Quantum encryption combats threat posed by quantum computing hacks

July 2, 2018
With the impending advent of quantum computing threatening to increase the horsepower of cyberattacks, ADVA Optical Networking has reported on its participation in a pair of efforts to enable quantum-level encryption. One, led by the University of Cambridge, has seen the deployment of fiber links in the UK fortified with a quantum key distribution (QKD) scheme. The second trialed a potentially even greater level of security via a post-quantum public-key encryption system on a route that leveraged multiple research and education (R&E) networks.

With the impending advent of quantum computing threatening to increase the horsepower of cyberattacks, ADVA Optical Networking has reported on its participation in a pair of efforts to enable quantum-level encryption. One, led by the University of Cambridge, has seen the deployment of fiber links in the UK fortified with a quantum key distribution (QKD) scheme. The second trialed a potentially even greater level of security via a post-quantum public-key encryption system on a route that leveraged multiple research and education (R&E) networks.

Current optical networks can enjoy a significant amount of security from data transmission breaches, says Jörg-Peter Elbers, senior vice president, advanced technology, at ADVA. Layer 1 encryption capabilities using Diffie-Hellman key exchange techniques are widely considered sufficient to withstand de-encryption attempts that use current technology. However, security experts fear that Diffie-Hellman won’t hold up to the power of attacks that use quantum computing resources. More robust key exchange and, potentially, encryption algorithms likely will need to be employed, Elbers explains.

The two recent efforts illustrate the direction that the next generation of encryption may take. In the University of Cambridge effort, the university has partnered with ADVA, Toshiba, and the Quantum Communications Hub to use QKD to secure a metro network in Cambridge; there is also a separately constructed 120-km spur link that connects to BT Labs’ Adastral Park facility in Ipswitch. QKD uses a distinct channel for quantum-based key exchange at the photon level that can reside on the same fiber as the encrypted transmission or a separate one. Attempts to intercept the data disturbs the photons, which likely will result in coding errors and will alert network managers of a “man in the middle” intrusion.

In the Cambridge network, the FSP 3000 platforms use QKD encryption capabilities from Toshiba, based on early drafts of a new ETSI quantum-safe cryptography standard a Toshiba-led Industry Specification Group has under development. Researchers will use the network to test the application of QKD-enabled encryption in a variety of scenarios.

Post-quantum key exchange

Meanwhile, security specialists also have interest in quantum-sturdy techniques that can augment existing security schemes quickly and efficiently. ADVA participated in a demonstration of such an approach alongside Broadnet, GÉANT, NORDUnet, PSNC, and UNINETT. Here, the partners demonstrated the use of “post-quantum” key encryption based on a variant of the Niederreiter scheme. The scheme has been around for some time, explained Elbers. It uses larger keys than those typically employed in Diffie-Hellman; optical transport systems now support transmission rates great enough that the larger key size no longer significantly degrades transmission efficiency. One benefit of the approach is that it can be implemented at the network endpoints, leaving the rest of the network untouched. Thus, such key encryption can complement any encryption scheme the network has in place. The Niederreiter scheme is one option under consideration within the NIST Post Quantum Encryption Standardization effort.

The field trial saw the Niederreiter-based approach implemented on a 2,300-km link from Poznań, Poland, to Trondheim, Norway. The run made use of three R&E networks, thus demonstrating the ability of the encryption approach to work in a multi-domain environment. The post-quantum key exchange algorithm worked smoothly with the FSP 3000’s commercially available ConnectGuard AES encryption capabilities. The trial also saw the Niederreiter algorithm used in combination with Diffie-Hellman to create a hybrid key exchange system.

Elbers predicts network operators such as governments, financial institutions, R&E organizations, and others would have interest in the quantum-resilient security measures described here. However, both the ETSI and NIST standards efforts are ongoing; Elbers predicted the NIST work would last at least until 2022. He theorized that commercialization of such technologies might come before the standards work completes.

For related articles, visit the Network Design Topic Center.

For more information on high-speed transmission systems and suppliers, visit the Lightwave Buyer’s Guide.

About the Author

Stephen Hardy | Editorial Director and Associate Publisher

Stephen Hardy has covered fiber optics for more than 15 years, and communications and technology for more than 30 years. He is responsible for establishing and executing Lightwave's editorial strategy across its digital magazine, website, newsletters, research and other information products. He has won multiple awards for his writing.

Contact Stephen to discuss:

  • Contributing editorial material to the Web site or digital magazine
  • The direction of a digital magazine issue, staff-written article, or event
  • Lightwave editorial attendance at industry events
  • Arranging a visit to Lightwave's offices
  • Coverage of announcements
  • General questions of an editorial nature

Sponsored Recommendations

Next-Gen DSP advancements

Nov. 13, 2024
Join our webinar to explore how next-gen Digital Signal Processors (DSPs) are revolutionizing connectivity, from 400G/800G networks to the future of 1.6 Tbps, with insights on...

Meeting AI and Hyperscale Bandwidth Demands: The Role of 800G Coherent Transceivers

Nov. 25, 2024
Join us as we explore the technological advancements, features, and applications of 800G coherent modules, which will enable network growth and deployment in the future. During...

Understanding BABA and the BEAD waiver

Oct. 29, 2024
Unlock the essentials of the Broadband Equity, Access and Deployment (BEAD) program and discover how to navigate the Build America, Buy America (BABA) requirements for network...

The Road to 800G/1.6T in the Data Center

Oct. 31, 2024
Join us as we discuss the opportunities, challenges, and technologies enabling the realization and rapid adoption of cost-effective 800G and 1.6T+ optical connectivity solutions...