QNu Labs

Categories
Guides

Guide: QOSMOS – Entropy as a Service

Guide: QOSMOS - Entropy as a Service and How it Works

The guide details the concept of EaaS, its methodology, and industry applications.

blog-boat-breach

The Context

Every device, especially in the hyper-connected world of today, ought to communicate securely on the internet to minimise data exposure risks. Cryptography plays a critical role in ensuring the data remains secure when idle or in transit.However, cryptography fails when devices work with weak random numbers generated from low-entropy sources and use predictable keys.

The best source of true randomness is from unpredictable physical phenomena of quantum effects. Leveraging it in individual devices is impractical because of their various limitations - form factor, hardware age, power consumption, and interface availability. To enable organisations to overcome these hurdles, QNu Labs created “QOSMOS”, a quantum-secure EaaS (Entropy as a Service), that helps organisations, developers, and security teams to get access to quantum-sourced random numbers for use with any application for cryptographic key generation.

What is Entropy as a Service?

In computing, entropy is the randomness collected by a system used in any application that requires random data. It forms the basis of cryptography in cybersecurity.

The security of a system depends on the secrecy of the keys, which should be impossible to crack. This is why randomness is important. The randomness comes from either pre-existing hardware resources or specially provided randomness generators. Entropy is a constant stream of very high-quality random numbers, which can be fused with the entropy already collected by your computer.

EaaS is a security service architecture that provides secure time and quantum entropy sources for multiple devices including IoT.

The standard deterministic computers cannot deliver appropriate randomness, especially for devices with little opportunity to build entropy locally. The best sources of true randomness are based on unpredictable physical phenomena, such as quantum effects.

QOSMOS (Entropy as a Service) solves the entropy starvation problem of systems, whether in a cloud, embedded systems, or at the edge.

The Architecture of QOSMOS

entropy-as-a-service

The architecture comprises three main sections:

Characteristics of QOSMOS

  • Lack of pattern: QOSMOS provides truly random numbers with a steady supply of information that cannot be predicted or exploited by hackers.
  • Proactive quantum entropy: Quantum sources power the entropy generated by QOSMOS. Clients can rest be assured that the system cannot be attacked to degrade the entropy.
  • Ease of Integration: API runtime provides a seamless integration i.e., a new module or feature of an application or hardware can be added or integrated without resulting in any errors or complications.
  • Multiple deployments: The solution can be hosted in the client data centre or the cloud. By hosting QOSMOS in their data centre, clients can benefit from extra security.
  • High Scalability:QOSMOS is designed from the ground up to be highly scalable. It is powered by multiple quantum sources to ensure redundancy. Even if one of the quantum sources fails, clients are still assured of high quantum entropy from other connected devices.
  • Minimum Latency: Dynamic load balancer ensures that the least occupied device will cater to requests. This ensures the system will not suffer latencies when receiving random numbers from QOSMOS.
  • Proof of Randomness: The random data is subjected to a battery of tests specified by standards like NIST/ENT and only after successful verification, the buffers are served. The client also has the option to download the reports offline and verify.

Applications of QOSMOS

The use cases for QOSMOS are wide and diverse. Some of the immediate applications are:

QOSMOS (EaaS) provides the highest quality randomness and a secure method of providing the seeds for entropy-starved systems or applications.

Categories
Blog

boAt Data Breach | QNu Labs

blog-boat-breach

boAt’s Data Breach is a Wakeup Call for the Industry

APRIL 22, 2024 | QNu Labs

SHARE

boAt, an Indian electronics company, reportedly faced a major breach that affected more than 7 million of its customers. Media reports pointed out that personal details like names, email addresses, phone numbers, and even their residential addresses were exposed.

The data breach happened on April 5, 2024, by a hacker named ‘ShopifyGUY’ who claimed to have dumped more than 2GB of boAt customer data on the dark web.

The worrying aspect of the data breach was that the hacker was ready to sell it for as low as EUR 2 (Rs 180 approx) which made the data easily accessible to any bad actor. It might be possible to see the database available for free on other dark web and social media forums in the following days.

boAt is one of the top-selling brands in the affordable wearables segment, which catapulted the brand to the top of the global charts in the last few years. Such incidents get people worried, so it was imperative that boAt looked into the matter, came out with its findings, and shared them publicly.

boAt confirmed it was looking into the matter and had launched its investigation. However, it did not confirm if the breach occurred due to an internal issue, or through a misconfigured third-party database.

What do we learn from the breach?

No company, big or small, is spared from the inevitable–rush to dig into the data goldmine. India is one of the top countries affected by cybersecurity threats and data hacks. Larger corporations deal with several vendors, suppliers, and manufacturers. The valuable customer data might float around these third parties without adequate checks and balances in place. 

In a disorganised data management system, the chances of security loopholes are high. Hackers are well-versed in identifying and attacking such security lapses. Unfortunately, boAt became a victim of such a lapse.

How does India’s Digital Personal Data Protection Bill protect its citizens?

The bill is drafted on seven key principles. Two of these principles are relevant to boAt’s case:

  • Accountability: Breaches and violations should lead to penalties and accountability.
  • Security Safeguards: Adequate security measures must be in place to protect data.

The penalties as per the bill are severe. Failure to implement security measures involves a penalty of Rs. 250 crores and breach of personal data involves a penalty of Rs. 200 crores.

If the result of boAt’s investigation confirms data compromise, the company might have to face the brunt of the authorities.

We need to watch how the story unfolds.

How can such mishaps be avoided?

The answer is simple: Quantum Cryptography.

Quantum cryptography is the most robust encryption technology available today. It shields data from quantum attacks–the most powerful method of data hacks in today’s times. 

We don’t know how the attack was made in the case of boAt, but we are certain quantum cryptography could have averted the situation.

QNu Labs is a pioneer in quantum cryptography. QNu’s range of quantum-based products covers security from end-to-end across the entire data-based paraphernalia. From quantum-based encryptions to entropy enhancement services, QNu covers all security bases.

The immediate solution that can be implemented by enterprises like boAt is the QShield Platform. QShield is the world’s first unique quantum security platform that ensures seamless forward secrecy and crypto agility.

Quantum cryptography is the way forward for the changing landscape of encryption.

