Cybersecurity
Q-day – the day that quantum computers will be used to break the encryption standards currently in use – seems to loom closer and closer, and countries worldwide are gearing up, Luxembourg included. Several groups of researchers at SnT are currently working on a range of quantum communication infrastructure (QCI) projects to support the Grand Duchy in protecting governmental and business data, with e-government and secure data centre interconnectivity being just two of the primary fields of application for these technologies.
Among the many projects underway at SnT, our researchers are tackling the two sides of the coin when it comes to cybersecurity preparedness: building a quantum communication infrastructure to allow quantum key distribution (QKD), and quantum-resistant cryptographic algorithms (so-called post-quantum cryptography), as well as the combination of these.
QKD allows users to swap keys and therefore securely exchange encrypted information. This kind of exchange is much safer compared to the one currently in use, because any interventions of a third party trying to read or measure the quantum key will affect the physical properties of the key itself, thus introducing detectable interferences.
This technology is based on the transmission of quantum keys through highly advanced distribution nodes, connected to one another with fibre optic, a material suited to transmit the unstable information units known as quantum bits (qubits). But fibre optic is not a perfect solution either, as qubits tend to degrade over distance. For this reason, multiple nodes are necessary to allow QKD to travel – essentially creating a new network for qubits.
This is the goal of the Luxembourg Experimental Network for Quantum Communication Infrastructure (Lux4QCI) project, launched by a consortium of seven partners that SnT, represented by Prof. Symeon Chatzinotas, is leading as coordinator. On SnT’s side, the project involves the Signal Processing and Communications (SIGCOM), as well as the Applied Security and Information Assurance (APSIA) research groups. The other partners are Luxembourg’s Ministry of State, SES, LuxConnect, iTrust Consulting, InCert G.I.E., as well as Greece’s National Infrastructure for Research and Technology as associated partner.
The project, which will last 30 months, was co-funded by the Digital Europe Programme (DIGITAL). Through its EuroQCI initiative, the programme aims to build an EU-wide QCI by connecting national infrastructures with each other. “Due to its geographical position and its prominent financial sector, Luxembourg is ideally placed to become a hub for QKD,” said Dr. Wallace Alves Martins, research scientist at SnT and Technical Manager of Lux4QCI.
In addition to Lux4QCI, SnT’s APSIA research group joined forces with RHEA System Luxembourg, POST Luxembourg, HITEC Luxembourg, evolutionQ Inc. and SpeQtral Pte Ltd. on the End-to-End International Use Cases for Operational QKD Applications and Services (INT-UQKD) project.
“In practice, the world will likely need a mixture of QKD and post-quantum cryptography in the future, because quantum-enabled components are likely to remain very expensive for a long time to come."
Prof. Peter Ryan, SnT Tweet
Launched in September 2022, INT-UQKD is a 36-month initiative led by RHEA System Luxembourg and funded by ESA’s ARTES programme and Singapore’s Office for Space Technology & Industry. The project aims to develop and demonstrate end-to-end QKD systems to secure international communications between Luxembourg, Belgium, Singapore, Canada, and the UK. To overcome the problem of the signal degradation over these large distances, INT-UQKD will rely on hybrid satellite-terrestrial networks – essentially enabling fibre optic and satellite-based QKD (by using the satellite SpeQtral-1, due to be launched in 2024).
In particular, the main task of the APSIA group is to use the keys derived from the QKD process to establish secure communications between two geographically separated users. For this purpose, the team is working on a software solution that supports quantum-resistant cryptographic algorithms, providing encryption, authentication, and integrity verification mechanisms. So far, this has usually been done with dedicated (and expensive) hardware. With this new solution, all the users will need to do is to download the software, and they will be able to connect to QKD infrastructure and use it for their communications, without having to use specific hardware on their end. This constitutes a much more flexible solution to deploy, and experiment with various crypto primitives and protocols.
Our researchers are tackling the two sides of the coin when it comes to cybersecurity preparedness: building a quantum communication infrastructure to allow quantum key distribution, and quantum-resistant cryptographic algorithms.
In a second phase, the APSIA group aims to integrate post-quantum cryptographic algorithms in their software solution. These are similar in concept to the algorithms currently in use, with the difference that their security is based on mathematical problems that are invulnerable to attack using Shor’s algorithm. This means that even quantum computers would take a large amount of time to crack them, making attacks unfeasible.
“In practice, the world will likely need a mixture of QKD and post-quantum cryptography in the future, because quantum-enabled components are likely to remain very expensive for a long time to come. And in any case, QKD alone will not secure the internet against the quantum threat,” said Prof. Peter Ryan, head of the APSIA research group. “Combining the two in effective ways is a novel and interesting research direction that we plan to explore in INT-UQKD and in future projects,” concluded Prof. Ryan.