single file. It’s much more likely to be a big, hairy, Gordian knot of things happening on your network communications, things happening on your file systems and hosts, or things happening in the way your software developers have implemented cryptography in the source code that your organisation owns in some combination of those three typical ways— the lenses you would have into the cryptography of your organisation.

Konstantinos Karagiannis: You have the ability to have a control-center sort of view and a way to remediate.

Paul Kassebaum: There are executive orders, Office of Management and Budget memos, guidance from groups like NIST and the NSA and CISA for government agencies to start their migration to post-quantum cryptography. The first step everyone is trying to get their heads around is cryptographic inventorying.

Through our control center, it provides a high-level overview of what our Security Suite has found —what types of keys are discovered, what the encryption methods were. Maybe the CISO has a high-level overview of what’s going on, but then your security officers, who have to actually roll up their sleeves and get into the muck, they can dive down, drill down, and track, for example, how a key is generated and used across these different lenses I mentioned —network communications, file hosts and applications.

Then, as I said earlier, it’s not just about understanding the state of play of your cryptography but also about rolling out changes to it — and that’s, in other words, remediation: Once you find problems, how do you remediate them?

The current state of the Security Suite is, we give advice for how to do those remediations manually and how to automatically get the work into your ticketing systems like Jira. We’ve designed it assuming that the end users are not themselves cryptographers or cryptanalysts, so when we find a policy violation, we also give best-practices suggestions for how to remediate these. But the current status is that the product relies on the engineer to do the remediation manually. The vision is that we’re going to be able to automate that process.

Konstantinos Karagiannis: And so far, remediation can’t really be done. The general guidance has been from, like the NSM-10 document, that you shouldn’t try to implement post-quantum ciphers until NIST publishes its standards. What’s being done right now is remediating things that are just wrong to begin with, like running SSL 2 or something like that so you know it works — things like that.

Paul Kassebaum: It depends on who we’re talking to. Most of our customers in the private sector will just care about the last migration they’re still in. Like you said, maybe it’s just TSL 1.2 to 1.3 they’re concerned about, or, God forbid, even SHA-1 or something.

But many of our government customers are concerned about the quantum threat. They are concerned about getting PQC into their systems. But because these haven’t been standardised, there’s some advice from the NSA to use the CRYSTALS key-encapsulation method and digital signature. But the standardisation process from NIST goes on. Our customers who do care about PQC migration but also are concerned about maintaining regulatory compliance with like, FIPS and PCI DSS, they’ll reach for hybrid algorithms to try to get the best of both worlds while NIST is still standardising the algorithms and updating the compliance requirements like the upcoming FIPS 233, I think it is. That’s pens-down, but still in process.

Konstantinos Karagiannis: Inventory was due for federal agencies a year and a half ago. Have you already gotten a bunch of feedback from customers about how that’s going?

Paul Kassebaum: CISA, for example, has to receive all these reports, and so they’re sitting on top of a mountain of spreadsheets of various formats and various interpretations of what this entailed. And I’m sure the majority of them rely on self-attestation—“trust us.” CISA, it all boils up to them, so they have a huge headache. But then the individual agencies that have reported to CISA have spoken with us and said, “I’d like to try to confirm this self-attestation.” And as the requirements of what this reporting really entails and the frequency of it gets more demanding, we’re looking for ways to automate this, and that’s what we provide.

Konstantinos Karagiannis: And have you gotten any inside info on how the NIST process is going? Will it be July, like everything else has been? Is that your best guess right now? That’s the only guess I can make.

Paul Kassebaum: I’m not sure. Surprises happen. I was surprised by Rainbow and Psyche. Who knows what will happen?

Konstantinos Karagiannis: We talk a lot about crypto-agility, but if you’re an actual coder — the boots on the ground there — there’s a lot of complexity in implementing it. This brings us to Sandwich. How does it help keep developers from adding to the problem, and letting them actually fix it?

Paul Kassebaum: I was just able to sit on a PQC roundtable organised by the OMB, and one of the comments that was made that the whole room was nodding their heads up and down to was, we need to start creating standard APIs for software developers to implement common cryptographic patterns — stop having them have the option of only having enough rope to hang themselves by.

SandboxAQ’s first approach is to give a high-level cryptographic library that tries to provide one of the many aspects of what that proposed hypothetical API would be for software engineers to quickly and easily create, for example, secure tunnels and things like that. We have a bunch of documentation on our GitHub page and tutorials that walk a developer through common use cases. It’s an open-source project, so we’re always happy to get new contributors as well.

Konstantinos Karagiannis: It has a very AI image–generated look.

Paul Kassebaum: We have a blog called Crypto Caffé, and we decided early on that all the header images for the blog posts are going to be AI-generated.

Konstantinos Karagiannis: It’s got this AI watercolor look to Sandwich. It works.

