Quantum-Safe Communication Migration Webinar Replay and Q&A Session
In November 2023, Dr Bruno Huttner delivered a presentation entitled Developing Your Quantum-Safe Communication Migration Expertise. In the presentation, Dr Huttner started by putting some context behind quantum computers and the threat posed by the advent of the Qubit, via the principles of coherent superposition, interference, and entanglement.
Having identified the problem, Dr Huttner went on to describe the state of the art of quantum safe cryptography, including the five basic tools available to help protect IT and communications infrastructure from quantum threats:
- Key generation using quantum random numbers.
- Quantum key distribution for secure key exchange.
- Symmetric key cryptography
- Hash-based functions for authentication
- Post-quantum algorithms
Historically, there has been some dispute between mathematics and physics in terms of the best way to provide long-term data security. Today, we acknowledge that the best solution will involve elements of both.
Following an overview of the toolset, Dr Huttner dives deeper into the principles of Quantum Key Distribution and introduces attendees to the XG Series, IDQ’s fourth generation of QKD systems.
Following the presentation, the floor was open to questions. For those that couldn’t attend the live session, here is a summary of the Q&A.
Do QKD systems usually also handle the key generation, or is there a different device for that?
While the processes of key generation and distribution are different, they can be combined into a single solution. IDQ’s QKD systems, for example, integrate a quantum random number generation chip as a source of entropy for generating truly random encryption keys and to provide randomness for all related crypto functions.
Can quantum key distribution get corrupted?
No, keys cannot be corrupted during distribution. The security of QKD is based on the fundamental laws of quantum physics, which can be rigorously proven. If implemented properly, QKD guarantees absolute security for key distribution. Of course, keys could become corrupted at a later stage; during storage for example. However, quantum networks, which would keep the keys in a quantum state, would maintain security until the keys had been used.
Is QKD resistant to attacks from quantum computers?
Yes. By its very nature, QKD will be resistant over time to quantum computing attacks.
Are there computers currently operational that can carry out attacks or decryption of encrypted banking telecommunications for example?
The best way to put it is “not yet”. There are currently no known quantum computers that are powerful enough to crack existing cryptography. However, we know it will happen eventually: it’s just a matter of time. We also know that malicious actors are probably already harvesting today’s encrypted data to decrypt it once a cryptographically relevant quantum computer becomes available. So, the threat to current transactions is very real.
Could you elaborate on when it’s better to use Math or Quantum for Authentication?
Authentication is best done with math for the moment as QKD does not technically solve the authentication problem. Another alternative is Physically Unclonable Functions or PUF. These little chips are like a kind of unclonable tag that you put in your PC for example. This chip can then be used to authenticate any data coming from the PC. There have been proposals to use quantum for authentication, but this is still a work in progress.
When you say the security of PQC is “believed” does that mean the complexity involved in breaking it is just conjecture? If this is the case, how do we quantify the difficulty of breaking RSA versus some PQC algorithm? Is there a mathematical metric to do that?
Indeed, there is no proof that any PQC algorithm is secure, either from a classical computer or a quantum computer. In computer science, complexity theory is attempting to group problems into classes, which will provide a possible metric.
If successful, you will be able to determine if one problem is harder or easier than another problem, but there are few absolutes. RSA can be broken by a quantum computer using Shor’s algorithm. PQC algorithms are resilient against Shor, but that doesn’t mean there aren’t other algorithms out there that could break them.
Is there any standardization for QKD implementation, or quantum resistant crypto?
For PQC, standardization is well advanced. We should see the first published standards coming out of NIST early next year. For QKD, there is no final standardization yet. However, we are working on it. ETSI, for example, has been making significant progress in this area.
Given that the quantum channel is not a regular network connection what are the physical requirements to establish one to connect two data centers?
A quantum channel isn’t that complicated. It could be a free-space optical link or a standard single-mode optical fiber, but it should not have any active component or transceiver. It has some limitation in distance though. Today, with commercial systems, you can’t go much farther than 100 km (in academia, they can go up to 300-400 km). Apart from this, any standard optical link can be used. In addition, you need a discussion channel between Alice and Bob, which is not confidential, but must be authenticated.
Are QKD networks in different countries compatible with one another?
Ultimately, yes. Look at the EuroQCI, for example. It starts as a series of national networks, built by individual nations, then they become connected to form the EuroQCI. A lot of individual countries within Europe are building their own QKD networks currently. When the EuroQCI is formed you will need a single management system, but each national network could still have its own type of QKD.
Is there any way to address the distance limitations of QKD devices?
Yes, there are three alternatives. The first is to build a QKD network that distributes end-to-end secret keys (under the assumption that intermediate nodes, known as trusted nodes, are secure). The second is to go to space. If you use satellites and exchange keys through space the loss is significantly less than with fiber, so you can achieve much greater distances. With satellites, it will be possible to have worldwide key exchanges.
The final option would be to use quantum repeaters, which are a way to transfer qubits from one point to another endlessly. We don’t have them yet, but the technology involved is very similar to that required for a functioning quantum computer. The hope is that whilst developing the right tools for quantum computers we will get the quantum repeater “free or charge”.
What are your thoughts on QKD in space versus terrestrial solutions?
QKD in space is a great way of overcoming the current physical limitations of terrestrial solutions. The key distribution takes place between orbiting satellites and ground stations, with significantly less signal degradation through free space that over fiber. There are several projects in advanced stages of development that IDQ is participating in, including the Eagle 1 project in Europe.
Although QKD in space provides long-distance key exchange it will likely come with key rate restrictions. Terrestrial solutions, while limited in terms of distance, will provide many more keys. It’s likely that solutions will feature elements of both. The EuroQCI is one example.
Does blockchain have a role in QKD networks?
Not currently. Though if you want to build a quantum-safe blockchain (one that will not be destroyed by a quantum computer), you might use QKD. One solution we have proposed – the Quantum Vault – could be used to secure private keys used in the blockchain.
About the presenter
Dr. Bruno Huttner is the Director of Strategic Quantum Initiatives, and a Quantum Key Distribution Expert at ID Quantique. He is also the co-chair of the Quantum-Safe Security Working Group organized by the Cloud Security Alliance.
Bruno is an engineer (Ecole Centrale Paris), a physicist (PhD from the Technion, Israel Institute of Technology), and undoubtedly one of the pioneers of quantum information science.
You can contact Bruno directly: bruno.huttner@idquantique.com