Feeds

Quantum crypto moves out of the lab

Light fantastic

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ.

Quantum cryptography allows two users on an optical fibre network to exchange secret keys. It takes advantage of the particle-like nature of light. In quantum cryptography, each bit of the key is encoded upon a single light particle (or ‘photon’). Intercepting this data randomly changes the polarisation of the light, irreversibly altering the data. Because of this quantum mechanics effect any attempt by an eavesdropper to determine a key corrupts the same key. Quantum cryptography systems discard these corrupt keys and only use codes that are known to be secure. These quantum keys, once exchanged, can be used in a one-time pad.

Advances in quantum computers or the discovery of advanced mathematical algorithms might one day threaten conventional scrambling techniques but quantum cryptography, properly implemented, is immune from such attacks.

Professor Andrew Briggs, head of Quantum Information Processing Interdisciplinary Research Collaboration at Oxford University, said that the UK had played a critical role in research into quantum cryptography. He urged the British government to do everything it can to make sure British companies profit from this pioneering work. "We've made a world leading contribution to the underlying science. Britain should also be at the forefront of developing applications."

Professor Brian Collins, professor of information systems at Cranfield University, agreed. "The initiative is passing from scientist to system designers to exploit this technology. We ignore it at our peril; it may become the only show in town."

Consultancy QIP, supported by the DTI, organised two seminars this week designed to promote understanding of the potential impacts of quantum cryptography to government officials, reps from the financial services and telecoms industry and the media. It provided a rare opportunity to see a range of systems at work. The event itself was well organised and mercifully free of the marketing hype that often comes with the introduction of new technology.

Live and direct

Toshiba Research Europe demoed a prototype system that applied quantum cryptography to the transmission of streaming video, an initiative that might one day open the door to ultra-secure video conferencing. The system allowed each frame of IP video, to be encrypted with a unique digital key, creating an unbreakable sequence of IP traffic. Toshiba Quantum Key Server produces up to 100 quantum keys per second. Toshiba’s team has already achieved a number of world firsts including the a new type of light emitting diode (LED) that fires out photons one at a time and an ultra-low noise single photon detector.

US start-up MagiQ has already begun selling systems based on its technology in the UK. Staff from UK reseller NOW Wireless were on hand to show how their kit added an extra layer of security on VPNs. Once secure keys are exchanged, data can be encrypted using standard protocols. QintiQ demo-ed its free-space quantum cryptography system. Ultimately its approach might allow quantum keys to be exchange via satellite.

Swiss firm ID Quantique, along with MagiQ, are the only companies selling quantum key distribution systems commercially. Target markets are governments and financial services. Quantum key exchange systems from MagiQ sell at between $70,000-$100,000, a small premium on conventional cryptographic systems.

Although expense is not a factor several limitations with quantum cryptography remain. Hackers can't break codes protected by quantum crypto but they might be able to disrupt communications. Quantum cryptography is limited to use between two dedicated points, or perhaps around a star network. It can't be routed because this process would interfere with the exchange of keys.

Stuart Brooklehurst, SVP at Visa International, pointed out that the absolute secrecy offered by quantum cryptography only referred to the transmission of data. "It’s not a total solution. Risks are at least as great in other parts of the system," he said.

The big play for quantum crypto in financial services is for applications like data recovery and links between wholesale banks. Brooklehurst pointed out that systems have to go through expensive upgrades when protocols are upgraded. Quantum crypto, though initially more expensive, would provide the ultimate in investment protection. ®

Related stories

Quantum crypto edges closer
Team demos first quantum crypto prototype machine
Holy Grail of crypto to arrive in three years, say UK boffins
Quantum Crypto It's in the fiber
Quantum crypto comes to Blighty

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.