shutterstock 1152748454
4.5 min read

What is Quantum cryptography??

Nowadays, we are witnessing a proliferation of cyberattacks, and an emerging greater awareness of their negative impact on the economy and on society. The technological evolution driven by IoT and 5G networks has posed the priority in implementing stronger cryptographic systems, raising the need for security at the edge.

Moreover, the fast development of quantum computing technology represents a serious threat for current encryption systems based on hard to solve mathematical algorithms (e.g. RSA). Today, eavesdroppers may intercept cryptograms that they are not able to decrypt. However, they may store these encrypted communications and wait for their decryption once a sufficiently large quantum computer is technologically available (or a new classical algorithm is discovered).

Therefore, developing products and infrastructures offering long-term security guarantees and stronger computational capabilities is a global priority to ensure the socio-economic growth. Near-term, quantum technologies provide a radically new toolset to realize stronger encryption systems.

Quantum Encryptation

Quantum encryption is the method by which information is converted into secret code by exploiting the properties of quantum mechanics. The science of encrypting, transmitting and decrypting information using the principles of quantum physics is named quantum cryptography. We can differentiate between two main cryptographic areas, that are under development using quantum properties.

  • Quantum-safe cryptography also known as post-quantum cryptography (PQC). It refers to the development of cryptographic algorithms, which are secure against attacks by both classical and quantum computers, and it is used to generate quantum-safe certificates.  In 2016 the National Institute of Standards and Technology (NIST) announced the Post-Quantum Cryptography Standardization Program to identify new algorithms that can resist threats posed by quantum computers. The competition is now in its third round out of expected four, where in each round some algorithms are discarded, and others are studied more closely. They plan is to have new quantum-safe standards in place by 2024.
  • Quantum key distribution. QKD is the process of establishing a shared key between two trusted parties (Alice and Bob) so that an untrusted eavesdropper cannot learn anything about that key. The security in QKD is achieved by encoding random data in the quantum states of individual photons thus allowing the detection of eavesdropping, guaranteeing long-term safety against future quantum computing attacks. In general, QKD is combined with conventional encryption systems, such as AES, where the generated QKD key is used by Alice and Bob to generate temporary session key with AES, to encrypt their messages over Ethernet until it expires.

Both methods require a genuine source of random numbers to be guarantee stronger security. As such, high-quality Quantum Random Number generators are fundamental building blocks for cybersecurity in the quantum era. This technology harnesses the laws of quantum physics to provide true randomness in contrast to deterministic chaotic systems and pseudo random number generators (PRNGs) based on deterministic dynamics or computationally complex algorithms.

Post-quantum cryptography and computational-security systems, as those based on conventional cryptography (RSA, etc…) require lots of random numbers. As the amount of information exchanged increases and with the emergence of new algorithms that require longer keys, the amount of randomness required has increased. In Prepare&Measure protocols (e.g. BB84), QRNGs are used to select the random state to be transmitted. Typically, multiple random bits are required for each state, therefore requiring the QRNG to produce 4 to 5 times faster rates than the QKD device itself.

Quside QRNGs deliver high-quality, high-rate (Gb/s) unpredictable random numbers with measurable entropy to ensure the strongest level of security for any application.

Quantum cryptography is the science that exploits the properties of quantum mechanics to perform cryptographic tasks. There are two main areas of development:

  • Post-quantum cryptography, which aims to create encryption methods which cannot be broken by quantum computers. Current encryption methods will not be safe if a quantum computers become a reality.
  • Quantum key distribution (QKD) is a quantum primitive which enables two trusted users to produce and share keys to encrypt (decrypt) messages in a secure way. The communication method relies on the laws of quantum mechanics to bound the information exchanged between the users that a potential eavesdropper can access.

Since the seminal work of Bennett and Brassard, many experiment have been carried out on QKD[1]. Companies such as ID Quantique, Toshiba, QuintessenceLabs, MagiQ Technologies Inc., LuxQuanta are offering commercial QKD systems. About PQC, NIST initiated a process of evaluating new algorithms resistant to possible quantum computer attacks, regardless the exact time of the arrival of the quantum computing era. The goal is to have new quantum-safe standards in 2024.

[1] Martin V, Martinez-Mateo J, Peev M. Quantum key distribution. In: Wiley encyclopedia of electrical and electronics engineering. New York: Wiley; 2017. p. 1–17

In theory, quantum cryptography is unhackable, because eavesdropping would always be detected.  QKD offers information-theoretic security (ITS), meaning that the vulnerability of the generated key to attacks depends on the protocol implementation and does not require any assumptions on the resources available to an adversary. This property is fundamental to provide long-term security and to avoid harvest now, decrypt later attacks. Nevertheless, a truly usable system may require the combination of quantum cryptography with classical elements, which could be vulnerable if not properly considered.

Quantum encryption is the method by which information is converted into secret code by exploiting the properties of quantum mechanics. Quantum key distribution (QKD) is the most widely studied and viable method which enables two trusted users to produce and share keys to encrypt (decrypt) messages in a secure way.

José Ramon Martínez

Domenico Tulli

Co-founder & CTO

Domenico leads the technology strategy, space initiatives and EU founded projects of Quside. With more than 15 years of experience on integrated photonics, he holds an Telecom. Engineering degree from Bologna University (2006), a Ph.D in Photonics from ICFO (2012) and a MBA from the TPMBA school (2022).

Want to hear more about the quantum side?

RELATED POSTS
Post-quantum cryptography
Post-quantum cryptography

Thus, the only efficient solution for a cybersecurity environment is not so much to just rely on post-quantum algorithms, but to have a crypto-agile cybersecurity architecture. This fact allows for a quick and efficient change of the cryptographic primitives used while always being up-to-date with the latest trends and developments in cybersecurity. This is the only way to guarantee, to the maximum extent possible, the effectiveness and efficiency of communications cybersecurity.

Quantum Computer and Cryptography
Quantum Computer and Cryptography

Invisibly, cryptography permeates through all current communication systems. The ability to guarantee that our messages are transmitted in an unaltered form to only those recipients of interest to us is critical for users to have peace of mind when it comes to relying on the communication channels we use.

Data protection in the cloud
Data protection in the cloud

With the continued transition to the cloud the duty of managing the data security becomes more complex. the responsibility of data protection in the cloud still resides with the data’s owner. Keep reading to learn more about the Data Cloud protection.