At this year's Optical Fiber Communications conference (OFC; March 9-14, 2014, San Francisco, CA), leaders in network security gathered at the Workshop on Quantum Security, where they discussed the burgeoning market for quantum photonics solutions. Executives from Europe, China, and the U.S. highlighted growing arrays of applications in datacenters, machine-to-machine (M2M), and large-scale distributed networks.
Ranga Krishnan, with the Electronic Frontier Foundation (San Francisco), a leading privacy nonprofit organization, set the context for how pervasive data theft, collection, and surveillance have become and how protocols for large networks are moving to "encrypt all."
Jim Theodoras of ADVA Optical Networking (Martinsried, Germany) provided background on the current security environment: operators are well aware that "taps are found everywhere in their networks." The existing practices within datacenters are ripe with faults: breaches are mostly due to compromised keys, using insider access, and poor key management practices including infrequent updates. Encryption alone does not offer protection since it does not assure access authenticity, but quantum key distribution (QKD) guarantees confidentiality, detects intruders, and allows frequent, automated changing of keys. Theodoras posited that QKD offers "dramatic scale improvement" as the only key system that meets all needs.
Future impact of quantum computers
Whether there is a large-scale paradigm shift to quantum cryptography depends on how close quantum computers are to decrypting keys. Zac Dutton of Raytheon BBN Technologies (Cambridge, MA) provided the experts' consensus view that generalized large-scale quantum computers would have an impact in around 15 years. Grégoire Ribordy of idQuantique (Geneva, Switzerland) showed a roadmap of expected improvements in error-correction schemes, and discussed Shor's algorithm, a quantum integer-factoring algorithm that might enable 2048-key decryption by 2020. This short timeframe implies substantial risk for data assets that can be tapped and retained long enough to be decrypted later (for example military, industrial, or financial operations, as well as personal records such as social security numbers). Therefore, the time to start deployments is now!
Several speakers highlighted new opportunities in machine communications based on quantum techniques. Duncan Earl of GridCOM Technologies (San Diego, CA) detailed an application he derived from work at Oak Ridge National Laboratory (ORNL; Oak Ridge, TN) to secure the electric grid. Many critical infrastructure environments use public keys and are vulnerable to hacking. GridCOM uses quantum entanglement for keyless authentication in multicast environments that offers a future-proof method, guaranteeing the integrity of m2M communications.
Dutton agrees that the technical community might relax its traditional focus on "perfect" solutions and instead focus on near-term solutions serving known market gaps. Stan Kladko, of Cloudessa (Palo Alto, CA), a serial entrepreneur in security software, concurred that "a lot of holes in current security systems and practices" can be plugged with quantum solutions that can be branded and priced as premium. Examples of other "point" solutions include quantum keys for ATM machines and cell phones noted in the March 12, 2014, Nature Communications by teams in Canada and Singapore.
Quantum backbones
Bruce Nyman of TE SubCom (Newington, NH), Ribordy, and Qiang Zhang of the University of Science and Technology of China (Hefei, China) provided an overview of QKD carrier-grade networks in fiber, free-space, and on the usage of trusted relay nodes. Zhang provided an update on China's QKD networks, including a rollout of a metropolitan QKD network with 50 nodes and 90 users in Jinan for multimedia applications (see figure). By the end of 2016, this "quantum backbone" will encompass 2000 km with trusted relay nodes and link QKD metro-nets between Beijing and Shanghai for commercial traffic from banks and news agencies.
idQuantique reported on a live hybrid system that integrates QKD and conventional security between two Siemens (Munich, Germany) datacenters. In the U.S., idQuantique has worked with Battelle (Columbus, OH) on commercial QKD networks. A backbone from Ohio to Washington, DC will go live in 2015 and will be extended later across the U.S., eventually providing access for datacenters owned and operated by IBM, Amazon, Rackspace, Microsoft, and Google.
With the ramp of deployments around the world, the conclusion of participants was to expand collaborative efforts in areas such as standards, education, and open-source models so that more comprehensive partnerships with incumbent security and networking vendors are enabled. Trade and standards efforts such as the European Telecommunications Standards Institute (ETSI), Federal Information Processing Standards (FIPS), and Advancing Open Standards for the Information Society's Key Management Interoperability Protocol (OASIS-KMIP), among others, are relevant for embedding quantum solutions into productive scalable technology.
Tad Elmer, former CEO of BBN (where he initiated its quantum-information investments more than a decade ago) and now at General Catalyst Ventures (also in Cambridge, MA), noted that economic value was building for commercial acceleration. This OFC workshop established that quantum-security solutions are at the inflection point, poised to enable substantial benefits and economic rewards for users.—Kristin Rauschenbach,Yves Dzialowski,andJohn Dexheimer
The authors were cochairs of the OFC 2014 Workshop on Quantum Security. Kristin Rauschenbach is substrate architect for the NSF GENI Project and former VP at Raytheon/BBN and technical director of optical networking. Yves Dzialowski is chairman of Princeton Lightwave Inc. and was previously senior VP of JDSU. John Dexheimer (e-mail: [email protected]) is president of LightWave Advisors Inc. and a partner of First Analysis Private Equity.