Feeds

Quantum crypto moves out of the lab

Light fantastic

  • alert
  • submit to reddit

Top three mobile application threats

Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ.

Quantum cryptography allows two users on an optical fibre network to exchange secret keys. It takes advantage of the particle-like nature of light. In quantum cryptography, each bit of the key is encoded upon a single light particle (or ‘photon’). Intercepting this data randomly changes the polarisation of the light, irreversibly altering the data. Because of this quantum mechanics effect any attempt by an eavesdropper to determine a key corrupts the same key. Quantum cryptography systems discard these corrupt keys and only use codes that are known to be secure. These quantum keys, once exchanged, can be used in a one-time pad.

Advances in quantum computers or the discovery of advanced mathematical algorithms might one day threaten conventional scrambling techniques but quantum cryptography, properly implemented, is immune from such attacks.

Professor Andrew Briggs, head of Quantum Information Processing Interdisciplinary Research Collaboration at Oxford University, said that the UK had played a critical role in research into quantum cryptography. He urged the British government to do everything it can to make sure British companies profit from this pioneering work. "We've made a world leading contribution to the underlying science. Britain should also be at the forefront of developing applications."

Professor Brian Collins, professor of information systems at Cranfield University, agreed. "The initiative is passing from scientist to system designers to exploit this technology. We ignore it at our peril; it may become the only show in town."

Consultancy QIP, supported by the DTI, organised two seminars this week designed to promote understanding of the potential impacts of quantum cryptography to government officials, reps from the financial services and telecoms industry and the media. It provided a rare opportunity to see a range of systems at work. The event itself was well organised and mercifully free of the marketing hype that often comes with the introduction of new technology.

Live and direct

Toshiba Research Europe demoed a prototype system that applied quantum cryptography to the transmission of streaming video, an initiative that might one day open the door to ultra-secure video conferencing. The system allowed each frame of IP video, to be encrypted with a unique digital key, creating an unbreakable sequence of IP traffic. Toshiba Quantum Key Server produces up to 100 quantum keys per second. Toshiba’s team has already achieved a number of world firsts including the a new type of light emitting diode (LED) that fires out photons one at a time and an ultra-low noise single photon detector.

US start-up MagiQ has already begun selling systems based on its technology in the UK. Staff from UK reseller NOW Wireless were on hand to show how their kit added an extra layer of security on VPNs. Once secure keys are exchanged, data can be encrypted using standard protocols. QintiQ demo-ed its free-space quantum cryptography system. Ultimately its approach might allow quantum keys to be exchange via satellite.

Swiss firm ID Quantique, along with MagiQ, are the only companies selling quantum key distribution systems commercially. Target markets are governments and financial services. Quantum key exchange systems from MagiQ sell at between $70,000-$100,000, a small premium on conventional cryptographic systems.

Although expense is not a factor several limitations with quantum cryptography remain. Hackers can't break codes protected by quantum crypto but they might be able to disrupt communications. Quantum cryptography is limited to use between two dedicated points, or perhaps around a star network. It can't be routed because this process would interfere with the exchange of keys.

Stuart Brooklehurst, SVP at Visa International, pointed out that the absolute secrecy offered by quantum cryptography only referred to the transmission of data. "It’s not a total solution. Risks are at least as great in other parts of the system," he said.

The big play for quantum crypto in financial services is for applications like data recovery and links between wholesale banks. Brooklehurst pointed out that systems have to go through expensive upgrades when protocols are upgraded. Quantum crypto, though initially more expensive, would provide the ultimate in investment protection. ®

Related stories

Quantum crypto edges closer
Team demos first quantum crypto prototype machine
Holy Grail of crypto to arrive in three years, say UK boffins
Quantum Crypto It's in the fiber
Quantum crypto comes to Blighty

Combat fraud and increase customer satisfaction

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Burnt out on patches this month? Oracle's got 104 MORE fixes for you
Mass patch for issues across its software catalog
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
Oracle working on at least 13 Heartbleed fixes
Big Red's cloud is safe and Oracle Linux 6 has been patched, but Java has some issues
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.