Feeds

Quantum crypto moves out of the lab

Light fantastic

  • alert
  • submit to reddit

High performance access to file storage

Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ.

Quantum cryptography allows two users on an optical fibre network to exchange secret keys. It takes advantage of the particle-like nature of light. In quantum cryptography, each bit of the key is encoded upon a single light particle (or ‘photon’). Intercepting this data randomly changes the polarisation of the light, irreversibly altering the data. Because of this quantum mechanics effect any attempt by an eavesdropper to determine a key corrupts the same key. Quantum cryptography systems discard these corrupt keys and only use codes that are known to be secure. These quantum keys, once exchanged, can be used in a one-time pad.

Advances in quantum computers or the discovery of advanced mathematical algorithms might one day threaten conventional scrambling techniques but quantum cryptography, properly implemented, is immune from such attacks.

Professor Andrew Briggs, head of Quantum Information Processing Interdisciplinary Research Collaboration at Oxford University, said that the UK had played a critical role in research into quantum cryptography. He urged the British government to do everything it can to make sure British companies profit from this pioneering work. "We've made a world leading contribution to the underlying science. Britain should also be at the forefront of developing applications."

Professor Brian Collins, professor of information systems at Cranfield University, agreed. "The initiative is passing from scientist to system designers to exploit this technology. We ignore it at our peril; it may become the only show in town."

Consultancy QIP, supported by the DTI, organised two seminars this week designed to promote understanding of the potential impacts of quantum cryptography to government officials, reps from the financial services and telecoms industry and the media. It provided a rare opportunity to see a range of systems at work. The event itself was well organised and mercifully free of the marketing hype that often comes with the introduction of new technology.

Live and direct

Toshiba Research Europe demoed a prototype system that applied quantum cryptography to the transmission of streaming video, an initiative that might one day open the door to ultra-secure video conferencing. The system allowed each frame of IP video, to be encrypted with a unique digital key, creating an unbreakable sequence of IP traffic. Toshiba Quantum Key Server produces up to 100 quantum keys per second. Toshiba’s team has already achieved a number of world firsts including the a new type of light emitting diode (LED) that fires out photons one at a time and an ultra-low noise single photon detector.

US start-up MagiQ has already begun selling systems based on its technology in the UK. Staff from UK reseller NOW Wireless were on hand to show how their kit added an extra layer of security on VPNs. Once secure keys are exchanged, data can be encrypted using standard protocols. QintiQ demo-ed its free-space quantum cryptography system. Ultimately its approach might allow quantum keys to be exchange via satellite.

Swiss firm ID Quantique, along with MagiQ, are the only companies selling quantum key distribution systems commercially. Target markets are governments and financial services. Quantum key exchange systems from MagiQ sell at between $70,000-$100,000, a small premium on conventional cryptographic systems.

Although expense is not a factor several limitations with quantum cryptography remain. Hackers can't break codes protected by quantum crypto but they might be able to disrupt communications. Quantum cryptography is limited to use between two dedicated points, or perhaps around a star network. It can't be routed because this process would interfere with the exchange of keys.

Stuart Brooklehurst, SVP at Visa International, pointed out that the absolute secrecy offered by quantum cryptography only referred to the transmission of data. "It’s not a total solution. Risks are at least as great in other parts of the system," he said.

The big play for quantum crypto in financial services is for applications like data recovery and links between wholesale banks. Brooklehurst pointed out that systems have to go through expensive upgrades when protocols are upgraded. Quantum crypto, though initially more expensive, would provide the ultimate in investment protection. ®

Related stories

Quantum crypto edges closer
Team demos first quantum crypto prototype machine
Holy Grail of crypto to arrive in three years, say UK boffins
Quantum Crypto It's in the fiber
Quantum crypto comes to Blighty

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.