Today, we are on the edge of a quantum revolution. The advent of quantum computers in the next decade will give mankind access to unparalleled processing power with all of the advantages that this brings. However, this will also create huge challenges in the sphere of privacy protection as quantum computers will render much of today’s encryption unsafe.
Why Quantum-Safe Cryptography?
The greatest threat is to public cryptography – or asymmetric algorithms – used for digital signatures and key exchange. There are already quantum algorithms which can break RSA and Elliptic Curve algorithms, once a quantum hardware is available. However, there are already next-generation quantum-safe cryptography solutions available, such as Quantum Key Distribution (QKD).
Technical standardisation bodies, such as ETSI, actively propose to start using quantum-safe cryptographic alternatives. ETSI in particular has published a White Paper on Quantum Safe Cryptography and Security. According to this ETSI white paper “Without quantum-safe encryption, everything that has been transmitted, or will ever be transmitted over a network is vulnerable to eavesdropping and public disclosure.”
Also available for download is a non-technical paper on everything you wanted to know regarding quantum computing and quantum cryptography.What are the dangers? What are today’s solutions? What are future directions?
CURRENT CRYPTOGRAPHIC TECHNIQUES
What is the problem with current cryptographic techniques?
The transmission of data is protected using encryption. The point of cryptographic vulnerability today is public key cryptography, based on algorithms such as RSA or Elliptic Curve, which is used to securely exchange data encryption keys. The problem with this approach is that the security of the currently used public key cryptosystems is not well established and they are vulnerable to:
- Human ingenuity: Public key cryptography is based on mathematical problems, which could be broken by future progress.
- Moore’s law: The increase in computing power makes it increasingly easier to break public key cryptography.
- Quantum computing: Public key cryptography is vulnerable to quantum computing, which can solve certain mathematical problems exponentially faster than classical computers.
These three vulnerabilities means that the currently used public key cryptosystems are not appropriate to secure data that require long-term security. An adversary could indeed record encrypted data today and wait until one of these vulnerabilities materializes to decrypt it.
QUANTUM CRYPTOGRAPHY OR QUANTUM KEY DISTRIBUTION
What is Quantum Cryptography?
Quantum cryptography is a technology that uses quantum physics to secure the distribution of symmetric encryption keys. A more accurate name for it is quantum key distribution (QKD). It works by sending photons, which are “quantum particles” of light, across an optical link. The Heisenberg Uncertainty Principle stipulates that in quantum physics observation causes perturbation. This is used to verify the security of the distributed keys.
In theory, QKD should be combined to One-Time Pad (OTP) encryption to achieve provable security. However in practice, this would impose strong limitations on the available bandwidth due to the fact that the key distribution rate of QKD is typically 1’000 to 10’000 times lower than conventional optical communications.
In practice, QKD is combined with conventional symmetric encryption, such as AES, and used to frequently refresh encryption keys.
How does QKD improve traditional cryptography implementations?
A security solution is as secure as its weakest link and in network encryption, the current weakest link is the key distribution based on public key cryptography. As its name says, QKD is used to distribute encryption keys, whose security is based on quantum physics and is thus guaranteed for the long-term.
What QKD solutions currently exist?
QKD solutions currently consist of key distribution appliances combined with link encryptors.
Two QKD appliances are connected through an optical fiber and continuously distribute key material, which they store until it is requested by an encryptor. These solutions work up to a range of 100km (optical attenuation corresponding to 20dB) and are thus deployed in metropolitan area networks.
Typical applications include secure LAN extension in corporate campuses or datacenter interconnects.
The encryptors currently compatible with QKD (i.e. “Quantum enabled”) are ISO layer 2 encryptors for Ethernet and Fibre Channel with link bandwidth up to 10Gbps and aggregated bandwidth up to 100Gbps.
DO COMMERCIAL QKD PRODUCTS EXIST?
Is QKD technology really so mature that commercial products already exist?
IDQ has deployed QKD systems commercially since 2007. One of the first QKD implementations was to secure elections in Geneva (see Geneva Government user case) in 2007, and this installation has been working reliably since its installation.
Since then numerous government and commercial institutions have installed the IDQ Cerberis QKD for secure data protection (see user cases in Cerberis Resource Center). QKD user include banks and governments worldwide. Quantum cryptography, or more correctly QKD, is now a well established commercial solution.
DOES QKD REALLY OFFER ABSOLUTE SECURITY?
From time to time, I come across pieces of news that claim that QKD has been hacked. Is it true?
Generally speaking, there are two conditions for a system to be secure:
- It must be based on sound principles
- Its implementation must be correct and must not open up vulnerabilities
Contrary to classical key distribution techniques, which rely on unproven assumptions and thus do not fulfil the first criterion, the security of QKD is based on the laws of quantum physics and can be rigorously proven.
This having been said, it is then important to make sure that the practical embodiment of a QKD system also fulfils the second criterion and does not have any implementation flaws.
IDQ actively participates in quantum hacking projects with well-respected academic partners, with the goal of understanding quantum-specific side channel attacks and of improving implementation security of QKD devices.
All the announcements about QKD having been hackedactually dealt with implementation flaws. These flaws are important but are inherent to any technological system.
Moreover such quantum hacking projects use open QKD systems, designed for R&D research. The quantum hacks which have been discovered to date are not viable attacks on commercial QKD systems with anti-tamper proofing and other standard security features.
In summary, the security of QKD is based on sound principles and, if properly implemented, it guarantees absolute security for key distribution. For more information on QKD Security, visit the”IDQ on QKD Security” page.