PART 2 of 3
Quantum Threats: Security and Communications
The Quantum Computing Threat is Here
In our second blog on quantum technologies, we delve into the transformative world of quantum-related communications and their impact on Industry 5.0. We explore challenges to traditional data security and governance alongside promising future-proof solutions. Let’s explore new technologies shaping the quantum age!
Public Key Infrastructure (PKI) is the current de facto standard for safeguarding data transmission and trust certificates. Within the next 5–7 years, large-scale fault-tolerant quantum computers are projected to compromise the security of PKI.
Today, all devices, applications, and communications are secured with various forms of classical asymmetric cryptography (Public Key RSA Cryptosystem). The security of private and public keys depends on the computational difficulty of deciphering cryptographic algorithms. It relies on the assumption that an adversary lacks sufficient computing power and time to work out the math needed to break RSA or ECC (Elliptic Curve Cryptography). Quantum computers will be able to crack core key-establishment schemes and digital signatures (currently based on factoring large prime numbers and solving ECC logarithm problems). The most cryptographically threatening quantum algorithms include:
- Shor’s quantum algorithm for factoring numbers and decrypting current cryptography. Developed in 1994, Shor’s algorithm solves in “polynomial time,” which accelerates prime-number factorization and deciphering public keys. Cryptography that would have taken 1,000 years to decipher on a classical computer could be cracked within minutes.
- Grover’s quantum algorithm accelerates pattern matching in unstructured searches and finds hash pre-images. This threatens the security of blockchain mining, crypto-currency, and consensus-ledger systems where participants “race” to solve a search problem for economic advantage.
The main threat industries and governments face today is the “Harvest now, decipher later” attack vector. Data copied in transmission today could be stored until later when quantum computers running Shor’s algorithm become more capable. Governments, financial institutions, and critical infrastructure operators are now actively testing and deploying quantum-safe encryption technologies. According to Quantum Insider, the Quantum Security market is forecast to reach approximately $10 billion by 2030, growing at roughly 50% CAGR.
Without quantum-safe encryption, everything that has been transmitted or will be transmitted over a network is vulnerable to eavesdropping and potential public disclosure.
The Path Forward
Quantum-safe methods are currently available to enhance security for the emerging quantum computing age. Let’s review some of the basic themes:
- Post-Quantum Cryptography (PQC)
- Quantum Cryptography
- Quantum Generated Keys
- Quantum Networks and Quantum Key Distribution (QKD)
Post-Quantum Cryptography Standardization - Stronger PKI
Post-Quantum Cryptography (PQC) focuses on strengthening existing cryptography algorithms to resist adversarial quantum computer decryption attacks.
PQC represents a new set of cryptography algorithms and standards for the asymmetric public-key cryptographic systems that classical computing and communications equipment rely on. In 2016, the National Institute of Standards and Technology (NIST) began selecting quantum-resistant public-key cryptographic algorithms through a competitive public process. The new cryptography standards specify algorithms for digital signatures, public-key encryption, and key establishment. The NIST PQC Standardization Process details current activity and a short list of the solutions that are now out for public review. Standards are expected to be finalized in 2024.
Migrating to quantum-resistant asymmetric cryptography will not be a “drop-in” activity; this will take many years. Because of the implementation trade-offs around compute resources, key sizes, and levels of security, providers of applications, platforms, devices, and networks will deploy these new standards differently. A large internet application platform provider will have different operational requirements than a wireless modem chip module manufacturer that has onboard memory and compute constraints. Large application platform providers such as AWS, Azure, and Google have developed PQC solutions consistent with the NIST process and optimized for their unique security, throughput, and customer service level needs. Communications Service Providers are beginning to deploy solutions for security-oriented customers. Enterprise application providers are beginning to specify quantum-safe requirements in RFPs to device and application developers.
The time is now, for industrial operators and suppliers to assess their current infrastructure or digital products and bring cryptosystems up to current standards. The first step is to create a cryptography inventory for the business and then plan to update older practices to the latest and most current standards before NIST standardization becomes finalized. The current PKI infrastructure is weak, even without quantum computing decryption attacks. Adopting good cybersecurity hygiene will make PQC adoption much easier in the coming years.
Many post-quantum cryptography technology and consulting firms are available to help operators and developers make informed decisions on implementing this first wave of PKI upgrades. “Crypto-Agility” describes the ability to upgrade systems in the future if a particular cryptography algorithm is broken. How long will these new algorithms of PKI be safe and secure? While it’s impossible to know, we expect enhancements as advanced attack methods are discovered.
