Quantum computers are much more powerful than the devices we are used to and are capable of showing high results in various areas of life. At the same time, hacking them can instantly bring down digital systems in critical infrastructures.
CTO of the research and production company QRate and director of the NTI “Quantum Communications” competence center at MISiS Yuri Kurochkin tells how big business and government agencies are preparing for attacks using a quantum computer and what is needed for this.
Visitors from the future
Quantum technologies (quantum computers, quantum communications, and quantum sensors) are gradually emerging from laboratories into the real world . New scientific discoveries help advance and commercialize the technology. Earlier this year, MIT ranked the quantum internet in the top 10 disruptive technologies of 2020. Today anyone can get cloud access to an IBM quantum computer. Its developers believe that in this way it is possible to find many different scenarios for the application of new technology and accelerate its development. It is assumed that quantum computers will surpass classical computers in many ways. They will bring incredible results in medicine, industry and other industries.
At the same time, such capacities will pave the way for unprecedented cybercrime. The fact is that asymmetric cryptography is most often used to protect data in many areas, which is not resistant to attacks involving a quantum computer. Quantum hacking will bring down all conventional digital systems in telecom, IT, banking, medicine and other critical infrastructures.
Perhaps interfering with digital operations using quantum computers seems like an episode from the future. However, attackers can steal data now, and decrypt it later, when innovative computer technology leaves the laboratories for private use.
Today, various industries are aware of this danger and prepare protection in advance, without waiting for the emergence of a universal quantum computer, powerful enough both for solving useful problems and breaking cryptography.
A real market is emerging around new ways of transmitting data that can withstand quantum attacks. First of all, these are quantum communications, namely, the quantum distribution of cryptographic keys (Quantum key distribution or QKD).
This technology uses the quantum properties of elementary particles – photons – in order to protect the transmission of information at the level of fundamental laws of physics.
Today, the global volume of the QKD market is estimated at $ 3 billion, and by 2030 it may grow to $ 17.3 billion.
Quantum communication (QC) is a direction in which technologies or methods of transferring information encoded into quantum states are developed. One of the directions of quantum communications is quantum key distribution, which ensures the protection of transmitted information guaranteed at the level of the laws of physics.
Therefore, many government agencies and large business are proactive: they investigate threats, implement quantum-safe cryptographic solutions and plan to make money on this. For example, Toshiba has announced partnerships with telecommunications companies Verizon Communication Inc in the US and BT Group in the UK. The corporation plans to raise $ 3 billion on solutions to protect against quantum threats by 2030.
Interest in quantum communications at different levels is underscored by high-profile pilot projects in the telecommunications and banking industries. In parallel, the process of technology standardization is under way within the NIST (National Institute of Standards and Technology, USA).
Protection for mobile internet
Users may not even notice how many transactions they make per day. Electronic payments, logins to personal accounts, registration in social networks, communication in instant messengers: at the time of transfer, personal data is extremely vulnerable. Therefore, an important case for this year was the case of the telecommunications giant SK Telecom, which announced a chipset with a quantum random number generator (QRNG)from the manufacturer ID Quantique. The technology is built into the Samsung Galaxy A Quantum 5G smartphone. Thus, manufacturers intend to increase the security of personal data of users on the Internet of the future. For example, secure login to accounts, e-wallet transactions, mobile payments. The ambitious pilot is announced as the first commercialization of quantum technologies for mobile phones. How much damage to the global economy do you think hacker attacks have done over the past year?Less than $ 1 millionAbout $ 1 trillionMore than $ 100 trillion
The Korean bank DGB Daegu is already interested in the device . The transactions that customers make through the banking app on the Samsung Galaxy A Quantum 5G smartphone will be protected with encryption based on truly unpredictable random numbers.
This reaction is natural. McAfee and CSIS estimate that in 2020 hacker attacks caused more than $ 1 trillion in damage to the global economy.
Quantum protection for fiber-optic communication lines
Trunk communication lines can become another vector of attacks. Because they transmit strategically important data. Copying and breaking this data can lead to losses in the billions of rubles. IT services face a difficult and important task – to integrate cryptographic solutions that are resistant to promising attacks, including a quantum computer, into highly loaded channels.
These solutions require:
- integration of high-speed hardware encryptors based on symmetric keys;
- quantum key distribution, which provides these encryptors with secret keys.
A dedicated fiber core is required to transmit single photons. Since networks are often congested, scientists are working to ensure that quantum and classical signals can coexist on the same fiber at different wavelengths.