To know more, reach us for a demo

 

Sources:

News18

LiveMint

The Government of India Penalises Data Breach

Categories
Blog

Beyond QKD Nodes | QNu Labs

blog-quantum-nodes

Beyond QKD Nodes

APRIL 14, 2024 | Rajesh Kumar Krishnan & Sidhartha Pant

SHARE

Quantum Key Distribution (QKD) is a ground-breaking method of secure communication that harnesses the principles of quantum mechanics. It enables two parties to generate a shared random secret key, known only to them, which can be used to encrypt and decrypt messages. The primary goal of a quantum key distribution network is to provide secret keys to any users or applications that require a high level of security.

Broadening the Horizons of Point-to-Point Quantum Key Distribution Systems

Traditionally, QKD has been implemented between two nodes, often referred to as Alice and Bob. However, the evolution of quantum networks has seen the expansion of QKD beyond these two nodes. This expansion is facilitated by the integration of quantum repeaters and trusted nodes, which act as intermediaries between current QKD systems that only have trusted nodes and the future Quantum network will be built on configurable and routable QKD nodes. In this scenario, QKD can be deployed efficiently and practically, while also offering valuable insights for the future true Quantum Network.

The QKD networks also promise to offer better cost-effectiveness compared to the current point-to-point systems.

The transition from a fixed two-node QKD system to a self-evolving QKD network will be realized through the use of a software-defined network managed by centralized Network managers. These Software Defined Networks (SDN) consist of QKD nodes, which are interconnected through either direct optical links or virtual links (via multiple hops), forming a network that provides secure key distribution service across geographical boundaries, surpassing the fixed distance offered by direct fibre.

To enhance the key generation efficiency in such networks, dynamic routing strategies have been developed, which are based on the current state of the network. The routing functions use advanced path-finding algorithms which adapt to changes in the network status of the nodes and links.

The Significance of Quantum Networks

The QKD networks will offer a higher level of services through key management system (KMS) links enabling seamless distribution of secure keys across the vast network.

The Benefits of Quantum Software-Defined Networking (SDN)

SDN is an innovative approach to networking that uses software controllers to manage network traffic. By leveraging software, SDN can create and operate a series of virtual overlay networks that work in conjunction with a physical underlay network. SDN offers several advantages over traditional networking architectures, including:

  • Centralized Network Control: SDN centralizes the control of the network in a single controller, simplifying the management and configuration of the network.
  • Operational Efficiency: SDN provides seamless network control, operational efficiency, and accelerated business results.
  • Flexibility and Scalability: SDN offers greater flexibility and scalability in the network, as the data plane can be reprogrammed in real time to adapt to changing network conditions.

The QKD SDN is standardized by ETSI which has a series of standards defined such as ETSI GS QKD 015 and ETSI GS QKD 018 and more under the standardization process. This topic is important from a compliance perspective as it involves the interoperability of networks and the ecosystem of network vendors, which requires standardization.

The QKD SDN network will run parallel to the optical SDN, which will switch the light paths to achieve the optical fibre network required for the key quantum links. Such SDNs of QKD and the OTN (optical Networks) will be orchestrated by the centralized Network Manager (SDN Orchestrator). Thus, the network manager will be the centralized orchestrator of the whole network of networks, providing the operational control, performance monitoring, configuration, and charging policy management functions for the complete QKDN.

These QKD networks will be self-organizing in way of handling the discovery of new QKD nodes to the network linking them to the other nodes and continuously evolving the mesh of path for the connectivity. The path functions are intelligent to find the best path for connecting the nodes for secret key delivery considering the QOS specified by the application. The centralized QKDN Controller controls the QKD network continuously to handle all the faults, changes in QOS needs and selection of best paths for uninterrupted secret key delivery.

The following figure illustrates the overall network of QKDN (QKD Networks), centrally managed (orchestrated) by an NM.

quantum-nodes

Future Prospects of Quantum Networking

The prospects of quantum networking are vast and thrilling. As quantum networks continue to evolve and advance, they have the potential to revolutionize various fields, including:

  • Quantum Computing: Quantum networks are a crucial component of quantum computing systems, enabling distributed quantum computing and the sharing of computational resources.
  • Quantum Communication: Quantum networks facilitate secure communication through QKD and quantum teleportation, ensuring the confidentiality and integrity of transmitted information.
  • Quantum Sensing: Quantum networks can be used for high-precision sensing applications, such as detecting gravitational waves and analysing complex physical systems.
  • Quantum Cryptography: Quantum networks provide a foundation for developing advanced cryptographic systems, offering unparalleled security in the digital world.
  • Quantum Internet: A world of secure connected world of nodes across the globe enabling end-to-end security.

Conclusion

The integration of QKD, quantum networks, and SDN represents a significant advancement in the field of secure communications. As we move beyond two-node QKD, we open up new possibilities for secure, efficient, and scalable networks.

These networks which can be centrally controlled, scaling, fault-tolerant, self-evolving and providing uninterrupted quality of service to the various applications are set to be state of the art for the next quantum communication era. Currently, some of the leaders in the QKD domain have started deployment of the ETSI-compliant QKD networks.  QNu Labs, which is among the leading companies globally in the QKD domain is deploying QKD networks. 

The future of secure communications lies in the successful integration of these technologies, paving the way for a new era of quantum networks.

Categories
Blog

What it Takes to Build the Best Quantum Networks | QNu Labs

What it Takes to Build the Best Quantum Networks

What it Takes to Build the Best Quantum Networks

MARCH 14, 2024 | QNu Labs

SHARE

Quantum technology has been the most revolutionary phenomenon of the 21st century. Quantum computing hogs the limelight for its immense processing power and the ability to transform many areas of our technological life. It also has the potential to tackle some of our most pressing global issues, from climate change to food security.

Another important quantum technology in the offing is quantum communications. It connects systems and transmits data securely among them using principles of quantum mechanics. Quantum communications security will replace the current classical counterparts although the classical networking components will remain the foundation of this technology. Quantum security will extend the existing networks to enable the secured exchange of data/information between today’s classical endpoints and applications to the workloads in the cloud, and data centres enabling various stakeholders to connect to resources from wherever they are. The beauty of this technology is that it is future-safe – meaning even the best of the quantum computers will not be able to compromise the data security of current communications networks.