Quantum Cryptographic Solutions
While PQC is about improving and upgrading existing cryptographic algorithms, Quantum Cryptography, on the other hand, is a leap forward in technology and is about using the power of quantum information science for new and more secure communications. Methods now being deployed in high-security markets are:
- Quantum Generated Keys
- Quantum Networks for Quantum Key Distribution (QKD)
Quantum Generated Keys = Strong Keys!
The effectiveness of any cryptographic system is determined by the strength of the keys and protocols being used. The strength of any key is determined by the degree of randomness used in its generation. Quantum information science and security theory have been used for over 40 years to devise ways of generating high-entropy numbers (maximal randomness) from which strong keys can be derived. This is called Quantum Random Number Generation (QRNG). QRNG keys are used to establish a communication session once, and then the key is never re-used. Each communication session begins with new single-use quantum-generated random information. Generating strong one-time keys is the foundation of the OTP (one-time-pad) cipher technique. Using QRNG along with symmetric protocols is considered quantum-safe today. QRNG devices are available in the form of network appliances and as semiconductor chips, now being embedded into devices such as computers, cell phones, or industrial devices.
Traditionally, QRNG devices have created highly random numbers by measuring natural quantum mechanical behaviors of particular electronics, such as light-emitting diodes or quantum tunneling effects in semiconductors. Still, they have been unable to generate large quantities of random numbers fast enough to scale. But now, we have quantum computers being used to produce pure and truly random numbers to create quantum strength keys on a very large scale and fast enough to support real-time operations. A recently available example is Quantum Origin, the cybersecurity solution from Quantinuum Ltd. that integrates quantum-computing-hardened encryption keys into industrial devices or networks for secure communications.
Now that we have quantum-strong keys, how can we securely distribute them across networks, so they resist quantum attacks? Quantum Networking is an important (and evolving) approach.
Quantum Networking and Quantum Key Distribution
Quantum networking is an emerging technology that transmits entangled quantum bits (qubits) between multiple parties or nodes. Applications range from linking distributed quantum computers together to securely distributing information.
QKD (Quantum Key Distribution) is a security application that uses quantum networking to distribute keys securely. This physical layer security method involves a multi-channel fiber network. Entangled photons act as qubits and carry quantum information to generate shared secret symmetric keys for encrypting and decrypting messages. QKD is said to be “provably secure” because it is based on a fundamental characteristic of quantum mechanics: that any attempt to observe (measure) entangled photons during transmission will disturb their quantum states, alerting networking administration to an eavesdropping or “harvest” attempt. Once session keys have been securely distributed to the end nodes, the high-volume data is then securely sent to the main classic fiber channels for the communication session.
Dozens of QKD metro networks have been established in many countries so far. Due to fiber optics losses, transmission is currently limited in speed and distance, with 200km being the current max range. However, major improvements in trusted nodes and quantum repeaters are helping to increase operational distance, throughput, and fidelity. Significant investment is now pouring into these technologies. In addition to ground metro fiber networks, satellite-to-ground and free-space laser communications are also rapidly improving.
While still in its infancy, quantum networking is already providing operational security. As quantum memories evolve, we will see more capable quantum repeaters and applications on quantum optical networks. In transitioning to a quantum-safe infrastructure, all the above methods will be needed over the next ten years (Post Quantum Cryptography, Quantum-Generated Keys, Quantum Key Distribution, and Quantum Networks).
There are enormous benefits to be unlocked as quantum networks become more scalable and, ultimately become capable of linking quantum computers with quantum sensors. We are in the early stages of building the new quantum infrastructure.
We will explore quantum sensing in the third and final part of this Quantum Technologies series, which has the potential to revolutionize how we measure, gather data, and detect the world around us and ultimately enable quantum operations. Stay tuned!
Stay tuned for our final installment!
- Quantum Categories and Quantum Computing (1 of 3)
- Quantum Communications and Security (2 of 3)
- Quantum Sensors and the Quantum Operation (3 of 3)
QKD and Quantum Networking Vendors
Momenta is the leading Industrial Impact venture capital + growth firm. We accelerate entrepreneurs and leaders devoted to the digitization of energy, manufacturing, smart spaces, and supply chains. Since 2012, our team of deep industry operators have made over 100 investments in entrepreneurs and helped scale over 150 industry leaders via our award-winning executive search and strategic advisory practices.