QKD Doesn’t Make you Quantum Secure

Article By : Gary Hilson

Quantum encryption is securing "classical" data, not data traveling between quantum computers

Quantum encryption is here but encrypting quantum computing data is a little way off. A recent report released by Inside Quantum Technology found that quantum key distribution (QKD), an encryption technology designed to protect critical data in the quantum computing era that was only in the experimental stage a couple of years ago, is now being supplied by major companies, including Fujitsu, Nokia, Raytheon, and Toshiba, among others.

The research firm is projecting that the QKD distribution market will grow to more than $980 million by 2024 with the telephone companies being the primary purchasers of QKD gear for their networks, which is being developed by Nokia, ZTE, BT and NTT. The first specialist QKD carrier, Quantum Xchange, is creating a QKD link between Manhattan and northern New Jersey.

QKD secures communications by implementing a cryptographic protocol involving components of quantum mechanics that allows two groups to produce a shared random secret key — known only to them — to encrypt and decrypt messages. Quantum mechanics is what enables a unique and compelling feature of QKD: the two authorized parties can detect whether a third party is attempting to gain knowledge of their key because the act of eavesdropping creates detectable anomalies. QKD differs from traditional public key cryptography, which depends on the computational difficulty of certain mathematical functions.

QKD essentially uses quantum states to make sure that there's no way you can break into a QKD-protected network, said Lawrence Gasman, founder and president of Inside Quantum Technology in a telephone interview with EE Times. “If you interfere with the information in any way, it ceases to exist. It's the first uncrackable system.”

It’s important to distinguish between the benefits of a QKD network with quantum computing, which is expected to be able to crack standard algorithms in about a decade, and encrypting the data on a quantum computer, or the data being shared between two quantum computers, said Michael Osborne, manager of the security research group at IBM Research. “If you have multiple quantum machines and you actually want to interact between them, what sort of a security models does one require in that scenario?”

The priority, he said, is doing the work necessary to make today's security “quantum secure,” so the long-term identity, signature, and data encrypted today is safe for the lifetime that those things are required. “There's a lot of confusion. A lot of people see QKD as the answer to becoming quantum safe — but that only really addresses one part of a problem: securing a point-to-point connection that you have control of.”

Osborne added, currently, the best niche use case of QKD is by telcos that need to control that point-to-point connection to make sure there are no “man-in-the-middle” attacks. For now, quantum encryption is being used to secure “classical” data back and forth, rather than for keeping data communications between quantum computers secure — which is some time off. “You'd use very different techniques to actually communicate between the quantum machines. So QKD is very much about a partial solution to a problem for protecting data as we send it around today.”

As noted by the Inside Quantum Technology report, there’s lots of QKD activity in the telco space with both terrestrial and satellite networks. By 2024, $254 million will be spent on satellite based QKD networks. Japan, Italy, Germany, Singapore, Canada, and the U.K. all have QKD deployed on satellite networks, while China is in the lead, having demonstrated space-to-ground QKD from its Micias satellite and from the Tiangong-2 Space Lab.

Other applications that may be embraced by QKD include securing national power grids and other infrastructure that is increasingly at risk due to the adoption of remote sensing and control, the report noted, but infrastructure companies tend to be very conservative with respect to technology change and are expected to embrace QKD slowly.