An Ottawa security company says it has successfully tested its quantum key distribution technology over long distances on the internet in preparation for the commercial launch of products later this year.
Quantropi Inc. said it had securely sent huge volumes of random numbers called quantum entropy over conventional and high-speed internet networks as far away as Singapore with what it believes are unprecedented speeds.
If seen useful by customers, the test would set the stage for the company to begin its quantum-entropy-as-a service in the fall.
Briefly, the company said it sent just under 400,000 32-bit encryption keys per second from Ottawa to Edmonton over the CANARIE high-speed research network at speeds as high at times as 100 Mbps.
In a test over the public internet from Ottawa to Singapore – a 15,000 km distance – it sent 55,000 keys a second at speeds no lower than 14 Mbps.
By comparison, the company said, laboratory tests of conventional quantum key distribution (QKD) technologies saw data speeds of only 10 Mbps (about 39,000 keys a second) over a 20 km distance.
The reason this is important, said Quantropi CTO Michael Redding, is the possible advent of practical quantum computers in as soon as five years. Super-fast quantum computers could break existing public key data encryption, which is why experts have been saying for some time governments and businesses have to be ready first with quantum-resistant solutions.
Strong entropy – quantum-resistant random numbers – is needed for safely encrypting and decrypting data, Redding said.
Ultimately Quantropi will launch a platform it calls QiSpace, a quantum-secure service offering a quantum-resistant solution that works on top of existing AES encryption.
“Today’s test was to demonstrate that we could take those random numbers and move them across the network quantum-securely at high data rates over any distance,” Redding said.
”To show how robust our technology is, we dropped it into public internet sites in New York, San Francisco, London, Frankfurt and Singapore and showed we can stream those quantum keys anywhere in the world.
“So the demonstration was to show this was universally applicable and available on today’s internet, which makes it an instant benefit to any enterprise that wants to upgrade its security.”
The company will next have a closed beta of its Sequr quantum-entropy-as-a-service with selected partners to validate the technology and build out use cases. In the fall it plans to have an open beta and launch commercial availability of Sequr. Subscribers would also have access to its Qeep symmetric encryption library. Early next year its Masq asymmetric encryption product for PKI (public key) encryption will be released. With Sequr, Queep and Masq, Quantropi will offer a full quantum secure cryptographic platform, Redding said.
He wouldn’t say how the Sequr service will be priced, other than it would be per endpoint or user like other software embedded encryption libraries.
It isn’t clear, however, if the public or private sector wants entropy-as-a-service yet.
News of the demonstration didn’t impress cybersecurity Bruce Schneier, a lecturer in public policy at Harvard University’s Kennedy School and chief of security architecture at Inrupt, Inc. “Insignificant,” he said in an email after looking at the Quantropi press release. “What problem does it solve? What does it do that can’t be done before?”
“Normal key exchange works fine. There is no one who needs quantum key exchange for anything.”
“We cryptographers have all the math we need for key generation and distribution, and both symmetric and asymmetric cryptography — and a lot of it resists any theoretical quantum computation. There is nothing quantum key distribution adds – except dedicated hardware – that makes it impossible to use in anything but specialized applications. I love the physics, but QKD doesn’t solve any problem I actually have.”
He noted that in 2020 the U.K.’s National Cyber Security Centre issued a white paper on quantum key distribution which pointed out that because QKD protocols don’t provide authentication they are vulnerable to physical man-in-the-middle attacks.
“For this reason, QKD protocols must be deployed alongside cryptographic mechanisms that ensure authentication,” the paper says. “These cryptographic mechanisms must also be secure against the quantum threat.”
QKD is not the only mitigation against the threat of quantum computers, the white paper added. “Work towards standardizing quantum-safe cryptographic algorithms is underway in international standards bodies such as the U.S. National Institute of Standards in Technology (NIST). These algorithms can be implemented on today’s classical computers, and, unlike QKD solutions, do not require dedicated or specialist hardware. Quantum-safe cryptographic algorithms allow two remote parties to agree a shared secret key with authentication, hence without the risk of man-in-the-middle attacks.”
In response, Redding said Quantropi agrees QKD has significant issues and imitations. “It is precisely because we do not believe in the viability of QKD that Quantropi has developed an alternative approach to securely distribute quantum entropy at scale and speed.
“The fact is, there is strong and growing demand for strong entropy / true random numbers at all points in modern digital networks/applications. A substantial body of academic research articulates that strong entropy (formatted into cryptographic keys) improves the performance of existing cryptographic algorithms against current threats (let alone contemplated future quantum threats). Significant additional work shows the weakness of many “local” system random number generators. We demonstrated that is possible to generate and distribute strong entropy (with true randomness measurably “better” than what can be created on standard local random number generators) over any typical network (public or private) to the point of need – without requiring the exotic equipment associated with QKD.
“So by showing that our platform can perform what could be functionally labelled “Digital QKD” (to give it context against current industry themes), we in fact illustrate the ability to provide the key material at volumes modern systems and applications want in a way hardware-based QKD (so far) cannot — as Bruce quite rightly points out.”