Quantum Key Distribution — what is it, and why does it matter?
More and more, we are hearing about quantum this and quantum that — some sort of mystical science which is supposed to bring huge technological advances to humanity.
Well, some scientists and engineers are now saying that the emerging field of Quantum Key Distribution, or QKD, could actually resolve a massive political and diplomatic squabble between East and West.
Quantum cryptography is the science of exploiting quantum mechanical properties to perform important cryptographic tasks — essentially getting information from A to B, in a secure manner.
The best known example of this is QKD which offers an information-theoretically secure solution to the key exchange problem.
But first, a little bit of background:
At the start of 2019, China’s Huawei was poised to become the world’s largest smartphone manufacturer, stealing the crown from Samsung.
Despite this success, the telecom giant has dealt with numerous accusations over the years of shady business practices. It also has been accused — although with no hard proof — of using its products to spy on other nations.
The US National Security Agency, the Central Intelligence Agency, Britain’s Mi6 Secret Intelligence Service and the so-called Five Eyes Intelligence Group have all followed the Pentagon line, issuing warnings against any ally who dares to use Huawei’s 5G technology.
In the UK, for example, companies are even having to rip out existing Huawei systems, and replace that with Nokia and Ericsson equipment by 2027.
Then in May 2019, US President Donald Trump announced that Huawei — along with several other Chinese companies — was now on something called the Entity List.
Companies on this list are unable to do business with any organization that operates in the United States.
Overnight, Huawei was suddenly unable to work with companies such as Google, Qualcomm, and Intel, among many others, forcing the company to completely revamp how it creates and releases smartphones.
The sanctions also caused a major diplomatic rift between the US and China, escalating an already dangerous situation in the South China Sea and around the world.
And it all boils down to this: Huawei’s critics say its close ties to the Chinese government mean Beijing could use the equipment for espionage or to disrupt telecommunications — a point the company strongly disputes.
But according to scientists and engineers involved in researching QKD, this would not be possible — if the world’s telcos were to install QKD equipment in 5G Wireless base stations, ZDNet.com reported.
These facilities are linked to one another by fiber optic cable.
This same cable, the engineers say, could be leveraged to provide impenetrable communications, from which neither China nor anyone else could glean information.
“Although we think of 5G and 4G and cellular and wireless technology, underpinning all of that is a very large fiber optic network. And that fiber optic network needs securing,” remarked Dr. Duncan Earl, currently president and CTO of California-based Qubitekk Inc., and a veteran scientist at Oak Ridge National Laboratories.
Dr. Earl told the Inside Quantum Technology New York virtual conference on Wednesday that existing technology — not tomorrow’s quantum discoveries — could provide a long-term security solution for all 5G equipment, including but not limited to Huawei’s.
He even characterized this solution as “obvious.”
“There’s a big concern over foreign equipment being located or used on a 5G network,” stated Earl, using very diplomatic language.
“In these base stations. . . you may be installing equipment that actually is tapping into those communications.”
But that “foreign equipment” may have a cost advantage over alternatives from other manufacturers, he went on, especially in building out 5G networks in rural areas.
(Huawei’s and ZTE’s price advantages are so well-documented, that this topic alone has become a discussion point in national security circles.)
“You could use quantum technology to essentially hop over these base stations,” Earl said.
Fronthaul fiber is what the telecom industry calls the fiber optic connections leading from antennas to baseband units (BBU) located in telco central offices.
On the other end, backhaul connections lead from central offices to the transmitters throughout the wireless network — which happen to share tower space with antennas. In fact, the overlapping connections themselves have come to be known as crosshaul.
At the antenna end, a QKD transceiver could encrypt all fronthaul data flowing into the BBU, Earl suggested.
That encryption would be bonded by physics rather than cryptography — an encryption so strong that the very act of intrusion would break the connection (which may instantly be re-established using a new quantum key).
“So the base station only would see encrypted payloads,” he said. “Once those were sorted and routed, as they left the base station, they would be decrypted by another quantum system.”
This would allow the Radio Access Network (RAN) to continue to operate exactly as it does now, without retrofitting or re-engineering.
In a cellular network, data may traverse a variety of base stations.
But one of the curious, even bewildering, phenomena of quantum networks is that the entanglement between qubits at the source and the eventual destination, establishes a kind of ethereal link between them, even in the absence of a direct fiber connection.
Nobody really knows quite how or why entanglement works.
It even baffled Einstein, who famously described it as “spooky action at a distance.”
However, any quantum bond from point to point would be just as secure as if the network solely had those two points.
This phenomenon, says Dr. Earl, referring to recent experiments by BT Group in the UK and Verizon in the US, that provide incontrovertible evidence to his point, means that encryption effectively “hops over the base stations.”
In short, and at least theoretically, the types of security vulnerabilities cited by the NSA could actually become impossible.
Here is a simplified version, that breaks it down even further, courtesy QuantumXchange:
Imagine you have two people, Alice and Bob, who want to send a secret to each other that no one else can intercept. With QKD, Alice sends Bob a series of polarized photons over a fiber optic cable. This cable doesn’t need to be secured because the photons have a randomized quantum state.
If an eavesdropper, named Eve, tries to listen in on the conversation, she has to read each photon to read the secret. Then she must pass that photon on to Bob. By reading the photon, Eve alters the photon’s quantum state, which introduces errors into the quantum key.
This alerts Alice and Bob that someone is listening and the key has been compromised, so they discard the key. Alice has to send Bob a new key that isn’t compromised, and then Bob can use that key to read the secret.
That leads us to the question, will that change anyone’s mind in US intelligence circles?
Beginning in 2015, the NSA took the stance that quantum encryption was a threat to national security, and tasked the National Institute of Standards and Technology (NIST) with choosing “post-quantum” cryptography methods (PQC) that could replace current-day PKI (Public Key Infrastructure).
In 2019, the NSA’s research director suggested the very search for PQC solutions, if made too public and shared with too many folks, could itself be a threat to security.
In April, NIST published guidance on its PQC efforts to date. In it, the agency characterized the still-forthcoming date when a quantum algorithm (specifically, Shor’s Algorithm) breaks PKI as “a particularly disruptive cryptographic transition.”
That transition, the report goes on, can only be met by rapid and fundamental improvements to classical cryptography methods. The report does not even mention the existence of QKD.
“Today, the NSA has a very blunt perspective,” remarked Qubitekk vice-president of engineering, K. Karunaratne, speaking at the IQT conference. “Really, the intent we want is, persuade them — and I agree that’s a very hard task — that QKD does have a place, for its specific use cases.”
Why does the NSA take such an antagonistic position, asked IQT Research’s Lawrence Gasman.
“I think a fair amount of their attitude,” responded Karunaratne, “is based on a lack of knowledge of what QKD really is, and how QKD has been implemented.”
In his communications with government officials, including with NIST (National Institute of Standards and Technology), Karunaratne said, some believe their policy toward “responding” to QKD has already been finalized.
“A lot of these challenges, I think, are dated,” he went on, “and they’re based in a lack of knowledge on the NSA’s part, about what modern QKD is, and how it’s implemented.”
Sources: ZDNet.com, Android Authority, NY Times, QuantumXchange