While President Biden was visiting Europe, he should have stopped to take a closer look at what the European Union and European countries and labs are doing to protect themselves against future quantum computer attacks – a threat this column has highlighted for the past two years.
While the US is betting all of its quantum security chips on post-quantum cryptography, that is, algorithms based on mathematics, scientists and cryptographers hope they will resist a future attack from the quantum computer, scientists, companies and officials in Europe are investing in technology that uses quantum science. to protect data and networks, now and for decades to come.
In October 2018, the European Commission launched the first phase of the Quantum Technologies Flagship, a ten-year, 1 billion euro initiative, pooling resources for the advancement of quantum technology on a broad front. That includes building a future communications network based on Quantum Key Distribution (QKD), a technology that uses the principles of quantum mechanics for cryptography.
These are the first steps towards what will become Europe’s “quantum Internet”, connecting quantum computers, simulators and sensors to distribute quantum information and resources securely, thanks to QKD.
This March representatives from seven EU countries (Belgium, Germany, Italy, Luxembourg, Malta, the Netherlands and Spain) signed an agreement Develop and implement a piracy-proof quantum-based communications infrastructure (QCI) across the EU in the next ten years. Croatia, Cyprus, Greece, France, Lithuania, Slovakia, Slovenia, Sweden and Finland also agreed to cooperate in the construction of QCI.
Meanwhile, our own National Security Agency issued a document last year anything but ditching QKD out of hand, while the National Institute of Standards and Technology’s solution for future quantum computing attacks focuses entirely on post-quantum cryptography, although those algorithms have yet to be tested against a large-scale quantum computer (already that none exists today).
It is unclear why US officials remain so allergic to quantum methods to protect data and networks, even though QKD’s proven path to quantum security is based on the nature of physics itself. Unlike classical physics, quantum physics is fundamentally random. Quantum random number generators, which are the foundation of QKD solutions, integrate the randomness of quantum physics to generate truly random numbers to encrypt messages and data in ways that are truly hacker-proof. We can think of them as the equivalent of a spymaster’s one-time pad that no code breaker can crack.
By integrating QRNG into a randomly generated encryption key for users, Quantum Key Distribution (QKD) offers even more long-term security. Communication between users is based on the distribution of a unique secret key that is used to encrypt a message, which is completely random and is used only once. QKD can establish such a key remotely between two different parties, which will be permanently hacker-proof by both conventional hackers and quantum computers. In fact, once someone tries to break the connection using classical or quantum hacking, users immediately detect the intrusion and the connection is dropped.
Sounds great? In fact, QKD companies are already implementing this technology in a way that can be proven to be safe.
The list includes the Swiss company IDQuantique, which is an industry leader in the manufacture of quantum generated random communication products. Many IDQuantique products are used by SK Telecom of Korea for the subscriber authentication center of its 5G network. SKT is also applying QKD technology to the Seoul-Daejeon section of its LTE and 5G networks to prevent hacking and eavesdropping.
It is not just European and Korean companies that are following this route. Australian company QLabs has a QRNG-based qStream suite of products that is used to protect billions of highly confidential legal documents in the cloud. An American company, Quantum Xchange, has used QKD to provide point-to-multipoint broadcasts for Wall Street financial markets with back-office operations in New Jersey, while Department of Energy labs are experimenting in the same space as the Japanese. .
At this time, practical QKD systems are currently limited to distances of about 100 kilometers. But a scalable architecture that includes a trusted node to bridge the gap between successive QKD systems makes large-scale deployment possible and practical. So will the integration of QKD systems in fiber optic cables for quantum signals. In July 2018 Alberto Boaron from the University of Geneva and his colleagues reported distributing secret keys using QKD at a record distance of more than 400 kilometers of optical fiber, at 6.5 kilobits per second.
This exchange of non-cloneable encryption keys via QKD is destined to become the cornerstone of network security for all high-value data, even in space where quantum signals can travel much more freely. Chinese scientists demonstrated this when they launched the Micius quantum satellite in 2016, which can communicate with points on the ground using QKD.
The bottom line is that QKD offers a hardware-based solution for quantum hacking in the future, while QRNG provides a verifiable and guaranteed confidential link that is available now.
The Chinese understand this; They are advancing QKD technology to strengthen their networks against our future quantum computers. Which begs the question: what do the Chinese, as well as the Europeans, understand about the future trajectory of quantum crypto that we are missing?
Make no mistake: PQC is, and continues to be, a vital first line of defense. But it’s time for the US government to take a hard look at the quantum crypto option and not allow China, or our European allies, to create the security architecture for the quantum age that we choose to ignore.