How Quantum Networks Work?

At the heart of quantum networks lies quantum communication technology that involves sending and receiving quantum mechanics-induced information to secure data. The process of securing network information is dependent on the medium of use – for example on terrestrial fibre networks quantum superposition is leveraged while on ethernet or wireless communications security quantum-resistant cryptography is leveraged. This renders utmost confidentiality and privacy of communications between the sender and the receiver without having to worry about the presence of any eavesdropper on the communications path.

Quantum Networking could be implemented in three stages.

  • Point-to-Point The initial stage of quantum network development will be defined by establishing secured communications between two separate locations.
  • Many-to-One: As there are limitations to scaling point-to-point connections both from a cost and technology perspective, the next stage of quantum networking will be defined by technology that enables multi-point network connectivity.
  • Quantum Internet: The final stage would be characterised by technology that enables a “network layer” for reliable any-distance, any-network type quantum communications through a complex web of nodes across the network, which relies on resilient quantum hardware or software at each location.

Once a quantum transmission link is established, the communications channel is intrinsically secure. It can’t be intercepted or copied without corrupting the data. Quantum networking is, therefore, attractive in any use case requiring completely secure networking, within a data centre, across a campus, on a metro area network, or a WAN.

QKD in Quantum Networks

A huge amount of investment and research has gone into the problem of how to create quantum-safe networks. Quantum Key Distribution (QKD) has proven to be an exciting field in this space.

QKD technology takes advantage of the laws of quantum physics to ensure that bad actors cannot decrypt data in transit even with the use of powerful new quantum computers, while still maintaining security against other high-performance computers.

For telecom providers, QKD technology offers a way to protect customers from current and future cyber security threats. However, integrating QKD into existing networks has traditionally presented complications, including the need to introduce dedicated dark fibre cables alongside the original infrastructure to carry the quantum signal.

But, there’s a solution.

Multiplexing: An opportunity 

Wavelength division multiplexing (WDM) is a common technique used in fibre optic networks that involves placing many different optical data wavelength channels on the same fibre, greatly increasing the fibre’s data-carrying capacity.

WDM, or simply ‘multiplexing’, is the simplest solution to integrating QKD onto telecom providers’ existing fibre, with the secret encryption keys transmitted on the fibres that are already carrying conventional telecoms data services.

An alternative approach is the use of post-quantum cryptography in conjunction with QKD. While QKD over dedicated fibres has been available for some time, this hybrid innovation makes the creation of quantum networks economically viable for the first time. Using this approach, it’s possible to easily implement quantum security on an existing network infrastructure, without the need to introduce significant additional costs —radically reducing the TCO of making a current infrastructure quantum-safe.

The Path Forward

True quantum networks are being embraced by data-sensitive organisations like defence networks, government networks, critical infrastructure, and the like today but the day is not far when enterprises will embrace them directly or through their telecom service providers, cloud providers, etc.  The holy grail is considered to be the quantum internet where technology becomes pervasive everywhere on devices, networks, and applications.

If your organisation is thinking about forward security and confidentiality of data for the long haul, do reach out to us for a free consultation – our experts will work with you to define ‘how’ and ‘where’ to start implementing quantum security that has the highest benefit and impact for your organisation.

Categories
Guides

Guide: Post-Quantum Cryptography (PQC) and How it Works

Guide: Post-Quantum Cryptography (PQC) and How it Works

The guide details the concept of PQC, its methodology, and industry applications.

guide-pqc

The Context

Technology based on quantum computers has the potential to revolutionise a wide range of fields of IT and industry—in the positive and negative sense. A significant increase in computing power delivers more capacity for analysing and processing large data quantities, opening up new findings, application areas, and business models.

Introducing Post-Quantum Cryptography (PQC)

Data sent over public communication channels are secured using cryptography. It protects all kinds of electronic communications as well as passwords, digital signatures, and health records.

As the foundation of identification, authentication, confidentiality, digital signatures, and verification, cryptography is a critical enabler of enterprise security.

guide-to-pqc-img

There are two main types of encryption. Symmetric encryption requires a sender and a receiver to have identical digital keys to encrypt and decrypt data; asymmetric, or public-key, encryption uses a publicly available key to let people encrypt messages for a recipient who is the sole holder of the private key needed to unscramble them. Sometimes these two approaches are used together. For instance, web browsers use public-key cryptography to check websites’ validity and then establish a symmetric key to encrypt communications.

Quantum computers use the principles of quantum physics, such as superposition, to compute data much faster than conventional computers. Without ‘quantum-safe’ cryptography defences in place, applications ranging from autonomous vehicles to military hardware, online financial transactions, and communications could be targeted by hackers with access to quantum computers.

Any business or government planning to store data for decades needs to evaluate the risks of this technology because the encryption could be compromised later. Robust defences on historical data take many years, so it would be better to apply these now. A big push to develop post-quantum cryptography is warranted.

PQC methods are encryption systems (cryptosystems) that can be used on conventional computers, such as PCs and mobile devices, and can withstand attacks by quantum computers.

Even though quantum systems are not expected to be available to everyone for ten to 15 years, IT managers and managing directors have to put the issue of “post-quantum cryptography” on their agenda now. One reason is that it takes time to put existing encryption methods on a new foundation.

quote-ceo-of-utimaco

A further point is that data encrypted with older methods is prone to quantum attacks. As a result, attackers can gain access to such data. Therefore, companies and public institutions must ensure that all confidential data at risk is protected against such attacks by PQC methods. That involves a lot of time and effort—from capturing and categorising such information resources to encrypting it again using PQC solutions. A cryptography solution has to be adaptive to new requirements, such as post-quantum encryption solutions. That’s only possible at acceptable cost and effort if a cryptography environment is agile, i.e., it supports crypto agility.

quote-ceo-of-utimaco-2

Crypto agility Explained

Crypto agility means that applications, end-user devices, and Hardware Security Modules in the field of encryption should use flexible, “agile” protocols and update methods that enable a switchover to post-quantum cryptographic primitives, for example. That has to be quick and easy to reduce the attack surface and limit the time and effort involved for users.

