Canadian company tests its quantum key distribution solution

An Ottawa security company says it has successfully tested its quantum key distribution technology over long distances over the Internet in preparation for the products' commercial launch later this year.

Quantropy Inc. said it has securely sent large amounts of random numbers, called quantum entropy, from Singapore over traditional and high-speed Internet networks at what it believes to be unprecedented speeds.

If seen useful by customers, the test will set the stage for the company to launch its quantum-entropy-as-a-service in the fall.

Briefly, the company said it sent 400,000 32-bit encryption keys at 100 Mbps per second from Ottawa to Edmonton over the Canary High-Speed Research Network.

In a test on the public Internet from Ottawa to Singapore - a distance of 15,000 km - it sent 55,000 keys per second at a speed of at least 14 Mbps.

By comparison, the company said, laboratory tests of traditional quantum key distribution (QKD) technologies saw data speeds of only 10 Mbps (about 39,000 keys per second) over a distance of 20 km.

This is the main reason for the possible arrival of practical quantum computers in five years, said Michael Redding, CTO of Quantropy. Super-fast quantum computers can break existing public key data encryption, which is why experts have been saying for some time that governments and businesses need to be ready with quantum-resistant solutions first.

Redding said that securely encrypting and decrypting data requires strong entropy -- quantum-resistant random numbers.

Eventually, Quantropy will launch a platform called QSpace, a quantum-secure service offering a quantum-resistant solution that works on top of existing AES encryption.

"Today's test was to demonstrate that we can take those random numbers and transfer them to a network quantum-secure at high data rates over any distance," Redding said.

“To show how strong our technology is, we put it into public Internet sites in New York, San Francisco, London, Frankfurt and Singapore and show that we can stream those quantum keys to anywhere in the world.

"So the demonstration was to show that it is universally applicable and available on today's Internet, making it an immediate benefit for any enterprise looking to upgrade its security."

The company will next have a closed beta of its Sequr quantum-entropy-as-a-service with selected partners to validate the technology and build use cases. In the fall it plans to hold an open beta and begin commercial availability of Sequr. Subscribers will also have access to its Qup symmetric encryption library. A masked asymmetric encryption product for PKI (public key) encryption will be released early next year. Redding said that along with Secur, Qup and Musk, Quantropy will offer a full quantum secure cryptographic platform.

He wouldn't say how the Sequr service would be priced, other than whether it would be per endpoint or user like other software embedded encryption libraries.

However, it is not yet clear whether the public or private sector wants entropy as a service.

expert feedback

News of the demonstration didn't affect cybersecurity by Bruce Schneier, a lecturer in public policy at Harvard University's Kennedy School and head of security architecture at InRight, Inc. "What problem does it solve? What does it do that couldn't be done before?"

"Normal key exchange works fine. There isn't one that needs quantum key exchange for anything."

“Our cryptographers have all the math needed for key generation and distribution, and both symmetric and asymmetric cryptography – and much of it as opposed to theoretical quantum computation. Aside from dedicated hardware – quantum key distribution adds nothing – Which makes it impossible to use in anything other than specialized applications. I love physics, but QKD doesn't really solve any of my problems."

They noted that in 2020 the UK's National Cyber Security Center released a white paper on quantum key distribution, explaining that the QKD protocols do not provide authentication, so they are vulnerable to physical man-in-the-middle attacks.

"For this reason, the QKD protocol must be deployed with a cryptographic mechanism that ensures authentication," the paper states. "These cryptographic mechanisms must also be secure against the quantum threat."

The white paper states that QKD is not the only mitigation against the threat of quantum computers. "Work is underway toward standardizing quantum-secure cryptographic algorithms in international standards bodies such as the US National Institute of Standards in Technology (NIST). These algorithms can be applied to today's classical computers, and are part of QKD solutions. Unlike, it does not require dedicated or specialist hardware. Quantum-secure cryptographic algorithms allow two remote parties to agree on a shared secret key with authentication, therefore without the risk of man-in-the-middle attacks.

In response, Redding said that Quantropy agrees that there are significant issues and repetitions in QKD. "It is precisely because we do not believe in the feasibility of QKD that Quantropy has developed an alternative approach to safely distribute quantum entropy over scale and speed.

"The fact is that the demand for strong entropy/true random numbers at all points in modern digital networks/applications is strong and increasing. A large body of academic research maintains that strong entropy (formatted in cryptographic keys) is one of the reasons There is an existing threat. Improving the performance of existing cryptographic algorithms (except for future quantum threats). Significant additional work demonstrates the weakness of many "local" system random number generators. We showed that no specific network (public or private) On any specific network (public or private) with strong entropy (better than "measurable" with "true randomness") without the need for foreign-connected QKD devices.

“So by showing that our platform can be functionally labeled as “digital QKD” (to refer to current industry topics), we can actually enable modern systems and applications to be as important as hardware-based QKD. Want to provide the material. 't (so far) - as Bruce absolutely rightly points out."