Securing the Future of a Digital Society: Achieving Secure Transfer of Sensitive Data Between Remote Facilities on a Single Fiber
2021/04/20 Toshiba Clip Team
- What is QKD and why is it essential for the quantum economy?
- Multiplexing - taking QKD mainstream
- UK’s first industrial deployment of a quantum-secure network
As with all emerging technology, the transition from lab to commercial adoption requires successful navigation through many critical phases, and perhaps the most critical is testing and trials with commercial partners and in live environments. This article reviews the need for Toshiba QKD, and showcases a commercial adoption of the technology on a live network in the UK, demonstrating the technology is now ready for commercial adoption.
Secure and reliable encryption is the certainty on which today’s digital economy runs, a dependence as vast as it is easy to under-estimate. Encryption systems such as RSA public key encryption (PKE), are essential to the web, ecommerce, and the secure transfer and storage of vast quantities of sensitive business and personal data, and yet the underlying security of this infrastructure is often taken for granted. Now, for the first time, the security of PKE is threatened by an axis of two emerging forces: well-resourced cybercriminals motivated to steal private data and the disturbing possibility they might soon be aided in this by the emerging technology of quantum computing.
After decades of stability, the idea of a world in which encryption security is broken or degraded might appear far-fetched, but this is now a real possibility. For many years, universal quantum computers were purely hypothetical devices. In the last 20 years, this has changed with the appearance of the first, simple qubit-based systems, which have since rapidly evolved into more advanced devices that look capable of solving mathematical problems beyond the capability of classical computers.
Unhelpfully, this combination of bad intentions and a new technological capability arrives at a time when the volume of data moving across networks is being accelerated by the expansion of 5G mobile traffic, as well as Internet of Things (IoT) and machine-to-machine (M2M) communication. To put this in perspective, Cisco estimates that by 2021 mobile traffic alone is expected to be 122 times greater than it was in 2011. A growing proportion of this is classed as sensitive by its business owners.
Quantum computers, of course, threaten not only data as it is being transmitted today but the huge quantity that has already been stored in encrypted form stretching back into the history of computing. While this data is secure today there is nothing to stop an attacker downloading it in its encrypted form and waiting for a quantum computer to appear, a version of the download now, decrypt later harvesting attack. Countering this possibility is not only a technical challenge but a commercial and regulatory imperative. Without secure encryption, the private communication assumed today will start to erode, profoundly damaging digital commerce and, through that, entire economies.
Quantum key distribution (QKD)
Toshiba’s Quantum Key Distribution System
Quantum cryptography, implemented through quantum key distribution (QKD), offers a route out of this impasse. Unlike conventional public key encryption, whose security depends on the inability of classical computers to solve complex mathematical problems within a practical timeframe, QKD’s security is guaranteed by fundamental and unavoidable physical laws. Combined with quantum resistant algorithms, this means that QKD is not only secure from today’s eavesdropping attacks but all future ones as well.
QKD works by securely distributing encryption keys between two communicating parties so that any attempted interception generates errors that are impossible to hide.
Pioneering technology and unparalleled expertise developed over nearly two decades of research
Toshiba has been a pioneer of QKD for nearly 30 years, achieving a series of world firsts and public demonstrations that have transformed the technology from promising proof-of-concept to full commercial deployment. The research effort began with the establishment of the Cambridge Research Laboratories in the early 1990s followed in the year 2000 by the development of a key component on which the technology rests, the single photon detector. In 2004, Toshiba carried out the world’s first demonstration of QKD over a 100km fibre connection, followed in 2008, by a world record key rate of 1Mb/s at 20km. Today, Toshiba’s QKD has since reached a record key rate of 13.7Mb/s over 10km. Maximum distances have been demonstrated up to 240km, or 500km using a new technology, Twin-Field QKD, which makes possible secure communication between cities. In 2019, Toshiba joined the EU-funded OpenQKD project as a technology partner to create a QKD testbed connecting cities including Vienna, Berlin, Madrid, Poznan, Cambridge, and Graz.