Crypto agility offers another advantage: It bridges the gap between encryption techniques that are not yet “quantum-safe” and those that already meet the new requirements. That goes for chips, secrets, and software code. Initial hybrid approaches that use PQC and common cryptography methods to date are being developed. Google has chosen this approach for its PQC algorithm New Hope.

product-life-cycles-vary-industry

Expectations from PQC

The new cryptography method has to integrate with existing protocols. A new cryptosystem must weigh:

The proposed cryptosystems also require careful cryptanalysis to determine the weaknesses that an adversary could exploit.

The National Institute of Standards and Technology (NIST), an American agency, prepared a cybersecurity framework laying out the ground rules for PQC.

The algorithms are designed for two main tasks for which encryption is typically used: general encryption, used to protect information exchanged across a public network; and digital signatures, used for identity authentication.

For general encryption, used to access secure websites, NIST selected the CRYSTALS-Kyber algorithm. The advantages are comparatively small encryption keys that two parties can exchange easily, as well as the speed of operation.

For digital signatures, often used to verify identities during a digital transaction or to sign a document remotely, NIST selected three algorithms.

Three of the selected algorithms are based on a family of maths problems called structured lattices, and one uses a hash function.

HODOS-PQC

QNu’s HODOS-PQC is a quantum-resilient public key cryptography-based software that is a hard problem for large-scale quantum computers to solve.

HODOS is developed with NIST PQC studies as a reference. It is the next generation of protocols that will help replace today’s RSA-based systems with an improved quantum-resistant transport layer.

It is based on NIST-selected mathematical functions, which are far harder to backtrack as compared to the prime factorization and elliptic curve functions on which the current PKI is based.

Upon measurement, it collapses to one of these states, which is intrinsically random and there is no way to predict which state the photon will collapse to. This gives the inherent randomness from the photons, which any external parameters cannot influence.

Why HODOS (PQC)?

Tropos (QRNG) addresses this issue without changing how tokens are currently used.

The Time is Now

Data is the most valuable asset for any organisation. Sensitive data has a shelf life exceeding 10 years, while critical data can be stored for over 25 years.

This shows that today’s encryption still poses a risk in the coming years. Moving to HODOS-PQC will help secure your data and reduce the risk of data theft for today and tomorrow.

Categories
Blog

The Great Battle to Control Future Encryption: QNu’s Perspective

The Great Battle to Control Future Encryption: QNu’s Perspective

The Great Battle to Control Future Encryption: QNu’s Perspective

MARCH 04, 2024 | QNu Labs

SHARE

Emergence of Quantum Cryptography :

Encryption, a crucial digital security practice, conceals information from unauthorized access by establishing entry parameters, akin to a password for data retrieval. It involves transforming data into an unreadable format using intricate algorithms, rendering it inaccessible to unauthorized entities. While authorized users can decipher the encryption, the proliferation of quantum computers poses a new threat to conventional encryption methods.

In response to the impending quantum era, two divergent strategies have emerged globally. The U.S., led by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA), leans towards Post-Quantum Cryptography (PQC). Conversely, the rest of the world, exemplified by Europe’s EuroQCI initiative, favours Quantum Key Distribution (QKD) as the linchpin for secure quantum communications. The European Quantum Communication Infrastructure(EuroQCI) initiative aims to build a secure quantum communication infrastructure that will span the whole EU, including its overseas territories.

The European Union, along with Asia-Pacific countries like South Korea, China and Japan, invests significantly in QKD infrastructure, recognizing its importance. China, a pioneer in QKD, has already implemented a 4,600km QKD network and launched many QKD satellites into space.

The U.S. stance, articulated by the NSA, emphasizes PQC over QKD due to perceived limitations. They argue that QKD is a partial solution, requiring additional measures, specialized equipment, and incurring infrastructure costs. Furthermore, validating QKD’s cryptographic security is deemed challenging.

In contrast, proponents of QKD, including Europe and Asia-Pacific regions, dispute these limitations. They argue that QKD remains viable and essential in securing communications in a quantum world. Addressing concerns raised by the NSA, they contend that QKD is more robust than PQC in guaranteeing security against future quantum computing power. Regarding specialized equipment and infrastructure costs, they argue that QKD solutions (such as Armos from QNu Labs) exist today that can seamlessly integrate into existing networks without additional expenses. They also highlight QKD’s resilience against tampering, side-channel attacks, insider threats and potential denial-of-service attacks.

An article from Forbes echoes these sentiments, emphasizing QKD’s authentication, compatibility with existing fiber infrastructure, diminishing distance limitations, and rectification of previously criticized aspects.

Encryption serves as a fundamental digital security practice, concealing information from unauthorized access by establishing stringent entry parameters. Essentially functioning as a digital password, it acts as a prerequisite for a computer to access data from the corresponding server.

To encrypt data is to transform its information into an unintelligible format, leveraging intricate algorithms to render it inaccessible. Despite an attacker potentially observing the file, the encryption algorithm ensures its uselessness. Authorized users possess the means to decipher the algorithm, allowing them to restore the information to its original format.

In the contemporary digital landscape, encryption extends its reach to various realms, including voice calls, messaging, emails, browsing, internet banking, and e-commerce. However, the emergence of quantum computers, exemplified by IBM’s 433 qubit quantum computer and plans for a 100,000 qubit version, poses new threats. As quantum computers become more accessible, securing data and communication becomes increasingly crucial for diverse organizations, spanning governments, telecommunications, healthcare, and data canters.

Examining these positions, particularly the NSA’s stance on QKD versus PQC reveals a divergence in global strategies. Europe, notably through the European Quantum Communication Infrastructure Initiative (EuroQCI) and the European Telecommunications Standards Institute (ETSI), heavily endorses QKD. This strategic initiative has already been funded to the tune of €270m this year, with a total of €2 billion set to go to related initiatives. In another example, ETSI, the European Telecommunications Standards Institute, is leading the pack in providing important standardization when it comes to QKD.

