Demystifying “The Quantum”

10 Minutes

As we come into 2019, there is a lot of talk of “Quantum” – Quantum Computers, Quantum Encryption, Quantum Keys, etc...

The term, taken from physics, is more than jargon and has real meaning in most cases. It’s that physics aspect that we all understand as something near magic. In pop culture, from Ant-Man movies to the old 90’s show Quantum Leap, many have been exposed to the concepts and perceived power of “The Quantum”. As a metaphor, the term Quantum Leap means we are jumping ahead by some large measure. According to Merriam Webster, a Quantum Leap is an abrupt change, sudden increase, or dramatic advance. This is likely the image conjured by most people when they hear the word Quantum. Quantum Leap is actually applicable to both Quantum Computing and new breakthroughs in Quantum Encryption.

The Quantum is the smallest entity that is involved in an interaction. Think of this as the study of things atomic and subatomic and how they interact. Of particular interest in cryptography is the photon. An easy way to think if this is a positive and negative magnetic pull. If the photon is charged positively, it points one direction, let’s call it north. If it is charged negative, it will point, for our example, south. It can also be a combination of the two or, simply put, a percentage of both. Once charged, photons in light are incredibly stable. They can also be manipulated and measured so a single photon can be used to carry information. As we try to shrink computer processing to a smaller and smaller size, a photon is likely the limit of where we can go.

This gives way to Quantum Computing where we can use an atom, ion, proton or electron to act as bits in a computer. We can also use multiple atomic or subatomic particles but, unlike with bits, this creates a superposition of states. Without getting too technical, when more than one element is used, this feature allows us to solve multiple problems all at once for certain types of calculations. (Don’t go sell your computer chip stocks quite yet…Quantum Computers are not efficient at executing most of our common computer tasks.) Quantum bits, or qubits as they are known, allow us to solve very large, exponentially complex equations very quickly. The issue for cybersecurity is one of those large exponential problems is the brute force cracking of an encryption key. The complexity of AES 256, one of the strongest legacy encryptions, is 2256. If you have 300 Qubits, the power of that computer is 2300. This means a quantum computer with 300 qubits has the power to discover the encryption key in near real-time. The most concerning issue is there is a “space race” to build a reliable, working quantum computer. The science is sound, so this will happen within the next 10 years and likely sooner.

This should concern everyone using encryption to protect data across a network for 2 reasons:

  1. Recording data in an IP network like the internet is trivial. You should assume, if your data has value, someone is likely recording it now.
  2. Recorded data can be decrypted later when Quantum Computers (or some other means of deriving a key) are available.

This warning came from IBM research where they stated everyone who has data that needs to be protected for the next 10 years needs to change to a new encryption method immediately. This is not alarmist at all. The NSA is issuing similar warnings that critical data needs to use Quantum resistant algorithms.

While the NSA is calling for “Quantum Resistant”, what we really need is Quantum Proof. The fact is, the way we do encryption today is just not safe. Anything that is calculated can be solved for. The irony is the solution seems to be to fight Quantum with Quantum. This brings us to another area where Physics meets Computer Science: Quantum Cryptography. (We warned you that Quantum has almost, but not quite, become jargon.) This field studies using quantum mechanical properties to complete cryptographic tasks.

The most noted is Quantum Key Distribution (QKD). This uses quantum mechanics to set keys in the photons of laser light to distribute them to the other side. This technique has been around for a few decades. There are physical limitations that have caused it not to be implemented widely. First, it does not work for our modern cloud concepts where anything connects to anything else. This technique is point to point only. One of the alluring features is that if the key distribution is tampered with (read) before it reaches its destination, it not only can be detected, it destroys the information by changing the polarization. While it is great to know someone has read the key, you now have a denial of service situation and one where the key was read by the man in the middle so only he has the key (not a minor detail). The only reasonable way to combat this is to stop the transmission of data which in turn denies service. QKD, in its current form, also has a range limit of about 60 miles. The only way known to get past this is to repeat the signal. During regeneration, the data and/or key is exposed. All that said, this solves the classic Key Distribution Problem where the key can be distributed safely allowing a Vernam Cipher to be employed. In a Vernam Cipher, each byte of data has a unique key which means, using a True Random Number Generator (TRNG), there is nothing to solve for if the key and the data remain secret. A Quantum Computer cannot crack a Vernam Cipher as there is nothing to solve for. Since each byte has a random key, it could be anything.

If we broaden QKD to generically mean distribution of a quantum key, we need two things: a Quantum Key Generator and a foolproof, secure way to transmit those keys. Introspective Networks has solved #2 and is partnering with Quintessence Labs to help solve problem #1.

The important point is, before getting confused by everything Quantum, it is the Vernam Cipher, an over 100-year-old technique, is critical to stopping the Quantum Computing threat. Using a Quantum Key created with a True Random Number Generator (TRNG), we can completely protect data from Quantum Computing. All keys are generated randomly so there is nothing to solve for.

Introspective Networks has partnered with QuintessenceLabs, the maker of the fastest commercial Quantum Random Number Generators, to create practical Quantum Encryption. Using a QuintessenceLabs qStream TRNG (True Random Number Generator) card with Introspective Networks Streaming Transmission One-time-pad Protocol (STOP), we have a practical, Internet-friendly method for Quantum Key Distribution and Quantum Encryption. Whether it is VPN network, application to application or point to point, STOP protects data from the Quantum Computer threat. With qStream, we now have a valid source of Quantum Entropy or, more simply put, randomness. In the end, we are fighting the Quantum Computer threat with Quantum encryption. This technology works and is available now. Reach out to Introspective Networks today to learn more about how you can protect your data from Quantum Computing today.

Trusted partners throughout the industry.