Quantum Technologies for Cyber Security: from threats to solutions
Bruno Huttner, ID Quantique, Switzerland
Recent developments in quantum computers have spurred renewed interest in quantum-safe solutions for information security [1]. It is now widely accepted that the current public key infrastructures, which are the foundation of cyber security, will not withstand the arrival of the quantum computer [2], [3], and that this arrival will occur with high probability within the next ten to fifteen years. New solutions are called for, and these solutions should at least be partly based on quantum technologies.In this presentation, we will review the quantum technologies available for secure communication, namely quantum key generation and Quantum Key Distribution (QKD), and show how they can be integrated in the information security framework. In modern communication networks, there is a need for entropy sources at various places in the network, to provide truly random keys. These keys are used for various authentication and encryption purposes. Quantum random number generators, both as components within network elements and as network appliances, represent a good practical solution to these needs. For network encryption, these keys have to be securely exchanged between different locations. As current techniques, based on RSA or ECC algorithms are threatened by the quantum computer, new techniques, based on different algorithms, known as Quantum Resistant Algorithms (QRAs), are being developed. However, it is too early to know if they are truly quantum-safe, or if they may also be ultimately broken as well. Therefore, QKD, which relies on totally different principles to provide security, will have a role to play in a global security infrastructure. QKD alone is only an element of a complete solution, and needs conventional cryptographic techniques as well. Future cyber security shall be based on a combination of QRAs and QKD.
References:
[1] ETSI Whitepaper on Quantum-Safe Cryptography (June 2015): http://www.etsi.org/images/files/ETSIWhitePapers/QuantumSafeWhitepaper.pdf
[2] Announcement by NSA (August 2015): https://www.nsa.gov/ia/programs/suiteb_cryptography/
[3] Report from NIST on Post-Quantum Cryptography (April 2016):
http://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf