x
Optical/IP

Quantum Crypto Gets a Chance

Quantum cryptography is starting to emerge in commercial form, but it's far from being a major part of the industry. In fact, even if it works as promised, the technology applies only to specialized situations and needs.

Products are finally coming to market, though, the culmination of more than a decade of research. Both ID Quantique in Geneva and MagiQ Technologies Inc. recently launched products in this market for the esoteric stuff.

Quantum cryptography doesn't replace all of cryptography. It handles only one aspect, known as the key exchange. The key is the number that allows anyone to crack the code, so obviously, cryptography doesn't work unless the key is kept secret.

"Quantum cryptography" refers to a way of sending that key. It's done with individual photons and exploits the principles of quantum mechanics. Anyone tapping the line to observe the photons will disrupt the process, and both the sender and receiver will know they've got an intruder. Once the key is received, the rest of the security process is handled normally: Data is encrypted using conventional electronics and sent along the usual copper or fiber route.

The key to quantum key exchange lies in having a detector sensitive enough to work at the individual photon level. That's the product ID Quantique has concentrated on, along with a hardware-based random-number generator (see Quantum Cipher Sent by Fiber).

MagiQ's trick was to take advantage of commercially available parts and bundle them into a box, the first time that's been attempted for the commercial market. MagiQ is developing its own photonics as well, but for now, the photonic detector inside its box comes from another company, as do the electronics that perform the encryption and data handling (see MagiQ Demos Quantum Cryptography and Startup Says Quantum Crypto Is Real).

This wasn't practical before now, due to the price. "One of the optical components we use costs $500. Three or four years ago, it would have cost $15,000," says Bob Gelfond, MagiQ CEO.

Price hasn't been the only barrier, though. Tom Hausken, an optical components analyst for Strategies Unlimited, actually had a look at quantum crypto about 10 years ago as a staff member at Congress. He helped conduct an analysis that ultimately deemed the technology impractical. At the time, it couldn't cover long distances and required polarization-maintaining fiber.

Distance is a problem because the farther the photon travels, the greater the chance of it getting absorbed or scattered. In other words, it might not reach the other side. But researchers have gotten photons to survive longer and longer trips. Mitsubishi Electric Corp. reported transmissions of 87 kilometers a year ago, and NEC Corp. (Nasdaq: NIPNY; Tokyo: 6701) boasted of a 100km, single-photon transmission in July (see Mitsubishi Creates Quantum Crypto and NEC Transmits Quanta).

And most efforts these days don't need specialized fiber. "We're really focused on using standard telecom fiber. The better the fiber, the better the distance, but -- standard fiber," says Grégoire Ribordy, CEO of ID Quantique.

But there's another troublesome factor: The quantum key exchange has to take place on a dedicated fiber; you can't have other traffic piling its way in there and mucking up the single-photon transmission. For that reason, the technology is still aimed at "a very restricted class of networks," Ribordy says, conceding that "it's not going to replace the existing technology" any time soon.

But here, MagiQ claims to have still more tricks up its sleeve, including a way to send the quantum key distribution across ordinary DWDM links. That technology won't emerge any time soon, however, and Gelfond isn't giving any hints about the timeline.

Despite all the progress, there's a chance quantum cryptography might never have its day. For one thing, it's debatable whether companies need the "unbreakable" security of quantum crypto. "The greatest threats to computer security are: fire and water damage, system failures, insiders, worms, and viruses. Taps are way down the list, so far as we know," Hausken writes in an email.

It's certain that quantum cryptography will continue to advance, due especially to government interest. Both ID Quantique and MagiQ also report seeing interest from the financial community. But Hausken and others doubt whether the concept matters much to the greater commercial world.

He's also a bit leery about whether the technology is really ready for commercialization. After hearing about MagiQ's box last week, he noted that security is an area that's important but still tends to be overhyped.

"Sometimes there are companies that exploit the public's ignorance of a subject for personal gain. It's no different than food supplements or skincare products, I guess. So I'm not saying that anyone is a shyster. Let's call it opportunism," Hausken writes.

— Craig Matsumoto, Senior Editor, Light Reading

neomeso 12/4/2012 | 11:15:36 PM
re: Quantum Crypto Gets a Chance How do they know the transmission was indeed sent using a light signal that provides the "unbreakable" security? In other words, how do they know with absolute certainty that the system is not malfunctioning and actually producing a classical state that can be tapped just when they send the key?

For general discussion, is there more than one scheme? Or do these companies all use the same essential scheme?
vishala 12/4/2012 | 11:15:29 PM
re: Quantum Crypto Gets a Chance The article seems to downplay the the importance of quantum crypto.Why quantum crypto. alone ,quantum computing itself is the future.(miniaturization will lead us to a quantum world..no doubt!).Article was saying security is not that much a big issue.As more and more financial transactions are being done using e-methods these days,u can no way say security is not that much a big problem for commercial world.Again the need to hav a dedicated channel for key exchange-as the article says before long we will be able to sent them in a DWDM channel..

anyway hats off to MagicQ..hope its only a beginning..
whyiswhy 12/4/2012 | 11:15:23 PM
re: Quantum Crypto Gets a Chance Although I agree and understand the common algorithms are robust from the physisists' POV, they presume a lot of physical security and/or metrics for the optical link.

I can tell you without a doubt the link, and thus the key, can be compromised, if that is the only method you use.

The easiest and cheapest way to get secure key exchange is to send parts of the key over different media, via different routes. The final part of the key can go over ordinary email, at whatever BW you like, up to the design limit.

"The" key requires all the parts to work.

So the issue is key design, not link design.

-Why
vermillion 12/4/2012 | 11:14:58 PM
re: Quantum Crypto Gets a Chance neomeso writes:
"How do they know the transmission was indeed sent using a light signal that provides the "unbreakable" security? In other words, how do they know with absolute certainty that the system is not malfunctioning and actually producing a classical state that can be tapped just when they send the key?"

--
One guess would be that they have to sometimes deliberately start with what they assume is a single photon and artificially eavesdrop on the link, ensuring that they always detect that eavesdropping event.

i.e. I guess they have to go for some kind of practical compromises, since I think they may have a commercial receiver that functions as a single photon detector, but I doubt that they have a true single photon source...just an attentuated source that produces less than one photon in the link on a time-averaged basis.

If they work with an average of much less than one photon in the link, and they may simply rely on frequent key changes to diminish the risk due to those very rare random events where 2 or more photons are in the pipe.


-v
vermillion 12/4/2012 | 11:14:58 PM
re: Quantum Crypto Gets a Chance whyiswhy writes:
"Although I agree and understand the common algorithms are robust from the physisists' POV, they presume a lot of physical security and/or metrics for the optical link.


I can tell you without a doubt the link, and thus the key, can be compromised, if that is the only method you use."

WRONG! If they use single photons, then the Heisenberg Uncertainty Principle guarantees that an eavesdropper or other interference would be detected.

So the link can certainly be interrupted, but the point is that the parties exchanging keys know when that occurs and track occurences.

-v
vermillion 12/4/2012 | 11:14:57 PM
re: Quantum Crypto Gets a Chance This saying is getting old on Light Reading, but it is important not to focus too much on the technology, and to look at this from a business perspective.

MagiQ is not selling technology _per_se_.

What these guys are selling is "peace of mind for the ultra-paranoid."

Both the business community and military intelligence/homeland security interests care a lot about information security, risk management, and predictability.

The "ultra-paranoid" have to fear that someone will quietly develop a working quantum computer and put it to work at key cracking, so that computational complexity alone would become ineffective as the basis of encryption.

So the question becomes, isn't $50K or $100K per 100 km a small price to pay in sensitive applications, if that provides insurance against someone quietly developing a quantum computer and cracking your encryption _without_your_knowledge_?

MagiQ doesn't need a mass market to succeed. They can take industry standard components at relatively low cost and build them into a slick quantum key distribution box at a huge mark-up. If they can make it to 1000 units per year, they would have revenues of $50M on a single product, which is fantastic for a start-up.

I predict that they will tap into a rich vein of post- 9/11 paranoia and will make out like bandits!

-v
DarkWriting 12/4/2012 | 11:14:44 PM
re: Quantum Crypto Gets a Chance "Sometimes there are companies that exploit the public's ignorance of a subject for personal gain. It's no different than food supplements or skincare products, I guess. So I'm not saying that anyone is a shyster. Let's call it opportunism," Hausken writes.

This guy is typical of the business sentiment today. Nobody is guilty of committing fraud, they are all just good businessmen. You see this everyday on the business talk shows on CNBC and CNN (Kudlow and Cramer, Wall Street Week). Nobody is culpable per the business community, Wall Street, VCs, Public companies, the government (SEC) etc. The behaviour is pervasive. Expect more Enrons folks. Elliot Spitzer for President!

DW
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE