What will it take to bring quantum cryptography to the masses?
Now that we have answered the question of what happens when quantum physics meets cryptography in a previous blog, the next question of interest is when can we expect these quantum cryptography capabilities, that promise to increase the security of encryption technology, to be available commercially.
Let’s explore the answer to this very legitimate question by evaluating each of the following key elements of quantum cryptography in this context:
- Quantum-resistant algorithms: the development of new cryptography algorithms that would be secure against the computational power of both quantum and classical computers.
- Quantum random number generators (QRNG): leveraging the random movement of particles to generate truly random numbers used to produce cryptographic keys that are virtually impossible to predict.
- Quantum key generation and distribution (QKD): the principle behind a QKD system is to use the measurement of particles transmitted in a fiber optic channel to generate keys that are exchanged and synchronized by a pair of QKD servers and used by encryption algorithms to encrypt the information. The main security benefit behind QKD is the ability of the two communicating parties to detect disturbances in the fiber (e.g. hacking attempts) enabling them to take appropriate action.
Today’s encryption solutions typically require third-party certification to validate that the offering is implemented with industry-standard algorithms, such as a FIPS-certified AES-256 encryption engine. If we consider quantum-resistant algorithms, an important consideration is the evaluation and standardization of the algorithm.
Until these new quantum-resistant algorithms are demonstrated to be mathematically sound, with the ability to offer more resistance to the increased computing power of quantum computers, it would be hazardous for anyone to encrypt sensitive data with such algorithms as they could contain flaws making them weaker than existing ciphers.
Since the Call for Proposal initiated by the National Institute of Science and Technology (NIST) was issued last year and the deadline for proposals is coming up in November 2017, we still have some time until those proposals are reviewed. In fact, it is expected that NIST will require 3-5 years to review and analyze the proposed algorithms and publish their results, which by the way will likely include more than one cipher. Only then will the standardization of the ciphers begin which will require another 1-2 years to complete.
It is expected that NIST will require 3-5 years to review and analyze the proposed algorithms and publish their results, which by the way will likely include more than one cipher. Only then will the standardization of the ciphers begin which will require another 1-2 years to complete.
This means that the implementation of these new quantum-safe algorithms in commercially available solutions is likely anywhere between 4 to 7 years away from these early estimates. Of course, any significant advancement in quantum computing may force this schedule to be accelerated but nonetheless the implementation of these new ciphers in commercial products will be in lockstep with the standardization activities.
When it comes to quantum random number generators, the status of the technology is far more advanced than that of quantum-resistant algorithms. As a matter of fact, there are already a number of QRNG solutions commercially available on the market. A number of these solutions are tailored to data center environments where there is a need for a large number of quantum-based random numbers.
There is also a move to scale and miniaturize the technology so that it could eventually replace hardware-based random number generators used in today’s commercially available encryption appliances. Setting aside the form factor, the other key consideration here is that of certification. While the promise of “better” random numbers is very attractive for anyone involved in cryptography, we also need to convince ourselves that these QRNGs achieve the stated performance before they can fully replace existing random number generators used in today’s solutions, which undergo a rigorous certification process to ensure they perform as expected as these are at the core of secure cryptographic systems.
While the promise of “better” random numbers is very attractive for anyone involved in cryptography, we also need to convince ourselves that these QRNGs achieve the stated performance before they can fully replace existing random number generators used in today’s solutions
Similarly, quantum key distribution systems have been an active development field for several years. A number of commercial solutions are available for sale and can be deployed today. The investment in research and development activities in this area continues with key objectives, amongst others, to improve the performance of these systems.
One of the main challenges of these R&D efforts is trying to improve the reach of QKD systems. While the technology itself has been successfully demonstrated to work over short distances of ~100km (give or take), the focus is now on developing repeater technologies or alternative solutions to increase the distance over which one can practically deploy a QKD system across a larger variety of network architectures.
While the technology itself has been successfully demonstrated to work over short distances of ~100km (give or take), the focus is now on developing repeater technologies or alternative solutions to increase the distance over which one can practically deploy a QKD system across a larger variety of network architectures.
Additionally, another consideration given the rarity of fibers in various geographies, is to find a means around the current requirement for a dedicated fiber optic connection for key generation between QKD servers (as opposed to combining that signal with other wavelengths containing the actual encrypted data).
As with QRNG, the other key aspect for anyone looking to deploy a QKD system is that of standardization and certification. While there aren’t any established standards yet related to this field nor any certification programs, the industry is lobbying for standards of compliance to be established using evaluation criteria similar to that of existing FIPS 140-2 or Common Criteria certifications. The development of a rigorous evaluation and certification process for this technology would facilitate the adoption of the technologies in organizations with security policies requiring the use of certified solutions.
The Evolution to Quantum Cryptography
As the industry is working towards the implementation of quantum encryption certification standards, and as the technology itself is evolving in the quantum and other cryptography-related fields, there will likely be a transition period where traditional certified solutions can interwork or be paired with emerging quantum cryptography technologies. This degree of interworking will allow us to explore the benefits of this technology and develop more knowledge to help improve its adoption and deployment models. Such an interworking model could be quite useful to trial the new technology while ensuring that solutions retain their certifications and are thus qualified for deployment.
The promise of maximum security cryptographic systems using quantum cryptography technologies is not only exciting and interesting, but also very much required when one considers the effort and research going into quantum computing. And while there is still some time ahead of us before quantum computers become a reality (from the latest consensus at least), at Ciena we understand the importance in keeping abreast of activities related to the world of quantum cryptography and collaborating in discussions on this topic, proof of concepts and lab trials when appropriate with various contributors involved in this space, be they academics in the Research and Education sector or other industry partners.
What to hear more about the current cybersecurity and encryption landscape? Listen to the below podcast with Ciena experts Patrick Scully and Paulina Gomez, along with special guest Kelly Crosby of Windstream.