Network engineers are watching the downside of quantum computer development: emergence of a cryptographically relevant quantum computer (CRQC). Theorised for years, a CRQC renders widely used asymmetric cryptography useless. Among the fears is the ability for a bad-state actor to decipher previously stored encrypted data in a harvest now-decrypt later (HNDL) attack. This realisation caused the US NIST to change recommendations for handling sensitive data and triggered the European Union to establish the EuroQCI initiative.
Protecting data in the quantum age is not a simple matter of installing an appliance or upgrading software. It requires a review of the total network infrastructure and planned adoption of new security technologies. Decision makers should immediately evaluate and prioritise which portions of their networks are most at risk and implement countermeasures to assure that today’s data is staying secure from later unauthorised decryption while also ensuring protection into the future.
Proven ciphers like symmetric classic key distribution stand alongside novel concepts such as quantum key distribution (QKD) and post-quantum cryptography (PQC). It is easy to confuse these solutions and assume that one has a place over the other. It’s best to view each as having a role to play over the coming years. QKD is a fascinating way to use quantum mechanics to ensure absolute randomness and intrusion detection. Yet there are many challenges in its implementation, and it will not cover every network situation. Similarly, PQC, using mathematics-based algorithms and asymmetric key distribution, promises to meet security needs of dynamic connections at higher layers. But PQC also has time consuming issues to work through in standardisation, product development and certification.
Nokia believes the Quantum-Safe Network is evolutive. Utilising classic physics based pre-shared keys, distributed through manual or automated means provides quantum-safe protection against HNDL attack now. QKD and PQC are capabilities which can be added to a classic physics-based infrastructure, creating a highly resilient, flexible hybrid architecture. Connectivity at any layer can be protected today and kept safe from CRQC attack into the future.
Earlier in 2023, Greece’s NREN GRNET engaged with Nokia in a proof-of-concept trial for components of the HellasQCI Project; a QKD architecture, based on the objectives of EuroQCI. GRNET operates under the Ministry of Digital Governance, providing networking, cloud computing, HPC, and e-Infrastructures. It connects more than 150 organisations across 50 cities and serves hundreds of thousands of users daily in Public Administration, Education, Research, Health and Culture. HellasQCI will ensure quantum-safe connectivity for critical infrastructures.
HellasQCI will build on three metropolitan test sites, using both terrestrial fibre links and satellite links in the QKD architecture. This terrestrial and space approach both minimises cost and mitigates fibre distance limitations of QKD. Also, HellasQCI will evaluate quantum key distribution technologies, including continuous and discrete variable (CV-QKD and DV-QKD) and single photon entanglement. These deployments will support the maturity of QKD into future applications.
In time, Hellas QCI will become a global model for the evolutive quantum-safe blueprint for secure connectivity among diverse users and domains.
Learn more about Quantum- Safe Networks and Nokia’s evolutive blueprints in this white paper: https://onestore.nokia.com/asset/213258
Read or download the full magazine here
