The threat of debilitating cyberattacks is at an all-time high. In recent times, it’s not unusual to witness reports of catastrophic data breaches or cybercrime, at enterprise or government levels. Points of vulnerability are only increasing with the rapid digital evolution. Quantum computing poses an existential threat to security, and as stated by National Institute of Standards and Technology (NIST), existing cryptography standards might be broken. With the looming threat of data, IP and reputation loss, businesses and state actors must look at newer, more robust processes for transmitting information securely. Here, quantum safe communication might be the answer.
What exactly is quantum safe communication? What are different ways to establish this? Why do network leaders, CIOs and CTOs need to start taking action today? These questions, along with many others, will be answered in a series of series of articles, focused on quantum communication.
Introducing the ‘Inspiration Series’ by HCLTech Q-Labs
To understand the scope and progression of the quantum communications market, HCLTech Q-Labs conducted a series of sessions, in collaboration with its global innovation partners. The series aims to provide a comprehensive overview of the quantum communications market from academic and industry standpoints, incorporating business and technology verticals. HCLTech’s Q-Labs, being at the center of innovation, aims to accelerate quantum exploration activities to help industry leaders capitalize on quantum technologies.
The panel in the first episode included Abhinav Khare - Head, Tech Venturing and Open Innovation Ecosystem at HCLTech, Guy Dierckx - Cross Cloud Transformations at Proximus, and Joshua Slater - Scientist in Quantum Communication, QuTech & TU Delft. The session encompassed rich discussions among the key stakeholders, each bringing in their respective viewpoints on paving way for a quantum secure world.
Two roads to quantum secure communication
- Quantum Key Distribution (QKD)
QKD operates by transmitting photons—"quantum light's particles"—across an optical link. It promises in principle unconditional security, the holy grail of communication security, based on the laws of physics only. QKD has the advantage of being future proof: unlike classical key distribution, it is not possible for an eavesdropper to keep a transcript of quantum signals sent in a QKD process, owing to the quantum non-cloning theorem. It could ensure security of communications, enabled by quantum cryptography, even in the face of unlimited (quantum) computing power. Its most interesting application is protecting information channels against eavesdropping by means of quantum cryptography. The most well-known and developed application of quantum cryptography is quantum key distribution (QKD). Slater mentioned: “A key focus area of QuTech happens to be multi node quantum key distribution networks, which is part of the larger, six-stage roadmap that is laid for quantum internet. The plan covers everything ranging from point-to-point quantum key to immigrating and distributing networks with quantum technologies.”The beauty of qubits (quantum bits) from a cybersecurity perspective is that if a hacker tries to observe them in transit, their super-fragile quantum state “collapses” to either 1 or 0. This means a hacker can’t tamper with the qubits without leaving behind a telltale sign of the activity.
The global Quantum Key Distribution (QKD) market size is projected to reach $5 billion by 2028, up from $1.4 billion in 2021, at a CAGR of 19.56% during 2022-2028. “The current time of technological advancements is the best time to invest on quantum technology. A mammoth US$ 1.7 billion was invested in 2021, which was double the amount that was invested the year before” said Dierckx.
Slater cleared the air around the practical application of QKD, stating that: “The most significant aspect of employing QKD is that if the key distribution algorithms are to be attacked, it must be done during the actual process of key distribution and not after, which drastically reduces the window of opportunity for data theft.”
“The stakeholders laid a lot of emphasis on QKD owing to the adoption factor associated with it, which is highly relevant for data centers owing to its capability to provide point to point connections, and the ability to encrypt data while it is on motion. QKD would find huge applications especially in the telecom sector and would form the backbone of the future comms infrastructure” added Khare.
- Post Quantum Cryptography (PQC)
One of the greatest threats to our connected world is the vulnerability of digital communication. Hackers devise ways to steal our identities, money and secrets. Cryptography is the science of secrets, which allows information to be exchanged over long distances, but remain hidden from any unintended eavesdroppers. Most modern cryptographic methods rely on problems like factoring, which are difficult for digital computers to solve.If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers and can interoperate with existing communications protocols and networks.
“PQC is not a quantum technology, and is more of classical algorithmic solution, which are believed to not be susceptible to attacks from quantum computers, though we don’t know for sure, but that happens to be the motivation behind its name,” said Slater.
It is unclear when scalable quantum computers will be available. However, in the past year or so, researchers working on building a quantum computer have estimated that it is likely that a quantum computer capable of breaking 2000-bit RSA in a matter of hours could be built by 2030 for a budget of about a billion dollars. This is a serious long-term threat to the cryptosystems currently standardized by NIST.
The market for post-quantum cryptography (PQC) software and chips will ramp up to $9.5 billion by 2029.“PQC is an end user centric technology, as it operates directly with the customers while they are on move, thereby saving the communication between the customers anywhere in the world,” added Khare.
This is also a reason why the market opportunity for PQC is looking to be twice that of QKD by the end of this decade.
Planning for quantum safe communication
Within the next 10 to 20 years, it's likely that general-purpose quantum computers will become commercially viable. The need for quantum networks to connect to cloud-based quantum computers will increase as a result. Additionally, it will create public key infrastructure, enabling quantum internet service providers to meet demand (QISPs).
“It may be the hybrid model, which might run the future,” said Dierckx. He even mentioned the fact that crypto agility must be introduced to enhance security.
The creation and deployment of solutions to fulfil new securityneeds have a comparable timescale, even when the quantum demand is some time off. From the telecom industry point of view, Slater mentioned that as far as choosing between QKD and PQC, it depends on the offerings of the company. For the telecom companies that are into providing fiber and other types of physical layer, they may prefer QKD. Those who are not into fiber and related services may prefer PQC.
Focusing on standardization, Khare stated: “There are standardization activities pertaining to PQC and QKD happening at the governmental level, which will take some time before being implemented. Standardization will help in accelerating the deployment and scaling of these technologies.” Effectively communicating the value proposition would certainly increase the penetration of quantum technology.
The journey ahead
The first session became a revelation for several quantum enthusiasts as quite a few myths, pertaining to different applications of quantum technologies, were busted.
It’s interesting to know and think about how quantum computing, a technology that may have answers to so many problems, could be a possible threat to existing security standards and then lead to the emergence of quantum communication.
The next article in this series will focus on how quantum computing and quantum communication are evolving in tandem and will complement each other to build the enterprises of the future.