zapp2photo - stock.adobe.com
Trusted nodes: The next generation in quantum key distribution
QKD is a form of protection against interception by quantum computers, but cost and technical limitations have made the technology impractical. Could trusted nodes make all the difference?
Quantum computers have long been on the horizon, with a rolling estimate that quantum computers would be available “in 20 years”. However, recent breakthroughs have meant we could have enterprise-level quantum computers far sooner than previously estimated.
As well as the multitude of benefits that are promised by the potential processing power of quantum computers, they are expected to fundamentally change how we encrypt sensitive communications across the internet.
In anticipation of this, the US National Institute of Standards and Technology (Nist) is currently reviewing a series of proposed post-quantum cryptographic algorithms, which will be published once the selection process is complete.
“It is going to take another five to seven years for a new cryptographic cipher to be introduced through Nist and it may take longer. That is too late,” observes John Prisco, CEO of Quantum Xchange.
Rather than building upon existing cryptographic algorithms, quantum key distribution (QKD) instead transmits the key at the quantum level, separate to the encrypted message. Although QKD is a technology that is still very much in its infancy, recent developments now mean it may become a viable form of defence.
QKD operates by transmitting elementary particles, such as photons, between a transmitter and a receiver. The behaviour of elementary particles is random, and when used to generate a stream of random data, makes it an ideal method for generating a cryptographic key.
“Typically, when we are deriving a key, the key might be made of a million photons and it is likely the final key we settle on is only made of 100,000 photons,” says Prisco. “In order for someone to intercept the key, the content of the key is never transmitted all at once; it is transmitted a photon at a time.”
Elementary particles cannot be cloned
An advantage of using elementary particles is that they cannot be cloned. While some of the quantum properties could be copied, not all them can be duplicated. Furthermore, the nature of elementary particles means the very act of observing such a particle changes the state of the particle, thereby alerting the sender and receiver to the fact that the signal has been intercepted, thus halting the message.
A suitable analogy to QKD would be a symmetric key (a one-time pad), plus a hard-drive filled with random data, given to someone in order to enable secure communications with them. This would be less expensive than current QKD methods, but far slower and more cumbersome.
Quantum decoherence limits the range of QKD. This could be overcome by installing quantum repeaters approximately every 50km (31 miles) to extend the range of the signal, but these are not yet ready for real-world deployment.
Some QKD techniques have been able to transmit a QKD signal 400km (nearly 250 miles), but these are cryogenically cooled to near absolute zero and have extreme vacuum requirements. “These are not commercial,” says Prisco. “They are really just educational and laboratory research projects.”
This was highlighted in a white paper by the National Cyber Security Centre (NCSC), which is part of UK’s GCHQ, after it concluded that whilst QKD held potential, it was not yet – at the time in 2016 when the report was published – suitable for deployment. The review highlighted that QKD “has fundamental practical limitations, does not address large parts of the security problem and is poorly understood in terms of potential attacks.”
However, Quantum Xchange, in conjunction with ID Quantique, are developing a solution to this. “ID Quantique have developed a QKD protocol, in association with the University of Geneva, called Coherent One-Way, which allows their key to be transmitted about 100km,” says Prisco. “That is great for what they are doing in Geneva, but really doesn’t work for most of the other geographically large countries and certainly not in the United States.”
Therefore, Quantum Xchange, together with Battelle Memorial Institute, have developed a system of trusted nodes. Rather than boosting the signal to extend the range, trusted nodes receive and then retransmit the encrypted signal onwards to the next trusted node, until the signal reaches the final destination.
Read more about Quantum Key Distribution
- Prepare now for quantum computers, QKD and post-quantum encryption.
- QKD does not solve the problem of authentication and does not work with asymmetric encryption.
- Researchers have devised a new protocol that they claim vastly extends the range of quantum key distribution over fibre networks.
- Quantum cryptography tutorial: Is quantum key distribution realistic?
A trusted node consists of a quantum receiver linked to a quantum transmitter, which is housed in a secure boundary, designed to prevent tampering. These have been engineered to allow the quantum system components – the Quantum Key Controller (QKC) and the Quantum Key Engine (QKE) – to fit within a standard ATCA (advanced telecommunications computing architecture) board or blade, a standard telecommunications form factor, which is protected from intrusion and certified to the FIPS 140-2, level 3 standard.
“If somebody was intending to break in, they would have to break into your guarded facility, [and then] they would have to take the cover off the transmitter,” says Prisco. “This is protected by a secure memory tamper detection module. When that is tampered with, every key that is stored inside the trusted node turns to zero.”
When powered and enabled by the QKC, the QKE continuously generates a stream of qubits, measures error rates and performs error correction and privacy amplification operations to maintain a store of qubits that can be used to generate encryption keys. These qubits are transferred to the QKC, where they are used as an entropy source that is shared by the two nodes.
