As quantum computers move from the lab into operation, companies are rushing to develop post quantum encryption. You hear terms like quantum safe, quantum-proof, quantum safe, quantum encryption, and quantum cryptography used frequently. There are now many terms to describe similar approaches to protecting data and ensuring secure communications. So, how do you make sense of all of it, and what technology protects data?
First, to understand the quantum security market space you must understand basic concepts and how they are deployed. Today there are three main areas of quantum data security, each with a different approach to data protection:
- Post Quantum Cryptography
- Quantum Key Distribution (QKD)
- Quantum Cryptography
When we started Secured2, we evaluated all these concepts and spent countless hours researching these different approaches from a technical perspective. We soon recognized the technologies mentioned above are not the future and do not solve the problem of data security in a post-quantum world.
Here, I summarize each approach being developed and why we did not pursue development:
Post Quantum Cryptography
Post Quantum Cryptography describes algorithms that prevent direct attack by a quantum computer. These use mathematically based formulas to protect the public encryption key infrastructure. Many of these algorithms have been developed through the NIST post-quantum program to establish new standards to protect our data systems.
Risk factors: The biggest issue is there are no post quantum encryption algorithms in the market, and NIST anticipates an approved algorithm in 2023 (too late). As we have evaluated some approaches, many of these algorithms are not practical and require expensive resources to operate at scale. We are seeing these algorithms cannot work on x86 based computers. These new algorithms do not fit into the existing data infrastructure and will require massive integrations into the current technology stack that will take several years to deploy. These ideas look good in the lab, but they cannot be implemented in the real world.
Quantum Key Distribution (QKD)
QKD is a communication method that implements a cryptographic protocol utilizing quantum mechanics. It allows two parties to share a random secret key known only to them. This private key can encrypt and decrypt messages. A primary function of QKD is detecting any third party trying to gain knowledge of the key.
One component of this new security method is using quantum superpositions and quantum entanglement to transmit information in a quantum state. If anyone intercepts the communication, this interruption will disrupt the quantum state, and the transmission is aborted, protecting the communication.
Risk factors: QKD falls short as a viable solution. It’s expensive, hard to implement, requires specialized hardware and is still an unproven solution. As Bruce Schneier a leading cyber security expert said, “QKD is as useless as it is expensive.”
Quantum Cryptography (aka Quantum Encryption or Quantum Security) is the practice of leveraging quantum mechanics to enhance security and detect if a bad actor is eavesdropping on secure communication. Quantum cryptography utilizes the laws of physics that say’s “it’s impossible to identify the location of a particle without changing the state of the particle.” The technology works by sending photons, which are “quantum particles” of light sent across an optical link.
Risk factors: The challenges with Quantum Cryptography are its expensive to implement, needs specialized equipment, has limited signal distance, and isn’t tested enough to know its complete risk profile. Several companies, including Google, IBM, and Toshiba, have announced initiatives in this area.
As we examined the above technologies, we concluded none of these could meet our objective for providing post-quantum data security.