Quantum Key Distribution Archives - Welcome to Quantum Guru

Quantum Key Distribution and its Application

admin — Sun, 27 Mar 2022 16:04:51 +0000

We have written on Quantum Key Distribution and received suggestions on complementing it with application of Quantum Key Distribution. This article tries to address that feedback.

What is Quantum Key Distribution (QKD)?

The concept of QKD was first proposed in 1970’s. It is believed that QKD is the only provable secure communication method (at least till now) because it uses physics, not math to encrypt data. QKD also known as Quantum Cryptography is a technology that employs quantum physics aimed to secure the distribution of symmetric encryption keys. QKD is the technology that can address the long prevailing confidentiality issue of secured data.

Long-lived Cryptosystem

Among the latest applications of QKD is the long-term storage solution that aims to homogenize QKD with modern post quantum crypto technologies. The dynamics is changing so that quantum key distribution itself cannot protect confidentiality of data storage. For example, data relevant to human genome and health requires protection throughout its lifetime, which may be a century in time scale thanks to ever increasing life expectancy. Although research suggests that post quantum public key cryptography is expected to be resilient to quantum computers attacks, security for such a long time-scale cannot be guaranteed. So, the long-lived cryptosystems are foreseen to enable security for data storage applications.
The main pillars for long-lived Cryptosystem are as follows:
1. Confidentiality: The data should be accessible only to authorized parties. Theoretically secure encryption (not computational) should be used on the information
2. Integrity: The data should remain unaltered. Signature and authentication schemes should be employed
3. Availability: The data should be available whenever required. Redundant data backup and fail safe mechanisms needs to be in place
4. Functionality: The data can be processed without decryption. Fully homomorphic encryption is expected

Applications of Quantum Key Distribution

The articles touch on the following two QKD applications:
1. QKD Networks
2. QKD Platforms

Quantum Key Distribution Networks:

QKD networks are custom-built (and generally proprietary) networks for secure and seamless transfer of data and information. It is not surprising that QKD has been deployed in many (links and networks) areas and prominent among them are:
1. Defense Advanced Research Projects Agency (DARPA) – The DARPA Quantum Network pioneered the deployment of QKD in a metropolitan network and operates with 10 optical nodes across Boston and Cambridge, Massachusetts
2. Secure Communication based on Quantum Cryptography (SECOQC) – SECOQC is a European project that integrated several QKD systems into one quantum back bone (QBB) network. It is developing a cross-platform interface to demonstrate (to start with) the encryption of voice transmission
3. SwissQuantum – The SwissQuantum network is believed to be the first international QKD network. A quantum layer is implemented with commercial QKD devices (ID Quantique, id5100). The layer is composed of the following three QKD point-to-point links:
a. Unige – CERN
b. CERN – Hepia
c. Hepia – Unige
4. Chinese networks – Though not the first one, the Chinese QKD network is the most advanced globally. It comprises over 2000 kilometers by fiber optics covering over four major cities of China (Shanghai, Hefei, Jinan and Beijing), and a 2600 kilometers satellite link between two observatories. The Chinese network spans around 4600 kilometers

Quantum Key Distribution Platforms:

The QKD networks are based on trusted nodes. These nodes themselves are physically protected vaults and keys from connected QKD links are securely stored and managed in these vaults. QKD networks are enterprise grade and connect two closely knit organizations. The security is tightly coupled as specifications are strictly confidential making it impossible to interconnect (external) systems.

This problem can be solved if the keys and the identifiers are properly managed in the trusted nodes thereby enforcing compliance among different QKD networks. The QKD platform plays an important role in supply and storage of keys to various applications. It can result in enhanced security of applications as well as seamless connection and security of links across QKD networks of many different organizations.

The post Quantum Key Distribution and its Application appeared first on Welcome to Quantum Guru.

Cryptography with Quantum key distribution(QKD)

admin — Sun, 05 Sep 2021 14:22:02 +0000

Quantum is touted as more revolutionary technology than even modern day internet. Quantum computers will provide unparalleled processing power and run billion times faster than any supercomputer ever made. The principles of nature and quantum physics will enable quantum computers to bring the expected revolution to the world in a decade or two. However, there are good and not so good uses of any technology and quantum is no different. The same advantages, for instance, can enable breaking of security at any level of cyber infrastructure. Quantum computers bring major challenges to cyber security and need to develop mechanisms to counter the threat. In this article, Quantum Guru touches upon the highly decorated Quantum Key Distribution to help alleviate the risk.

What are the cybersecurity risks to current cryptographic techniques?