Other countries, such as South Korea, Japan, Singapore, and China, exhibit significant investments and advancements in QKD networks, solidifying their commitment to quantum cryptography. Many other countries have likewise been pouring resources into a QKD-secured future. South Korea, for example, has a 2,000 km-long QKD network and is intensifying its efforts in this areaJapan has an expanding testbed, and Singapore announced it is setting up a national QKD network. China is a world leader in QKD. Apart from the impressive QKD-related academic work, China has already established a working QKD network of around 5,000km, as well as putting a QKD satellite into space – thus positioning itself as the world leader in quantum cryptography by a wide margin.

Worryingly, many experts wonder if China already knows something about encryption, particularly PQC,  already being broken – which would explain such intense efforts to bolster their QKD-based security.

In the U.S., the NSA highlights perceived limitations of QKD in a paper on “Quantum Key Distribution (QKD) and Quantum Cryptography (QC).” However, the rest of the world sees QKD differently, viewing it as a vital tool in securing communications in a quantum environment.

While acknowledging the implementation-dependent nature of QKD adoption, disagreements arise over the technical limitations cited by the NSA. Contrary to claims, proponents argue that QKD is a comprehensive solution, offering advantages such as resistance to future quantum computing power, ease of integration into existing networks, and potential cost-effectiveness. 

armos-qkd
Armos - Quantum Key Distribution (QKD)

The NIST and NSA position on QKD and Quantum cryptography

There are a number of government-sanctioned institutions in the U.S. that deal with questions around quantum cryptography, quantum encryption, and quantum communication in general. Foremost among them are the NSA and NIST. Both of these bodies have released positions on their view of the future of quantum security.

In a paper entitled “Quantum Key Distribution (QKD) and Quantum Cryptography (QC)” the NSA notes that it does not recommend the use of these technologies in its systems unless certain “limitations” are overcome.

It lists these perceived limitations as:

Quantum key distribution is only a partial solution:

Quantum Key Distribution (QKD) alone does not provide source authentication, requiring additional measures like asymmetric cryptography or preplaced keys. Quantum-resistant cryptography can offer similar confidentiality services with lower costs and a better-understood risk profile.

Quantum key distribution requires special-purpose equipment:

QKD relies on specialized equipment and physical layer communications, making it incompatible with software-based or network-integrated implementations. The need for dedicated fiber connections or free-space transmitters adds complexity and limits flexibility for upgrades.

Quantum key distribution increases infrastructure costs and insider threat risks:

QKD networks often require trusted relays, leading to increased infrastructure costs and heightened insider threat risks. This restricts the range of viable use cases for QKD.

Securing and validating quantum key distribution is a significant challenge:

The practical security of QKD systems depends on hardware and engineering designs rather than theoretical unconditional security from the laws of physics. Validating QKD’s cryptographic security is challenging due to the stringent error tolerance required, and vulnerabilities in specific hardware can undermine its security.

Quantum key distribution increases the risk of denial of service:

The sensitivity of QKD to eavesdroppers also exposes it to the risk of denial of service attacks. This highlights a significant vulnerability in QKD systems.

U.S. Backing Post Quantum Cryptography

Instead of QKD, it recommends “quantum-resistant or post-quantum cryptography (PQC) as a more cost-effective and easily maintained solution than quantum key distribution” until the above “limitations” are overcome.

Is PQC the way forward?

The NSA writes, regarding post-quantum cryptography, or “quantum-resistant algorithms” as they put it, that these algorithms “derive their security through mathematical complexity” and “provide the means for assuring the confidentiality, integrity, and authentication of a transmission—even against a potential future quantum computer.”

QNu Labs and many other OEMs across the world, who have built QKD systems spending a lot of effort and money do not agree with the NSA’s viewpoint. They believe that QKD offers a specific value in terms of unhackable security to the encryption keys which is not possible through any other means. These OEMs have been improving systems over the years and with initial deployments underway, they are getting feedback from the real-world deployments to learn and improve the QKD systems to build viable QKD networks.

McKinsey notes that “PQC solutions are still nascent and because it is impossible to test them against quantum computers that do not yet exist, they haven’t been conclusively proven to protect quantum—or even conventional—threats.” Given that the foundation of PQC algorithms is based on computational complexity, it is theoretically insecure compared to QKD.

What’s more, as has been extensively reported, one of the NIST’s PQC finalists has already had its algorithm cracked and several serious vulnerabilities have been found and reported.   This certainly does not instil confidence in the approach as it indicates that the PQC algorithms will continue to evolve and be replaced by the new algorithms. 

Our take on QKD and Quantum Communications

While QNu Labs tend to agree with the NSA’s opinion that successful QKD adoption is highly implementation-dependent, we and many other OEMs disagree with some of the claimed technical limitations of QKD.

As the QNu Labs’ Armos solution shows – together with the path adopted by Europe, Asia, and Australia – QKD is a viable and essential tool in securing communications in a quantum world. 

Specifically, in response to the NSA points, we believe:

  1. “Quantum key distribution is only a partial solution”: PQC cannot guarantee that it will remain safe against future quantum computing power. QKD on the other hand can make this claim. And even more so, QKD and PQC can absolutely coexist. Indeed it is the plan by the EU and others to adopt PQC on top of their QKD networks as a second line of defence.
  2. “Quantum key distribution requires special purpose equipment”: specialized equipment is required in communication environments all the time. Solutions such as QNu Labs’ Armos can be placed into racks as standard 2U communication equipment, and can be set up as easily as setting up a switch. What’s more, specialized equipment significantly reduces the scope for attack and manipulation: anyone, anywhere in the world can attempt to break an algorithm with increasing computing power and generative AI tools to help the attacker. Whereas only those with physical access to QKD equipment and special knowledge can even consider interfering with QKD’s secure communication.
  3. “Quantum key distribution increases infrastructure costs and insider threat risks”: as with any new technology, the costs related to QKD equipment are coming down dramatically. Many solutions, such as those from QNu Labs simply plug into existing networks, with no additional infrastructure costs required. PQC also has indirect infrastructure costs. The highly compute-intensive algorithms PQC relies on require additional compute and memory resources from existing equipment if they are to work without increasing the latency and throughput of the underlying data pipes. Thus it is unclear if the total cost of ownership (TCO) of PQC is actually higher or lower than QKD. This requires additional research. The insider threat can be mitigated both by special solutions integrated into the QKD systems, as is the case with QNu Labs’ systems; and also through smart multiple path key routing on the network. Of course, PQC solutions are just as susceptible to the insider threat, and perhaps even more so.
  4. “Securing and validating quantum key distribution is a significant challenge”: as with any new industry, processes to secure and validate QKD systems will increasingly be available to vendors and users as the industry grows. QNu Labs’ for example, has been working with some of the most demanding government security organizations to test and validate its offerings.
  5. “Quantum key distribution increases the risk of denial of service”: Sophisticated QKD systems, such as QNu Labs’ Armos, can run in parallel to the existing network and are in many ways impervious to DoS attacks. What’s more, as QKD generates many more keys than consumed by routers today, router manufacturers can implement fallback options, such as keeping a QKD-generated key buffer to verify that communication continues uninterrupted even if the QKD line breaks. Finally, QKD works out-of-band, further refuting this point.