“To say there is a zero chance of breaking this is mathematically incorrect, but it is ironclad,” says Prisco. “An intruder would have to guess the state of each photon and make that guess a million times in row – such as flipping a coin a million times and guessing whether it is going to be heads or tails.”
While the QKC and QKE are responsible for – and generate – all the key material, the Trusted Node Controller (TNC) is responsible for routing that material to the various endpoints within the overall network. As the TNC is the outward (network-facing) portion of the trusted node, no unencrypted key information is ever found within the TNC. Instead, all of the information that is transmitted through the trusted node network is encrypted by the quantum keys shared within the appropriate quantum blade that connects the trusted nodes.
Quantum Xchange are currently deploying a QKD network in the United States, to be used solely for the transmission of quantum cryptographic keys between entities that need to securely transmit confidential data.
The network currently stretches between lower New York and New Jersey, with the proposed route to continue to Washington DC in the next three to six months. “We have fifteen intermediary sites along the route, which we can use to access customers in cities like New York, Washington and Baltimore,” says Prisco.
Ease of access
Quantum Xchange’s trusted node network is designed for ease of access and minimum disruption, and will not require companies to adapt their existing security policies. “We are not asking customers to change the way they transmit their data,” says Prisco.
“They can transmit their data exactly the way they transmit their data today, with the same encryptors. The only thing that we are doing is adding an overlay network that is separate from their data network.”
One of the problems with previous QKD systems was that they were slow. Transfer speeds were typically measured in kilobits per second. However, recent developments have witnessed a five to ten-fold increase in key transmission rates, bringing them into the megabit per second range. “There is no significant additional latency so the user experience will be as fast as they are accustomed to,” says Prisco.
The eventual goal will be for this QKD network to extend across middle America and then to the west coast. “The systems can transmit a key as far as needed using Trusted Node technology,” says Prisco. “Our plan is to deploy nationwide.”
Nist is currently assessing Quantum Xchange’s trusted node network. “They are testing us in the laboratory and will eventually certify us as FIPS 140-2 Level 3 compliant,” says Prisco. “This helps in terms of providing QKD to federal agencies, the US Department of Defense and intelligence agencies, as well as the defence industrial base that will have intellectual property that they will want to protect.”
One of the reasons why Quantum Xchange’s method of QKD could prove so effective is that many of the smart fibre providers in the Unites States have excess capacity. “Back in the late eighties when we were building competitive power communication networks, we would put in a lot more fibre; usually 144-fibre cables when we perhaps only needed six-fibre,” says Prisco.
“The reason for that is construction costs were high and cable costs were low, so you may as well put in as much fibre in as you can, as you are only opening that trench once.”
Working alongside BT
Although this particular QKD service will be available only in the US, ID Quantique are currently working alongside BT to develop a viable QKD service for the UK. Since 2016, BT have been building a 100km (just over 60 miles) QKD link between the BT Labs at Adastral Park and Cambridge University, with trusted nodes in Ipswich, Newmarket and Bury St Edmunds.
Each of these nodes is housed in a BT exchange and forms part of the local BT telecommunications infrastructure. “This is the first time that this has been done. There are other QKD systems out there but none have gone as far as we have,” says Andrew Lord, head of optics research at BT. “It has been installed in BT exchange buildings, so it has all the CE markings that are needed and it has passed all the tests.”
But how far is the UK from having a QKD network? “It is sooner than we think, but not as soon as we would like. A QKD network is further away than dedicated bespoke links for special customers who might need it,” says Lord.
“We are already working with customers who are doing those kinds of trials. These will be links of few tens of kilometres backing up a customer’s centre of operations, or they could be for financial transactions.”
Currently, BT’s QKD link is still very much a prototype, but it demonstrates how QKD could be deployed. “The hardware is not rocket science, it is just a pragmatic engineering exercise of getting it to work in these real-life situations,” says Lord.
“Even when you have done that, you need to put it into a service, so you have to put in a key management wrap over the top – It is all well and good having all these keys, but how are you going to make them available for use?”
Increased risk
The risk posed by transmitting confidential information over the internet now exists far beyond the time of when the message is transmitted.
Organisations need to begin preparing for the impact that quantum computers will have on information security, by familiarising themselves with transmission methods that are secure against attacks from quantum computers. It is now a case of “when”, rather than “if”, such attacks will begin to occur. Therefore, planning and preparation are of the utmost importance.
While QKD systems are currently the only communications method that could promise to be genuinely quantum-safe, the range limitations of earlier QKD technologies made it impractical over long distances. Trusted nodes promise to mitigate that limitation by providing a practical, certifiable, key-management system of a long-distance QKD.
“You have got to plan for today, as there are so many nefarious actors harvesting data today, along with encryption keys,” says Prisco. “You really need something today to protect your data transmission and the only thing that can protect it is a quantum key.”