Long-Distance Quantum
Cryptography
A hybrid system could secure
transmissions over hundreds
of kilometers
By Martin
LaMonica / August 2013
Photo: Michael Bodmann/
Getty Images
Using the quirky laws of
quantum physics to encrypt
data, in theory, assures perfect
security. But today's quantum
cryptography can secure point-
to-point connections only
about 100 kilometers apart,
greatly limiting its appeal.
Battelle Memorial Institute , an
R&D laboratory based in
Columbus, Ohio, is now
building a "quasi-quantum"
network that will break through
that limit. It combines
quantum and classical
encryption to make a network
stretching hundreds of
kilometers with security that's
a step toward the quantum
ideal.
"In a few years, our networks
aren't going to be very secure,"
says Don Hayford, senior
research leader in Battelle's
national security global
business. Cryptography relies
on issuing a secret key to
unlock the contents of an
encrypted message. One of the
long-standing worries is that
sufficiently powerful
computers, or eventually
quantum computers , could
decipher the keys. "We looked
at this and said, 'Somebody
needs to step up and do it,' "
Hayford says.
By the end of next year,
Battelle plans to have a ring-
shaped network connecting
four of its locations around
Columbus—some of which
transmit sensitive defense
contract information—that will
be protected using quantum
key distribution, or QKD. If
that smaller network is
successful, Battelle then plans
to connect to its offices in the
Washington, D.C., area—a
distance of more than 600 km
—and potentially offer QKD
security services to customers
in government or finance over
that network.
Quantum cryptography uses
physics, specifically the
quantum properties of light
particles, to secure
communications. It starts with
a laser that generates photons
and transmits them through a
fiber-optic cable. The
polarization of photons—
whether they're oscillating
horizontally or vertically, for
example—can be detected by a
receiver and read as bits,
which are used to generate the
same "one-time pad"
encryption key at both ends of
the fiber. (A one-time pad is
an encryption key that consists
of a long set of random
numbers, and so the message
it hides also appears to be a
random set of numbers.)
Messages can then be sent
securely between the sender
and receiver by any means—
even carrier pigeon—so long as
they are encrypted using the
key. If someone tries to
intercept the key by measuring
the state of the photons or by
reproducing them, the system
will be able to detect the
intrusion and the keys will be
thrown out.
Over long distances, though,
light signals fade, and keys
can't be distributed securely.
Ideally, "quantum repeaters"
would store and retransmit
photons, but such devices are
still years away, say experts.
Battelle's approach is
essentially to daisy-chain a
series of QKD nodes and use
classical encryption to bridge
the gaps. Locations less than
100 km away will be connected
by fiber-optic links and the
data secured by a QKD system
from Geneva-based ID
Quantique. For two more-
distant nodes (call them A and
C) to communicate, there must
be a "trusted node" between
them (call it B). Nodes A and B
can share a key by quantum
means. Nodes B and C can
also share a separate key by
quantum means. So for A and
C to communicate securely, A's
key must be sent to C under
the encryption that B and C
share. You might think the
quantum-to-classical stopover
in the trusted node might be a
weak point, but even inside
that node, keys are protected
using one-time pad encryption,
says Grégoire Ribordy, the CEO
and cofounder of ID
Quantique . The trusted node
will also be located at a secure
site and have other measures
to prevent tampering.
These nodes, which are still
under development, will be
designed to integrate with
corporate security systems,
distributing keys for virtual
private networks or database
security within a building. "The
idea is to set up a network
which would be dedicated to
cryptography-key
management," says Ribordy. ID
Quantique's gear will do the
quantum key exchange, while
Battelle will build the trusted
nodes.
Researchers also hope to treat
satellites in space as trusted
nodes and to send photons
through the air, rather than
over optical-fiber links. In the
nearer term, though, Battelle's
land-based QKD network may
be the most viable approach to
introducing quantum
encryption into today's
networks. Yet it still faces
significant challenges. For
starters, the cost of point-to-
point QKD is about 25 to 50
percent more than for classical
encryption, says Ribordy, and
connecting locations hundreds
of kilometers apart would
require multiple systems. That
means Battelle will need to
find a customer with an
application that warrants the
added expense. Verizon
Communications, which offers
network security services,
tested QKD from 2005 to 2006,
but it determined there wasn't
a viable business case because
of distance limitations and the
limited market for the
technology.
Also, QKD hardware can't
easily plug into the existing
telecom hardware, says
Duncan Earl, chief technology
officer of GridCom
Technologies , which plans to
use QKD for electricity grid
control networks. Established
networks have routers and
switches that would ruin the
key distribution's delicate
physics.
On a technical level, though,
the work really only requires
good engineering, not scientific
breakthroughs, says Hayford.
And the hybrid approach can
accommodate future advances
in quantum cryptography, such
as quantum repeaters. Given
the growing concerns over
cybersecurity, it's better to test
the worth of quantum
encryption sooner rather than
later, he says.
No comments:
Post a Comment