Current cybersecurity infrastructure mandates following two functions:

Authentication – Allows distant users to trust their counterpart and validate the content of their exchanges. Public key scheme is used to implement authentication
Confidentiality – Allows (and is required for) exchange of any private information between distant users. It is executed in a two-step process and users have to share a secret key at the start. It uses the public-key protocol, commonly known as the key exchange mechanism. The secret key is used in a symmetric key encryption scheme.

Therefore, both functions depend on similar cryptographic techniques, known as asymmetric or public-key cryptography as shown in Figure 1.

However, cybersecurity is much more than the underlying cryptography. All current hacks and security failures do not come from weak cryptography, but rather from faulty implementation, social engineering, to name a few. Current systems trust the cryptography and fight to get the implementation right.

Unfortunately, things are about to change with the advent of quantum computers. Today the point of cryptographic vulnerability is public-key cryptography that is implemented using algorithms such as RSA. These are used both to authenticate data and to securely exchange data encryption keys.

The processing power of the quantum computer can solve these mathematical problems exponentially faster than classical computers and break public-key cryptography. As a result, the currently used public-key cryptosystems are not appropriate to secure data that require long-term confidentiality. An adversary could indeed record encrypted data and wait until a quantum computer is available to decrypt it, by attacking the public keys.

What is Quantum Key Distribution (QKD)?

The concept of QKD was first proposed in 1970’s. QKD is the only provable secure communication method because it uses physics, not math to encrypt data. QKD also known as Quantum Cryptography is a technology that uses quantum physics aimed to secure the distribution of symmetric encryption keys. QKD is the technology that can address a long-term confidentiality issue of secured data.

How does QKD improve traditional cryptography implementations?

A security solution is as secure as its weakest link and in network encryption, the current weakest link with respect to the quantum computer threat is the secret key distribution based on public key cryptography. As its name suggests, QKD is used to distribute encryption keys whose security is based on quantum physics and is thus guaranteed for the long-term.

How does QKD work?

QKD transmits photons, which are “quantum particles” of light across an optical link. The principles of quantum physics stipulate that observation of a quantum state causes perturbation. The various QKD protocols are designed to ensure that any attempt by an eavesdropper to observe the transmitted photons will indeed perturb or disturb the transmission.This disturbance will lead to transmission errors, which can be detected by the legitimate users. This is used to verify the security of the distributed keys.

QKD implementation requires interactions between the legitimate users. These interactions need to be authenticated that are achieved through various cryptographic means. As a result, QKD can utilize an authenticated communication channel and transform it into a secure communication channel as shown in figure 2.

In theory, QKD should be combined with One-Time Pad (OTP) encryption to achieve provable security. However, an OTP requires keys, which are as long as the data to be encrypted,= and can be used only once. This would impose strong limitations on the available bandwidth as the key distribution rate of QKD is typically 1’000 to 10’000 times lower than conventional optical communications. Therefore, in practice, QKD is often combined with conventional symmetric encryption, such as AES, and used to frequently refresh short encryption keys. This is sufficient to provide quantum-safe security.

What is the need to implement quantum-safe cryptography?

The greatest threat to public cryptography is asymmetric algorithms used for digital signatures and key exchange. There are already quantum algorithms, such as the famous Shor algorithm, which can break RSA and Elliptic Curve algorithms once a universal quantum computer is available. Another famous quantum algorithm, the Grover algorithm, attacks symmetric cryptography. Fortunately, Grover’s risk can be countered by a simple expansion of the key size. For example, AES symmetric encryption scheme with 256 bit keys is considered as quantum-safe. Although certain theory estimates, a quantum computer with 4099 perfectly stable qubits could break the RSA-2048 encryption in 10 seconds (instead of 300 trillion years).

Countering the quantum computer threat will rely on following two pillars:

Post-Quantum algorithms – Development of new classical algorithms, which should resist adverse usage of quantum computer
QKD – Provide quantum-safe key exchange based on very quantum principles. Fortunately, it is available today.

Does Quantum Key Distribution offer absolute security?

For a system to be secured:
1. It must be based on sound principles
2. Its implementation must be full proof and susceptible to vulnerabilities
Contrary to classical key distribution techniques, which rely on unproven assumptions and thus do not fulfil the first criterion, the security of QKD is based on the laws of quantum physics and can be rigorously proven. Having said that, it is imperative that the practical embodiment of a QKD system also fulfils the second criterion and does not have any implementation flaws. All the announcements about QKD having been hacked were related to implementation flaws. The flaws though serious are inherent to any technological system and are rectified as technology matures. In summary, the security of QKD is based on sound principles and, if properly implemented, =guarantees absolute security for key distribution.

The post Cryptography with Quantum key distribution(QKD) appeared first on Welcome to Quantum Guru.