Data security is increasingly under threat. In 2024 the world is acutely aware of the implications of digital infrastructure fragility – particularly cyber-attacks. Bad actors are committing more advanced cybercrimes, keen to exploit the value of virtually shared trade secrets, financial data, health records and more
Despite this, our dependence on secure digital communications continues. In fact, there is a global pursuit to become even more virtually connected. This is evidenced by the trends towards 6G, vehicle to everything (V2X) and industry 5.0. The result is an opportunity for the next generation of secure communications technologies, and a gap in the market quantum communications solutions seeks to fill.
Post Quantum Cryptography (PQC)
The first wave of quantum technology to disrupt the communications market is post quantum cryptography (PQC). The irony of the motivation for PQC is that in many ways it is a reaction to the data security threat posed by quantum computers.
Traditional cryptography, for example RSA, depends on the computational complexity of solving for the prime factors of large integers. However, it is anticipated that one day quantum computers will be able to utilize Shor’s algorithms to rapidly solve this problem. For some, the future moment when this is achieved and used to bypass RSA and intercept traditional encrypted communications is known as ‘Q-Day’.
As investment in quantum computing continues, and their capabilities improve – for many the risk of a Q-Day occurring in the next 5-10 years (if not sooner) is very real. For these players an alternative cryptography solution robust to quantum threats is needed – hence post quantum cryptography.
PQC remains a mathematical approach, but using new algorithms and methods which don’t depends on prime factors. Demonstrating the robustness and infallibility of these algorithms is a challenge, and to date is largely overseen by NIST. In 2024 NIST released federal information processing standards (FIPS) for three algorithms (formerly known as Kyber, CRYSTALS-Dilithium and SPHINCS+).
Network managers globally are now being encouraged to begin the process of integrating PQC, and more broadly to remain ‘crypto-agile’. There is lingering fear in the industry of the long migration timelines between cryptographic solutions which occurred around the millennium, with some cases exceeding ten years to complete. Given this timescale is comparable to the rate at which quantum computers are advancing, for many now is the time to prepare. This driver is compounded by the awareness of ‘hack-now decrypt later’ (HNDL) activities thought to be prevalent worldwide.
Quantum Key Distribution
Sharing public keys is a mainstay of digital communications. However, once again, there is often a reliance on prime number factorization to secure the relationship between a public key and a private key necessary to decode a message or data stream.
Indeed, for some of the highest security applications the dependence on private key sharing can be so paramount it depends on the use of personal couriers or tamper-proof packaging. Of course, when it comes to guarantees of trust, even these methods can be fallible.
But what if you could prove that the key you needed to be share hadn’t been intercepted? Well, this is the value proposition of quantum key distribution (QKD). QKD is a complimentary solution to PQC, just less about software upgrades and more about hardware innovations. QKD transmitters and receivers designed to share cryptographic keys have recently been commercialized and continue to be developed and adapted to suit new markets. Key players in these markets include Toshiba and IDQuantique, with competition mounting from newer players such as KETS quantum.
QKD depends on the use of light to transmit information. Keys can be encoded into photon properties by the sender and measured by the receiver. The trick is a law in quantum physics which states photon properties cannot be cloned. Ultimately this means if an eves-dropper intercepts a photon they would be forced to generate a new one to send on, and guess the properties encoded by the sender.
QKD protocols have been developed which allow the receiver of a key to instantly be alerted to the presence of an eves-dropper, and better still prevent a vulnerable message from being sent at all.
For now, QKD is fairly bulky and expensive. Demonstrations of their implementation are typically found at the ‘metro-scale’. Optical fiber losses present a limit to the distance QKD transmitters/receivers can be separated. However, R&D continues into free-space QKD and even chip-scale QKD, which could go on to have huge implications for the future of telecommunications infrastructure.
Outlook
Overall, quantum technology is looking to play a key role in securing future communications. There are mathematical based approaches like PQC which are available to most network managers now, as well as hardware solutions for the highest security applications like governments and financial institutions.
Looking ahead, whether you’re a quantum sceptic or not, data security and cyber-crime will continue to impact as all. The riskiest decision for all network managers today would be to ignore the role of quantum in both threatening and securing communications. As for the innovators and horizon scanners, it’s a case of act now for a chance to reap the rewards of early adoption and collaboration later.
For more insight and ten year market forecasts covering the Quantum Technology Market, see IDTechEx’s dedicated reports covering Quantum Computing, Quantum Sensors, and Quantum Communications. This includes extensive coverage of the emerging quantum communications solutions include post quantum cryptography, quantum random number generators, and quantum key distribution. For the full portfolio of research available, please visit www.IDTechEx.com/Research/Quantum.
The post Quantum Technology for Security and Communication appeared first on Cybersecurity Magazine.