Quantum encryption enters product phase

PORTLAND, Ore. — Network security systems that rely on the laws of quantum mechanics to create hack-proof networks are arriving in the form of practical products that are easily integrated into optical networks.

At the Infosecurity Europe 2005 trade show in London, id Quantique SA (Geneva) announced a turnkey quantum encryption system enabling hack-proof secure bridges between two Fast Ethernet (IEEE 802.3u) networks up to 100 kilometers apart. The move followed a March announcement by MagiQ Technologies Inc. (New York), which rolled a rework of its Quantum Private Network (QPN) 5505 system. The QPN 7505 incorporates Cavium Networks' Nitrox data encryption processors.

The id Quantique product is "the first quantum cryptography system designed for network engineers and not for physicists," said CEO Gregoire Ribordy.

For its part, MagiQ wanted to introduce quantum encryption systems that would be easy for network designers to implement while improving the cost/performance ratio of the systems.

"During trials and deployment of our QPN 5505, we received some excellent feedback from our enterprise and classified installations that helped us improve the speed, usability and integration ease of the product," CEO Bob Gelfond of MagiQ said in a prepared statement.

The revamped system produces and distributes public keys in real-time. Use of the Nitrox encryption processors makes it possible to implement a virtual private network using standard IPsec protocols and an unhackable key distribution system, according to the company.

MagiQ has also introduced a quantum encryption test bed so network engineers can implement their own designs based on quantum crypto.

Whereas conventional crypto methods are only as good as the length of their key, quantum encryption eliminates the possibility of eavesdropping. In the conventional methods, a 56-bit key (or a 256-bit key in the case of the Advanced Encryption Standard) scrambles data with a one-way function (such as, "Multiply two large prime numbers"). Encryption is a simple operation for a computer, but going backward (such as from a large number to finding its prime factors) is very difficult for computers unless you have the key.

Secret keys for one-time functions let only the receiver decrypt the scrambled bits, but in practice even the most secret key can be found by a supercomputer using trial and error. In contrast, quantum cryptography is secure no matter how fast a hacker's computer is because the technique harnesses the laws of physics to guarantee security.

In quantum crypto, different quantum states (such as polarization) of individual photons are used to represent ones and zeroes with a specified probability distribution. A hacker who tapped into an encrypted photon would alter that distribution, alerting the receiver that an observation of the key had taken place. Quantum-key distribution (QKD) offers a level of security that would not be possible for AES unless a new AES key, of the same length as the data to be transmitted, were made for each transmission.