Does Your Smartphone Have Quantum Key Distribution Built in Yet?

Subscribe To Download This Insight

By Jake Saunders | 4Q 2019 | IN-5680

5G deployments are certainly gathering pace. As of 3Q 2019, the Global mobile Supplier Association (GSA) reported that 296 operators in 100 countries have licensed, tested, trialed, or carried out a launch of 5G, out of which 56 operators in 32 countries have announced the infrastructure deployment of 5G and 39 operators have announced limited or full-scale 5G service launches. There is, however, the very real possibility of a potential technological “collision” between 5G and quantum computing. Indeed, this collision would also impact the legacy wireless communications technologies 3G, 4G, Wi-Fi, and fixed telco communications.

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Insight.

 

A Collision Is on the Horizon

NEWS


5G deployments are certainly gathering pace. As of 3Q 2019, the Global mobile Supplier Association (GSA) reported that 296 operators in 100 countries have licensed, tested, trialed, or carried out a launch of 5G, out of which 56 operators in 32 countries have announced the infrastructure deployment of 5G and 39 operators have announced limited or full-scale 5G service launches. There is, however, the very real possibility of a potential technological “collision” between 5G and quantum computing. Indeed, this collision would also impact the legacy wireless communications technologies 3G, 4G, Wi-Fi, and fixed telco communications.

All communication devices rely on encryption to varying degrees of robustness. From cloud servers to smartphones to the telemetry emanating from Internet of Things (IoT) devices, they all rely on encryption to scramble transmitted information. 5G is anticipated to prime a fourth industrial revolution as IoT modules, wireless data terminals, and untethered Augmented Reality (AR)/Virtual Reality (VR) glasses free up industrial work processes and personnel.

At the heart of a communications device is a chipset that carries out cryptographic operations but, just as crucially, those cryptographic operations need an ongoing source of random numbers. These random numbers help to create cipher keys and generate the seed values for counters and protocol parameters. Weak or predictable random numbers expose the communications device to attacks that can compromise keys, intercept data, and ultimately allow the device to be hacked.

Achieving True Randomness

IMPACT


Generating a “true” random number is not an easy process. There are mathematical algorithms that can generate “pseudo-random” numbers, which may look random to the human eye, but “government agency-scale” server farms can certainly crack open pseudo-random number-seeded encryption schemes.  In reality, even some high-end computer workstations can witness the cracking of music and video encryption protocols, which have relied on weak, pseudo-random encryption schemes.

More up-to-date communication systems, including LTE, Wi-Fi, etc., do rely on true random numbers, often generated by hardware-based random number generators. Hardware-based random number generators often rely on “reverse-biased transistors,” thermal noise generated from a resistor, or two crystal oscillators that are deliberately out of sync. However, the challenge can be that the random generator source occasionally reverts to a non-random string of numbers due to a disruption in environmental conditions or bias in the post-processing of the source data.

Beef Up Encryption

While a true universal quantum computer may still be on the horizon, there are some (either ominous or exciting, depending on your viewpoint) indications that such a computer may arise. Other ABI Insights have delved into the prospects of quantum computers, but even if a fully operational quantum computer is still some decades away (unlikely), there is a risk that hostile governments and malicious actors have been storing encrypted data for a future time when a quantum computer can “crack” the encryption.  

ITU Initiative

In 2019, the International Telecommunication Union (ITU) decided to accelerate the standardization work on quantum-safe security. The principal focus has been on quantum cryptography technologies such as Quantum Key Distribution (QKD) and Quantum Random Number Generators (QRNGs). A QRNG can generate a mathematically provable source of “true” random numbers. QKD would replace the use of Public Key protocols, such as Rivest-Shamir-Adelman encryption (RSA), to generate and use secret keys. In an encryption procedure, a number generator provides the seed values for the encryption protocol. RSA relies on multiplying prime numbers, which is easy to execute but requires brute force to guestimate the original seed values. A quantum computer can use quantum coherence to narrow down the correct seed values and crack the encryption.

It is for this reason that several organizations, not just the ITU, are exploring quantum computing resistant strategies. Elliptic curve isogeny cryptography and symmetric key encryption currently appear to be resistant to quantum computing analysis, but in the case of symmetric key encryption there is the challenge of exchanging the keys between the two intended parties without a third party being able to “view” the key.

Quantum Key Distribution

QKD has the potential to address this weakness. QKD allows two communicating devices to detect the presence of any third party trying to gain knowledge of the key. A fundamental tenet of quantum physics is the reality that the process of measuring a quantum system disturbs the system. Therefore, telcos can implement a communication system that can detect eavesdropping. In December 2018, ID Quantique, the Quantum Technologies Group at the University of Geneva and Corning demonstrated QKD over optical fiber for record setting 421 km. In February 2019, SK Telecom made a US$65 million investment in ID Quantique and has had its own quantum research program since 2011. SK Telecom intends to use its leverage at the ITU and in the 3rd Generation Partnership Project (3GPP) to promote QKD and QRNG standardization efforts.

ITU Galvanizing Efforts

RECOMMENDATIONS


ABI Research estimates that there will be 45 billion wireless devices in operation by 2023. The GSMA has estimated the mobile technologies ecosystem underpinned US$3.3 trillion in value in 2016. Secure communications and reliable authentication are critical to all forms of communications, fixed and wireless. The ITU has been expediting the development of standards for the security of QKD network. The ITU wants to:

  1. Provide an overview of security requirements for QKD networks
  2. Concentrate efforts on the security requirements of secure key management, a specific function of QKD networks
  3. Make recommendations about the use of cryptographic functions for keys provided by a QKD network

Once these best practices have been established, QKP and QRNG software and hardware vendors’ recommendations can be put into place to support equipment interoperability.

The ecosystem is only now starting to coalesce. ID Quantique and SK Telecom are being very proactive. There is, however, a burgeoning list of potential stakeholders raising their profiles. In the United States, Quantum Exchange has joined the Hudson Institute’s Quantum Alliance Initiative (QAI) and the Research and Development (R&D) institute Imec the Netherlands has a joint collaboration with the National University of Singapore (NUS). Other novel QKD providers developing solutions in this sector include MagiQ Technologies, Qubitekk, QuintessenceLabs, and QuNu Labs. No doubt additional organizations will enter the fray. Quantum key distribution may not have the high profile of 5G, but it will be an essential underlying technology.