A recent Forbes article concurs with many of these points, adding the following instructive elements:

  • QKD systems authenticate at both ends of the exchange, seamlessly securing communication
  • Current in-ground fiber infrastructure is enough to support QKD
  • Distance limitations between endpoints are quickly being minimized
  • Many of the criticisms of QKD from NIST and the NSA are regarding issues that have subsequently been corrected
  • Regarding eavesdropping and potential denial of service attacks, keys can be redirected “so quickly and randomly that the user will see no performance impact, and the interloper will be shut out”

The bottom line is that as the rest of the world has decided, quantum cryptography in the form of QKD is an essential part of quantum encryption, and will play a central role in securing quantum communications going forward.

Conclusion

After carefully examining the current implementations and emerging protocols and QKD systems, the global consensus concludes QKD as an integral component of quantum encryption and is here to stay.  Acknowledging the strengths and weaknesses of both QKD and PQC, the prevailing approach involves overlaying PQC on top of QKD for a comprehensive and effective secure quantum communications solution and several hybrid solutions have emerged and are being deployed across industries.

QKD keys will be extended to longer distances by using PQC to extend the QKD keys to the cloud. 

QNu Labs has announced its enterprise platform ‘QShield’ which offers solutions leveraging both quantum and post-quantum cryptography technologies. QNu Labs also believes that while the PQC layer using NIST-specified algorithms will be widely adopted for interoperability, countries will also build and use proprietary cryptography layers to strengthen the overall security of the stack. 

Categories
Blog

Quantum 101: Exploring Quantum Security

quantum 101 - Exploring Quantum Security

Quantum 101: Exploring Quantum Security

MARCH 04, 2024 | QNu Labs

SHARE

The landscape of digital security is constantly evolving and threats loom large. But, the emergence of quantum security provides hope. Quantum security represents a paradigm shift in the way we safeguard our digital infrastructure against increasingly sophisticated attacks. 

Understanding Quantum Security

To grasp the essence of quantum security, it’s imperative first to understand the principles of quantum mechanics. At its core, quantum mechanics governs the behaviour of matter and energy at the smallest scales, introducing concepts such as superposition, entanglement, and uncertainty.

Quantum security leverages these principles to create cryptographic systems that are fundamentally different from classical cryptographic techniques. One of the most promising applications of quantum security is quantum key distribution (QKD) protocols.

Quantum Key Distribution (QKD)

QKD enables the secure exchange of cryptographic keys between two parties by harnessing the principles of quantum mechanics. Unlike traditional key exchange methods, which rely on mathematical complexity, QKD offers unconditional security based on the laws of physics.

At the heart of QKD lies the principle of quantum uncertainty, which states that the act of observing a quantum system inevitably alters its state. In the context of QKD, this means that any attempt by an eavesdropper to intercept the quantum key exchange would disturb the quantum states of the transmitted particles, thereby alerting the legitimate parties to the presence of an adversary.

Implications of Quantum Security

The advent of quantum security holds profound implications for the future of cybersecurity.

  • Unbreakable Encryption: Traditional encryption algorithms, such as RSA and ECC, rely on the computational difficulty of certain mathematical problems for security. However, the advent of quantum computers threatens to render these algorithms obsolete by solving such problems exponentially faster. Quantum-resistant cryptographic protocols, enabled by quantum security, offer a robust defence against this threat.
  • Secure Communication Networks: Quantum secure communication networks have the potential to revolutionise the way information is transmitted and protected. By leveraging QKD protocols, organisations can establish secure communication channels immune to interception or decryption by malicious actors.
  • Post-Quantum Cryptography: As the race to develop practical quantum computers intensifies, the urgency to transition to post-quantum cryptographic algorithms becomes increasingly evident. Post-quantum cryptography encompasses diverse cryptographic techniques designed to withstand attacks from classical and quantum adversaries.
  • Enhanced Data Integrity: Quantum security protects data confidentiality and ensures data integrity through quantum digital signatures and quantum timestamping. These mechanisms provide verifiable proof of data authenticity, safeguarding against tampering and unauthorised modifications.

Why Quantum Security?

The benefits of quantum security are noteworthy. 

  • Unprecedented Security Guarantees: Quantum security protocols offer unprecedented security guarantees derived from the fundamental laws of quantum mechanics. By exploiting the inherent properties of quantum systems, these protocols provide a level of security that is theoretically unbreakable, even in the face of advances in computing power.
  • Future-Proofing Against Quantum Threats: As quantum computing technologies mature, the threat landscape for traditional cryptographic systems becomes increasingly dire. Quantum security offers a proactive approach to mitigating these threats by developing cryptographic techniques resilient to quantum attacks.
  • Facilitating Trust in Digital Transactions: In an era characterised by digital transformation and remote interactions, trust is paramount. Quantum security enhances trust by providing verifiable and tamper-evident mechanisms for secure communication and data exchange.
  • Empowering Innovation and Collaboration: The development of quantum security fosters collaboration and innovation across academia, industry, and government sectors. By pushing the boundaries of scientific knowledge and technological capabilities, quantum security paves the way for discoveries and breakthroughs with far-reaching implications.

To conclude….

Quantum security is a transformative leap forward in cybersecurity, offering unparalleled protection, trust, and resilience in an increasingly interconnected world. 

With the opportunities and challenges posed by quantum technologies, the questa for quantum security offers to safeguard the integrity and security of our digital infrastructure.

