Two major federal organizations are working toward developing real-world applications of quantum computing. But they are working at opposite ends of the optical fiber, as it were, and this disconnect could reverberate down the line for how quickly and effectively businesses can take advantage of quantum speed and security.
Unlike traditional bits- and bytes-based computing, quantum computers use the physics of light and quantum mechanics to compute at speeds that dwarf the fastest traditional computer.
Why is this critical? Because as the size and scale of data grow (think big data, growing exponentially every day), governments and companies need computers that can work with the scope of the data to create actionable analytics.
But with great processing power comes the need for a major upgrade in security. When using traditional computer security techniques based on mathematical algorithms, you are waging a battle against time. A hacker can harvest encrypted data today, store the data and the encryption key transmitted with that data and wait until a quantum computer is available that can quickly break the encryption key.
With quantum computers, security is double-pronged. On one hand, a bad actor deploying a quantum computer can break a mathematical encryption much, much faster. On the other hand, quantum-based encryption using encoded photons as encryption key material is virtually unbreakable, even by a quantum computer.
Two Opposing Quantum Viewpoints?
The National Science Foundation, under the auspices of the Department of Energy, has gone all-in on , combining millions in private and public monies to bring together a collaborative team of scientists and engineers. You could say they are dealing with the head of the quantum
“snake,” working on applications of quantum technologies for computing, networking, security and materials development.
On the other hand, the , in coordination with the National Security Agency (NSA), is focused on anointing post-quantum cryptography (PQC) or quantum-resistant mathematical algorithms to be selected as the standard for quantum-based cryptography. This process has been playing out in public since 2017 and is not expected to conclude with a new standard until 2022 or 2023. The queasy feeling in your stomach is the realization that China will have as many as six years to break the new standard before it even sees the light of day.
The conflict between NIST’s all-or-nothing approach is that we know quantum computers have the heft and processing speeds to break even once-unbreakable mathematical encryption. We need only look to the recent past when Peter Shor in 1994 and Lov Grover in 1996 developed algorithms to make our current encryption less secure. Can we count on no other brilliant mathematician emerging on the scene with a new algorithm that cuts into the lifetime of the anointed PQC algorithm The question isn’t whether NIST’s standard will be violated, but when.
There is one , in particular, that NSA and NIST have eschewed: quantum key distribution (QKD). QKD is a method of communication that allows two parties to create a shared random “key” that is known only to them. This key can be used to encrypt and decrypt messages.
With their focus on math instead of physics, NIST researchers have laid out five reasons QKD is a nonstarter. Based on my 30-plus years of experience working in security technology and quantum science., I call these the:
Five Myths Of QKD
1. “QKD is only a partial solution.” This asserts that QKD keys cannot be authenticated from their source. This is false. QKD systems authenticate at both ends of the exchange assuring that the original transmission comes from the desired entity, thereby securing the communication seamlessly.
2. “QKD requires special purpose equipment.” This is believed because QKD requires fiber optic cables to send secret information from point A to point B. But there are already more than in the United States, with telecom companies laying more every year. This in-ground fiber is perfectly suitable to support QKD. With this logic NIST seems to be saying that we should have never invested in the infrastructure of the internet.
3. “QKD increases infrastructure costs and insider threat risks.” This myth is based on the assertion that trusted relays should never be trusted. A trusted relay or, more commonly, trusted node is used to repeat the QKD signal after the optical fiber attenuates the signal over the transmission distance. The need for trusted nodes is diminishing rapidly with readily available QKD equipment extending the need for repeating to well beyond 100 km and with new twin-field QKD, transmitting as far as 600km without repeating the signal. Finally, there is a world-wide development effort by the most prestigious universities and research institutes to develop and build quantum repeaters. The time for this innovation is expected to parallel the development of a quantum computer capable of defeating public key cryptography.
4. “Securing and validating quantum key distribution is a significant challenge.” NIST faults QKD not for its quantum theory but for long-ago misfires in its practical application. On this point, consider that QKD was first invented in 1984 by a team that included . A lot has happened in almost 38 years to bring QKD and the equipment it uses into the future. The actual security provided by QKD relies on the laws of physics which mathematical algorithms can never claim.
5. “QKD increases the risk of denial of service.” QKD technology creates an environment that detects an eavesdropper — someone who should not be in the path of the secret communication, automatically stopping the transmission of the secure information. But with survivable, route diverse QKD systems, the keys can be redirected so quickly and randomly that the user will see no performance impact, and the interloper will be shut out from any denial-of-service attempt.
The bottom line is that no one — not our government and certainly not the companies who could become victims of quantum enabled crime — can afford to rebuff any quantum-safe security solution. Europe, Japan and China have robust QKD systems and trials in place. Shouldn’t we be as informed as our international friends and foes?
No security expert would ever suggest using just one system or rely on just one approach to protect its secret data. That single-threaded approach has gotten us the Colonial Pipeline breach and leaves us open to far more serious infrastructure attacks that won’t be solvable by writing a ransom check. A defense-in-depth strategy with completely different failure mechanisms,
deploying more than one kind of encryption can provide the layers of protection that will prove resilient. QKD is an excellent step toward quantum security, relies on an immutable law of physics for its security and is destined to be an integral part of the quantum internet of the future. Isn’t it time to devote a united, serious development effort to QKD in America?