Quantum - Safe Security 2020

“Quantum - Safe Security 2020"
Dr.Grégoire Ribordy, IDQ’s CEO

Q-Thai SEM2020 #3

Q& A session by IEEE Communications society - Thailand chapter

incorporated with the IEEE Thailand section's annual meeting 2020

Q-Thai forum by Keattisak Sripimanwat | Published Nov 25, 2020

......................

In the annual meeting of IEEE Thailand section 2020, one of the most interesting topic as a keynote speech was given on the aspects of quantum technology—particularly quantum cryptography. Grégoire Ribordy, the founder of the ID Quantique (iDQ), gave us about forty minutes online talk. He recalled his nineteen years of a quantum technology startup, iDQ, and updated us how far iDQ has grown up till date. Including a number of tips for those who has no technical background (what is the 2nd quantum revolution, where quantum random number generator (QRNG) is embedded into 5G, where SK telecom implemented quantum tech security in its 5G network, how much investment on quantum technology around the world, and many others). The talk is good for all new technology lovers, entrepreneurs, and policy makers. Here is, to expand from his keynote presentation, Q-Thai forum organized another session, in deep, to convey more up-to-date and specific information via Q & A. Dr.Ribordy provides his answers at below. Let's see what and how quantum technology could secure your IT !

Q1 : QKD’s trusted node is claimed as a “temporary solution”, what should be for the future permanent solution without that “trusted node” ?

(ideally if “trusted node” is available in real life, an important question is why we need cryptography !)

Quantum communications are currently limited by optical channel attenuation. Commercial solutions work to about 20dB (100km) and demonstrations in the lab have reached up to 400km. To go beyond, the only current solution is to use trusted nodes. However, as this approach is not quantum end-to-end, it requires “physical security” of the intermediary nodes (hence the term “trusted node”). The holy grail of the field of quantum communications is to build an end-to-end quantum network, sometimes also called as the “Quantum Internet”. It would use the concept of entanglement of photons (long-distance correlations between two photons of a pair) couple with entangled distillation (to remove errors) and entanglement swapping (to increase the distance). This is the vision, for example of the European Union, which is planning a so called Quantum Communication Infrastructure, to be deployed between 2021 and 2027. Still a lot of work to be done, but a fascinating field.

Q2: There was a hot topic on “quantum hack” in the past decade. Eventually, what is the real final story ?

There is no final story. QKD is secure based on the laws of quantum physics, but.. this is true for a model. When you build a real system, you must make sure that it is close enough to the model. Quantum hackers try to use differences between the model and an actual system to extract information. Impressive results were published a few years ago, but they have limited relevance in the real world, as they require an attacker to have access to a system in order to characterize it before mounting an attack. This work is nevertheless essential in order to understand the practical security of QKD systems.

Some people sometimes claims that since QKD can also be attacked, it is thus useless. I disagree: Classical systems are vulnerable to principle attacks and implementation attacks. Quantum systems are only vulnerable to implementation attacks. This is a major advantage.

Q3: ITU’s QKD standard. Is it affected to any TELCOS or telecom service provider and how ?

Standardization is still a new topic for QKD. There are two areas, which are, in my opinion, priorities. First, there are interfaces with external devices to provide keys. Here, we are in a good shape. ETSI released last year (2019) the first interface and it is being adopted by QKD vendors and telecom or encryptor vendors. The second priority is QKD certification, but this is less advanced and should be an area of focus for all actors. Work is done at ETSI (driven by European and US actors) and at ISO (driven by China).

Q4: In 2019 year news, community of quantum information technology (quantum computing & quantum communications) was mentioned with;

- too high “hype”, quantum winter, CATCH 22 ! , (quantum cryptography) seems like a solution to a problem that we don’t really have. What & how iDQ thinks and responses to these ambiguous keywords ?

My view is that it is true that there might be a bit of hype in the field of quantum, but this is mostly for quantum computing and not so much for quantum communications / QKD, where progress is good and steady. Regarding QKD, there is always the question of whether it is too early to invest. Given progress in the field of quantum computing and the time it takes to deploy QKD, it is the right time to start. It is interesting to see that there are several large initiatives about quantum networks in China, Europe or Korea.

There is then also the question that even if quantum computing comes, quantum resistant algorithms are a better solution than QKD. I think that actually both solution are complementary and should be developed in parallel.

Q5: There were a number of reports showing multi-billion dollars market of quantum cryptography (they are costly at a few thousand dollars per user). Many of them were already expired, a few new reports have been going on selling, and it is expected that many new reports would be published continuously. Can we trust on those reports ? Meanwhile, it seems that solely iDQ is that the successful company in QKD industry. Please give us some hints to select and pay for the right report.

First, as you indicate, there are two QKD markets – China and the rest of the world. In China, QKD is a large market with several successful players, such as QuantumCTek, QASKY or CAS Quantum Networks. In last July, QuantumCTek did an IPO on the Shanghai stock market which was very successful.

In the rest of the world, the market is still smaller, but I believe that we are at the inflection point. We see this in our pipeline. Recently Toshiba made an announcement that it anticipates that the market will reach $12B in 2030 and that they will have 25% market share (see here). This is probable much more relevant than the market studies you mention.

Q6: Regarding “quantum channel”, it is that the main limitation of QKD system. Then, what is the future R&D target of this community ? Do they wish quantum channel to merge with existing telecom fiber without any specific (quantum) condition, and how ?

It is true that QKD requires a quantum channel and that it works best when a dedicated fibre (also known as a dark fiber) can be used for this.

It is possible to mix classical and quantum signals, using an approach known as WDM (wavelength division multiplexing), but the crosstalk creates noise in the quantum channel, which limits the range to less than 10dB. In some use cases, it is ok in others it is not.

I do believe however that in general it is possible to spare one optical fiber for the quantum channel.

Q7: In order to convince related Thai government unit to push quantum information technology (policy & industry) for this 2nd quantum revolution, what and how that we should recommend for.

Quantum computing really creates a systemic risk on the current cryptographic infrastructure. This could have a devastating impact and create major disruptions. It should be understood by the relevant Thai governments units. So I would start by training and information sharing about the challenge, possible solutions and international experience.

Q8: (Business model) - please suggest quantum-safe security’s business ideas to Thai TELCOS, regulator, and investors for the next 3-5 years.

Quantum risk assessment done, with identification of key areas and assets which require immediate upgrade to quantum-safe.
Deployment of quantum-safe solutions on a few use cases to build experience about solutions and roll-out challenges and timeline.

At the end of our conversation, Dr.Ribody also noted that "I believe that Thailand needs to prepare for being quantum-safe, like all countries" !

.................

email:

thailand_chapter@comsoc.org

see us everyday at

www.facebook.com/QuantumCryptoThailand

Thai Q-Crypto