Categories
Blog

Quantum 101: What is a Quantum Computer?

Quantum 101 What is a Quantum Computer

Quantum 101: What is a Quantum Computer?

FEBRUARY 03, 2024 | QNu Labs

In computer science and technology, the term “quantum computing” has emerged as a buzzword, capturing the imagination of scientists, engineers, and enthusiasts alike. But what exactly is a quantum computer, and how does it differ from classical computers? 

Let’s unravel the mysteries and potential of this cutting-edge technology.

Understanding the Basics

At its core, a quantum computer leverages the principles of quantum mechanics to perform computations. Unlike classical computers, which rely on bits as the fundamental unit of information (0 or 1), quantum computers utilise quantum bits or qubits. The fascinating aspect of qubits lies in their ability to exist in multiple states simultaneously, thanks to the phenomenon known as superposition.

Superposition and Entanglement

Superposition allows qubits to represent 0 and 1 simultaneously, enabling quantum computers to perform large calculations simultaneously. This inherent parallelism holds the key to the tremendous computational power promised by quantum computing.

Entanglement, another foundational concept in quantum mechanics, enables qubits to be correlated in such a way that the state of one qubit is dependent on the state of another, regardless of the distance between them. This phenomenon allows quantum computers to process and manipulate information in ways that classical computers cannot.

Harnessing Quantum Mechanics

The computational capabilities of quantum computers stem from their ability to efficiently exploit quantum mechanical phenomena to solve complex problems. While classical computers excel at certain tasks, such as performing sequential calculations, they need help with problems involving vast amounts of data or complex optimization tasks.

Quantum computers, on the other hand, excel at solving specific classes of problems, including:

Optimization Problems: Quantum computers are well-suited for optimization tasks such as portfolio management, supply chain optimization, and route optimization.

Cryptography: Quantum computers have the potential to disrupt current cryptographic systems by quickly factoring large numbers, thus compromising the security of traditional encryption methods.

Simulation: Quantum computers can simulate quantum systems with unprecedented accuracy, offering insights into chemical reactions, material properties, and other phenomena that are challenging to model using classical computers.

Challenges and Progress

Despite the immense promise of quantum computing, significant challenges remain on the path to realising its full potential. Building and maintaining stable qubits capable of retaining their quantum states for extended periods, known as coherence time, is one of the primary challenges faced by researchers and engineers.

Moreover, error correction poses a formidable hurdle, as quantum systems are inherently susceptible to noise and environmental disturbances. Developing robust error correction techniques is essential for building reliable quantum computers capable of performing complex calculations.

The Road Ahead

While practical, large-scale quantum computers remain on the horizon, recent years have seen remarkable progress in the field of quantum computing. 

Leading technology companies, research institutions, and governments invest heavily in quantum research and development, driving innovation and pushing the boundaries of what’s possible.

As researchers continue to overcome technical barriers and refine quantum computing technologies, we stand on the brink of a new era in computing—one defined by unparalleled computational power and the ability to tackle some of the most pressing challenges facing humanity.

Conclusion

In summary, quantum computers represent a paradigm shift in computing, harnessing the principles of quantum mechanics to revolutionise the way we process information and solve complex problems. While the technology is still in its infancy, the potential applications and implications of quantum computing are vast and far-reaching.

SHARE

Categories
Blog

Quantum 101: A Dive into Quantum Cryptography

a-dive-into-quantum-cryptography

Quantum 101: A Dive into Quantum Cryptography

FEBRUARY 20, 2024 | QNu Labs

In cybersecurity, where data protection is paramount, traditional cryptographic methods have long been the stalwart guardians of sensitive information. However, as computing power advances, so too do the tools available to potential attackers. In the ever-evolving landscape, the emergence of quantum cryptography offers a promising solution to the challenges of secure communication in the digital age.

Understanding Quantum Cryptography

Quantum cryptography could well be the first application of quantum mechanics at the single-quantum level.

Unlike traditional cryptography, which is built on mathematics, quantum cryptography is built on the laws of physics. Specifically, quantum cryptography relies on the unique principles of quantum mechanics:

  • Particles are inherently uncertain: On a quantum level, particles can simultaneously exist in more than one place or more than one state of being at the same time, and it is impossible to predict their exact quantum state.
  • Photons can be measured randomly in binary positions: Photons, the smallest particles of light, can be set to have specific polarities, or spins, which can serve as a binary counterpart for the ones and zeros of classical computational systems.
  • A quantum system cannot be measured without being altered: According to the laws of quantum physics, the basic act of measuring or even observing a quantum system will always have a measurable effect on that system.
  • Particles can be partially, but not cloned: While the properties of some particles can be cloned, a 100% clone is believed to be impossible.

Quantum Key Distribution (QKD)

Quantum Key Distribution is one of the foundational concepts of quantum cryptography. QKD enables two parties to generate a shared secret key with which they can encrypt and decrypt messages securely. The underlying idea is the use of quantum properties to detect any attempt to eavesdrop on the communication.

How It Works

QKD systems work by sending individual photon light particles across a fibre optic cable. This stream of photons travels in a single direction and each one represents a single bit, or qubit, of data—either zero or one. Polarised filters on the sender’s side change the physical orientation of each single photon to a specific position, and the receiver uses two available beam splitters to read the position of each photon as they’re received. The sender and receiver compare the sent photon positions to the decoded positions, and the set that matches becomes the key. 

To better understand QKD, imagine two people, Alice and Bob, who need to establish a secure connection. They can use QKD to create a secure cryptographic key by sending polarised photons over a fibre optic cable. The cable doesn’t need to be secured because each photon will have its own randomised quantum state. Should someone, let’s call her Eve, be eavesdropping, Alice and Bob will always be able to tell because it’s impossible to observe a quantum state without also affecting it. In this way, QKD systems are considered to be unhackable. If Bob and Alice detect a change in the quantum states of the photons, they’ll know Eve is eavesdropping. And if Eve is eavesdropping, Bob and Alice will always be able to detect it.

Why is quantum cryptography important?

To date, traditional data encryption has generally been sufficient for maintaining secure communications in most cybersecurity settings. However, the rise of quantum computing poses an existential threat to even the most secure traditional cryptographic algorithms.