One of the most high-profile projects in Russia was the pilot of a fiber-optic communication line using quantum encryption key distribution (QKD) technology , which connected the two offices of the state corporation Rosatom in Moscow. The pilot project was carried out with the support of PJSC Rostelecom on the equipment of the QRate research and production company. At the time of testing, scientists simulated a break in the quantum channel, in which the buffer for storing secret keys worked out. Successful testing confirmed the required level of reliability for the implementation of the current solution in the network infrastructure.
A quantum network 800 km long is planned to be created by the Russian Railways company, which is responsible for the implementation of the roadmap for the development of the high-tech area “Quantum Communications” in Russia. Company representatives talk about plans for the development of the market and new types of business based on quantum communications.
The trend of quantum protection in telecommunications is supported by giant corporations in the communications industry around the world. The German telecommunications company Deutsche Telekom (DT) has lent its capacity to explore the limitations of quantum key distribution technology . The test bed will include DT’s 100 km fiber optic network. The Berlin pilot will be part of a large project of the OPENQKD consortium, which is being implemented in parallel in several European countries. The main goal of the project is to prepare for the emergence of quantum computers capable of breaking cryptographic ciphers in a day, and not in the millions of years that classical computers need for similar tasks.
In conjunction with quantum communications, information security solutions are being developed based on quantum-resistant encryption algorithms (post-quantum cryptography).
Post-quantum cryptography is a new generation of cryptographic algorithms that are resistant to attacks using traditional computing architectures as well as attacks using quantum computers.
For example, South Korean mobile operator LGU + has integrated post-quantum technology into its network equipment. At the same time, the company notes that the solution is relevant for wired communications, wireless networks and 5G. IBM representatives also announced the development of several quantum-safe projects . In the development of post-quantum cryptography, QRate works in conjunction with the QApp project of the Russian Quantum Center.
Communication with space
Ground and underground telecommunications systems have coverage restrictions. It is impossible to lay such networks in many places of our planet. Therefore, another challenge of the quantum era is to learn how to transmit a signal using a quantum method via a satellite.
In the summer of 2020, a record was set for the transmission range of an encrypted message without intermediate points of reception and transmission. Chinese scientists used entangled photons from a quantum communications satellite. The two observatories in China that sent and received messages were 1200 kilometers apart. At the same time, a very low error rate was observed during signal transmission. This is essential for creating a secure internet. If the signal is intercepted by intruders, the receiving point on Earth will detect a sharp jump in the level of errors in the transmitted key. And it just won’t be used to decipher information. Therefore, the level of basic errors should be as low as possible. Advances in this area will help increase the coverage of quantum-safe data transmission.
How to defend against attacks
It may seem that all these vectors are terribly far from reality, but looking at the cases of 2020, it can be noted that the industry is waiting for the first public case of hacking using a quantum computer. After that, the cybersecurity landscape will change dramatically. The possibility of hacking, most likely, will not be immediately known to the general public. You need to go into the quantum era with calm and consistent steps.
Stage 1: Verify that your information security department is aware of new technologies and methods for protecting data. If knowledge is not enough, then take part in open educational events on quantum technologies, which are regularly held by the country’s leading technological universities, for example, MISiS.
Stage 2: Analyze the value of the data in your organization. Quantum cryptography will primarily be needed by those companies that transfer or process critical information and personal data of users with a long storage period. For example, in the telecommunications, banking and IT industries. This analysis is already available in the industry, not just in scientific laboratories.
Stage 3: develop a new information security strategy and determine the required investment. Based on this, select and study solutions that will help your business move to a quantum-safe architecture. At this stage, each company needs an individual approach based on the current level of personnel training and technical equipment.
Stage 4: develop new technological competencies within your company, hire specialists who understand quantum communications, or train specialized employees in advance. Quantum communications is a new industry in the context of technology commercialization. Until recently, it was closed in laboratories, and today the market is already forming a constant demand for specialists in this field. For example, JPMorgan is pursuing an overall strategy aimed at both quantum computing and quantum communications. The company recently posted job openings that show its interest in developing quantum algorithms that apply to artificial intelligence, optimization, and cryptography.
Stage 5: as in the case of any other potential threat, do not wait for the “last moment”, but plan the transition to quantum-protected solutions in the cycles of updating the information infrastructure with the cooperation of experts in the field of integration of quantum communications.