Shifting back to quantum sensing, I get the idea of taking AI and working with all that data, because it could be a lot, I’m assuming there’s no hardware development. You guys don’t actually touch the sensing side from there? You don’t do anything with hardware?

Paul Kassebaum: We do. We have hardware engineers on our sensing teams, and we have the expertise to create the tip of the spear of these sensing systems, but we typically don’t do that. Instead, we focus on system engineering. We’ll take off-the-shelf quantum sensors that were not built for the intended purposes we’re designing around. We’ll build the electronics and the software and sometimes the mechanical structure for the MCG device. We have an armature to get the array of sensors over your chest while you’re still lying on a gurney. We did all the mechanical design for that system. The sensing team is very physical, hands-on.

Konstantinos Karagiannis: There’s a level of quantum breadboarding going on there.

Paul Kassebaum: For sure. We’re a distributed team, except for our sensing teams. They have the one legit office in Palo Alto, because they need to build stuff physically.

Konstantinos Karagiannis: “Let me mail you this little chip I just put together. Solder it in place, and tell me how it works.” That makes sense. 
What would you see as a timeline for sensing right now? A lot of people call it the aspect of quantum information science that’s here — that’s real. What do you think for mass adoption — how soon?

Paul Kassebaum: Both of our teams — the magnetic-navigation team and the magnetocardiography team — there are certain hurdles to their timelines that are not exactly technological — they’re more regulatory. For commercial flights, we need FAA regulatory approval, and the military has its own regulatory criteria. And for medical instruments, we have to get through FDA clinical trials. Both of them are going to take us on the order of five years before they’re being relied on. Right now, they’re both in test modes.

Our magnetic-navigation team has racked up about 100 hours of test-flight data. The physical box our engineers built has been on different vessels a total of 100 hours, but it’s self-contained right now. It’s not plugged into the system, and it’s certainly not relied on for real-time navigation. That’ll probably take about five years before it can actually be relied on as a backup to GPS.

Our MCG device is in three hospitals right now, collecting observational data. We have volunteers whose parts were scanning with our system noninvasively, passively, and we have medical staff engaged with our teams. But it’s just collecting observational data. No diagnoses are being made based off of this.

Konstantinos Karagiannis: You can’t put a patient at risk, because you’re not making a decision based on that.

Paul Kassebaum: Exactly right. They’re both highly regulated application areas, it’s probably going to take about five years, even though, in a sense, it works. The navigation system is not accurate enough, but it’s more accurate than nothing. The MCG system creates real videos of the magnetic field of your heart. But more studies are required — clinical trials are required to map the images we’re generating to actual diagnoses. In a sense, the tech kind of works already, but the application has a lot of other complexities beyond the fundamentals of the tech.

Konstantinos Karagiannis: That regulatory aspect must be frustrating. Someone’s going to scan a chipmunk next year and claim some kind of quantum advantage. You’re going to be, like, “We were already doing that!” That’d be so funny.

You came to Sandbox from IBM. Tell us about your quantum journey and what Sandbox is doing to generate talent.

Paul Kassebaum: I originally got into a Ph.D. programme in physics because I wanted to understand quantum mechanics as best one could. I was fascinated by the topic. Originally, quantum, to me, was the physics of the world: electrons — how they move and things like that. Then I joined IBM in their quantum-computing division. I was super excited to join them because I had never thought about physical quantum systems used to store and manipulate information. I didn’t know what quantum information was before joining IBM, so it was an incredible on-the-job education there.

When I left IBM, it was a bittersweet decision, because I loved the people. I thought they were doing incredible work — they still are. They have a great educational mission I got to benefit from personally while I worked there. But they have a great team doing education outside the walls of IBM — the most popular videos and courses to learn quantum computing for free, and open-source software. It all comes out of IBM.

Konstantinos Karagiannis: The Qiskit community, the whole thing.

Paul Kassebaum: The Qiskit community, absolutely — the free tier of their quantum computers on the cloud. It’s incredible. But I joined SandboxAQ because one of the things I was curious about was that there are all these other lenses to quantum information science I had not considered before —quantum information for sensing, quantum information as a cryptographic area of study.

The simulation of quantum systems was something I was familiar with, but I’m not a huge AI expert, which added another interesting complexity to that technical vertical for me. And then, curiously, to me, quantum computing was intentionally not touched by SandboxAQ. They wanted to focus on things that have real impact immediately, today, right now. That was why I wanted to join SandboxAQ — expanding my understanding of quantum phenomena. And the mission is incredible.

I work on a public-sector team. We focus exclusively on governments as the customer. It’s incredibly important for democratic nations to adopt AQ for the welfare and the defense of their nations. I’m honored to be able to help the U.S. and its allied nations wrap their heads around these technologies — make them real and make them deployable.

The other great aspect of SandboxAQ is the crazy combination of skills under this one organisation. Although we’re distributed, we’ll get together as a total company twice a year. In my role, I have to do this virtually regularly anyway. I’m talking to chemists, biologists, geoscientists, cryptographers, cryptanalysts, people who are specialists in massively parallel computing for the simulation team. It’s a crazy universe of AI and quantum experts all under one roof. It’s a wild place to work.

Konstantinos Karagiannis: And now you’re learning all these other areas. Does anyone cross over — like, they’re working more on PQC, and then they take an interest in more of the AI side, or something like that?

Paul Kassebaum: Yes. Usually, the particular people that come to mind are folks who help with compute infrastructure. I’ve seen a few folks migrate, sometimes in more than one direction over the course of a year, back and forth between the cryptography-management team and the simulation team. They both are using AI compute infrastructure in different ways, and sometimes those skills are very transferable from team to team.

Konstantinos Karagiannis: It’s always interesting to see how companies do that and handle anything with moving talent around. As we’re looking for advantage, as we’re looking for real-world use cases, people tend to wear a lot of hats to try to find out what’s going to stick in the quantum industry.

Before I let you go, I noticed a lot of headlines with SandboxAQ partnerships and the like, but is there anything exciting coming up that you’d want to telegraph, or some plans or roadmaps or anything that you’re able to share?

Paul Kassebaum: I can talk about some recent news that maybe hasn’t made waves yet, but it’s public, technically. We recently joined NIST — started a new consortium around AI safety, which is incredibly important. This came out of an executive order from the White House charging NIST with dealing with AI risks that are tangible today. Not like, what if some generalised super AI comes online 10 years from now, but all the risks that are real and palpable today — and start doing something about it. Right now, I’m proud that SandboxAQ is among the first group of companies to be involved in this consortium, which just got started a couple of days ago.

What I’m hoping we’re gonna be able to do is help with the security of AI systems. What I’ve been worried about is, if you have access to an AI system that you can ping through a scalable API, that AI had to get trained on some data. What methods are people trying to use to get access to the underlying data through the AI model they have direct access to? And if you can do that, you might be violating all sorts of privacy issues. I’m hoping that our group, among other things, would be able to help advise NIST on how to prevent those sorts of attacks on confidentiality.

Konstantinos Karagiannis: Between that, and the whole PQC angle, you’re going to be interfacing with NIST quite a lot this year. I would say 2024 is going to be a big one for you.

Paul Kassebaum: And they need more funding. We don’t get any funding through NIST, but the things they’re tasked with are crazy for the size and the budget of this little government agency. It’s crazy.

Konstantinos Karagiannis: Everyone’s going to follow, and if it’s not done correctly, everyone’s going to follow it right into the ground. It is amazing what’s on their shoulders. I get it.

Thank you so much for joining. This was great, and maybe we’ll get to talk in the future about how that other stuff’s going.

Paul Kassebaum: I hope so. That’d be great. Thank you.

Konstantinos Karagiannis: Now, it’s time for Coherence, the quantum executive summary, where I take a moment to highlight some of the business impacts we discussed today in case things got too nerdy at times. Let’s recap.

Sandbox blends AI and quantum technologies, focusing on three technical areas: quantum sensing, quantum simulation and cryptographic management. In sensing, AI improves precision. For example, AI disambiguates magnetic fields from an airplane’s electronics to improve navigational sensing. The same approach could improve medical scanning, separating electrical impulses in a human heart from medical equipment in, say, a busy emergency room.

SandboxAQ is involved in all layers of working with off-the-shelf quantum sensors, including system engineering, electronics, software and mechanics. Quantum-simulation use cases feature quantum-inspired algorithms running on classical hardware. The hope with AI is often to train it and then have it provide insights into what it hasn’t seen before, provide new knowledge to help the world, etc.

SandboxAQ is using physics-simulation methods to expand datasets and train AI, then a different active-learning AI is used to try to fill in the gaps. This could theoretically lead to solving real business problems on current hardware.

AQtive Guard provides a comprehensive view of an organisation’s cryptography and helps the migration to PQC. The suite identifies potential current and future vulnerabilities and suggests remediation strategies that are done manually for now but that will be automated in the future. The suite helps businesses balance security with regulatory compliance while standards are still under development this year, and it helps automate cryptographic inventory. For developers who have to implement cryptography on a code level, Sandwich is an easy-to-use API. It’s open-source, so they’d welcome contributions, if you’re up for the challenge.

That does it for this episode. Thanks to Paul Kassebaum for joining to discuss SandboxAQ, and thank you for listening. If you enjoyed the show, please subscribe to Protiviti’s The Post-Quantum World, and leave a review to help others find us. Be sure to follow me on all socials @KonstantHacker. You’ll find links there to what we’re doing in Quantum Computing Services at Protiviti. You can also DM me questions or suggestions for what you’d like to hear on the show. For more information on our quantum services, check out Protiviti.com, or follow Protiviti Tech on Twitter and LinkedIn. Until next time, be kind, and stay quantum-curious.