Like quantum cryptography, quantum computing is a rapidly emerging technology that also harnesses the laws of quantum mechanics. Compared to our fastest and most cutting-edge classical computers, quantum computers have the potential to solve complex problems orders of magnitude faster. 

Today’s cryptosystems can be divided into two main categories, symmetric systems, which use one secret key to both encrypt and decrypt data, and asymmetric systems, which use a public key that anyone can read and private keys that only authorised parties can access. Both types of cryptosystems create these keys by multiplying large prime numbers and rely on the massive computing power required for factoring large numbers to ensure that these encryption keys can’t be cracked by eavesdroppers or hackers.

Even the most powerful supercomputers on earth would require thousands of years to mathematically break modern encryption algorithms like the Advanced Encryption Standard (AES) or RSA.

But a fully functional quantum computer—should one be perfected—could potentially find the solution in only a matter of minutes.

For this reason, the use cases for quantum cryptography are endless. If anything from corporate information to state secrets must be kept secure, when quantum computing renders existing cryptographic algorithms obsolete, quantum cryptography may be our only recourse for securing private data. 

The Road Ahead

Ongoing research and technological advancements continue to push the boundaries of quantum cryptography. Innovations in quantum hardware, such as the development of more efficient qubit storage and manipulation techniques, promise to make quantum cryptographic systems more accessible in the future.

As we look ahead, the integration of quantum cryptography into existing communication networks could herald a new era of secure and private communication, safeguarding sensitive information against the ever-present threat of cyberattacks.

Sources:

IBM

American Physical Society

SHARE

Categories
Blog

Quantum 101: Unveiling Quantum Tunnelling

Quantum 101: Unveiling Quantum Tunnelling

QNu Labs   |   Feb 02, 2024

Quantum tunnelling is one of the most intriguing phenomena in quantum physics. Tunnelling may appear to have little relevance to everyday life but it is a fundamental process of nature that is responsible for many things on which life itself is dependent. It has even been hypothesised that the very beginning of the universe was caused by a tunnelling event, allowing the universe to pass from a “state of no geometry” (no space or time) to a state in which space, time, matter, and life could exist.

The Concept 

Imagine a particle approaching a seemingly insurmountable barrier. As per classical physics, it cannot penetrate the barrier due to insufficient energy. To pass through, the particle must overcome the barrier with enough energy else it will bounce back. However, in quantum mechanics, particles exhibit behaviours that defy classical intuition.

Quantum tunnelling occurs when a particle traverses a barrier that it classically shouldn’t be able to cross. This happens without violating the laws of physics as we know them. Instead, quantum mechanics introduces the notion of probabilistic behaviour at the subatomic level. 

According to the principles of quantum mechanics, particles, such as electrons, only possess definite positions or energies once they are measured. They exist in a state of superposition, where they can simultaneously occupy multiple states.

When a particle encounters a barrier, its wave function describes the probability of finding it at various positions. Even though classically it lacks the energy to surmount the barrier, there’s a non-zero probability that it can appear on the other side due to its wave-like nature. This probabilistic phenomenon lies at the heart of quantum tunnelling.

Why does Tunnelling Occur in the Quantum Realm Only?

The waves associated with particles, called de Broglie waves, increase in size as the mass of particles decreases. That’s why everyday objects don’t exhibit quantum, wave-like behaviours; their mass is too great and their de Broglie waves are too small. 

Imagine, a ball thrown by a child without the energy needed to clear the height of the wall. It can’t quantum tunnel to the other side as its mass creates a probability wave too small for there to be any probability of it finding itself on the other side of the barrier. 

Common quantum theories predict that the smaller the mass of a particle, the larger the de Broglie wave and the greater the chance of a particle quantum tunnelling through a barrier. 

This means when you have lots of lighter particles and lots of heavier particles and a quantum barrier, both will tunnel, but the lighter particles should quantum tunnel faster than the heavy particles.

Broad Applications of Quantum Tunnelling

While quantum tunnelling may sound like an abstract concept with little practical relevance, its implications reverberate across various fields. Here are some of its applications:

Electronics and Computing

In electronics, quantum tunnelling plays a pivotal role in the operation of devices such as tunnel diodes and flash memory. It enables the movement of electrons through barriers, facilitating the functionality of transistors and enabling the miniaturisation of electronic components. Moreover, it serves as the underlying principle in quantum computing, where qubits exploit superposition and tunnelling to perform computations beyond the capabilities of classical computers.

Nuclear Fusion

Quantum tunnelling is also integral to nuclear fusion processes in stars and experimental fusion reactors on Earth. In stellar cores, where immense temperatures and pressures reign, it allows hydrogen nuclei to overcome the electrostatic repulsion and fuse into helium, releasing copious amounts of energy in the process. While replicating stellar conditions on Earth remains a significant challenge, scientists harness the principles of quantum tunnelling to advance fusion research and potentially unlock a clean, abundant energy source.

Chemical Reactions

In chemistry, quantum tunnelling influences the rates and pathways of chemical reactions. It facilitates reactions that would otherwise be prohibited by classical mechanics, contributing to diverse processes such as enzymatic catalysis, organic synthesis, and atmospheric chemistry. Understanding and manipulating quantum tunnelling mechanisms can aid in the design of novel catalysts and pharmaceutical compounds, revolutionising industries and enhancing our ability to engineer molecular systems.

What Next?

Despite its pervasive influence, quantum tunnelling remains enigmatic and continues to stimulate scientific inquiry. 

Researchers attempt to unravel its intricacies through theoretical models, computational simulations, and experimental observations. Advanced techniques such as scanning tunnelling microscopy allow scientists to directly visualise and manipulate individual atoms, providing insights into quantum phenomena at the nanoscale.

Moreover, the field of quantum technologies promises to harness quantum tunnelling and other quantum phenomena to revolutionise computing, communication, and sensing. 

Quantum tunnelling is a testament to the strangeness and boundless potential of nature’s fundamental laws. It challenges our preconceptions, expands the frontiers of human knowledge, and beckons us to explore the mysteries concealed within the subatomic reality.

Sources:

AZoQuantum

Advanced Science News