Multiplexing – taking QKD mainstream
After decades of research and development, the arrival of Toshiba’s multiplexed QKD represents a milestone for QKD. At a stroke, it allows QKD to be implemented on data carrying fibre, and thereby greatly reduces the cost of deployment, making the technology commercially competitive in standard carrier networks. To date, QKD has been a technology that delivers high levels of certainty about secure key exchange; with multiplexing, for the first time that certainty becomes commercially accessible for organisations as a simple carrier service.
Conventional QKD systems have the drawback of requiring separate fibre channels for key distribution and data which makes them more expensive to implement using dark fibre. For that reason, Toshiba has developed a wavelength division multiplexing (WDM) appliance in which the quantum and classical data channels can share the same lit fibre on the O-band (quantum signal) and the C-band (data traffic) over a distance up to 70km, and with a key rate in excess of 40kb/s for 10 dB loss.
Making multiplexed QKD practical in unstable real-world networks has required major advances in technology to compensate for signal interference and loss, particularly as data throughputs and signal-to-noise levels increase. The laser signals used on the classical channel are over ten million times stronger and brighter than those on the quantum channel, necessitating the development of proprietary filtering to make separation of signals possible without unacceptable error rates. Additionally, Toshiba employs active stabilisation technology to automatically monitor and compensate for miniscule variations in the fibre’s temperature or physical length that might otherwise introduce errors and reduce bit rates. Data rates of several Tb/s are now possible along with QKD in this WFM mode.
The quantum-ready economy
In 2020, the British Government announced the creation of the National Quantum Computing Centre (NQCC), part of an investment programme that included £10 million funding for the country’s first commercial quantum computer designed to test new algorithms and applications as part of a plan to make the country a “quantum-ready economy.” Similar investment is happening across the world, including in the US and China, developments which underline the strides being made towards an economy underwritten by advances in quantum technology. It is not yet a world today’s network engineers are familiar with, but it is not completely alien. In QKD, the first stage of the quantum era is already available to use.
Achieving secure transfer of sensitive data between remote industrial production facilities on a single fiber
Toshiba, in partnership with BT, have successfully implemented the UK’s first industrial deployment of a quantum-secure network, transmitting between the National Composites Centre (NCC) in Bristol, the UK’s world-leading composite research and development facility, and the Centre for Modelling & Simulation (CFMS), a not-for-profit research organisation that pioneers new digital engineering capabilities.
UK’s first industrial deployment of a quantum-secure network
The network demonstrates how Quantum Key Distribution (QKD) can be used to secure data traffic between key industrial sites where security is of paramount importance.
The technology solution is being used to replace a ‘manual’ approach of physically transporting sensitive data on portable storage devices between the NCC and CFMS sites in Emerson’s Green and Filton in North Bristol, as well as at the University of Bristol, thereby saving time and enhancing the security of critical data. Instead of physically transmitting the data, it is now transferred at high-speed over 7km of fibre optic cable, along which the encryption keys are also transmitted as a stream of single ‘encoded’ photons.
Innovative multiplexing technology allows the data and the quantum keys to be transmitted on the same fibre, eliminating the need for costly dedicated infrastructure for key distribution.
Using standard Openreach fibre, Toshiba’s QKD system enables the distribution of 1000s of cryptographic keys per second. Its innovative multiplexing compatibility allows the data and the quantum keys to be transmitted on the same fibre, eliminating the need for costly dedicated infrastructure for key distribution.
The network also benefits from Toshiba’s Active Stabilisation technology, which allows the system to distribute key material continuously, in even the most challenging operating conditions, without any user intervention. This avoids the need for recalibration of the system due to temperature-induced changes in the fibre lengths.
Significant milestone as the UK moves towards a quantum-ready economy
Across the UK, and indeed globally, modern enterprises are making investments in digital transformation a priority to evolve the way their facilities and assets perform. As this digital transformation continues at an exponential rate, and the supply chain for design and production becomes smarter and more widely distributed, securing the transmission of data between sites has become critical to protecting sensitive design and product data.
Enabling higher levels of collaborative access for the distributed supply chain, QKD will unlock the potential for IIoT (Industrial Internet of Things) where ultra-secure transmission and sharing of data is crucial.
Sharing data securely using QKD has become an essential commercial consideration for business.
“We are delighted to be working with BT and Toshiba, participating in this pioneering deployment” said Marc Funnell, Director of Digital & DETI at the NCC. “Quantum is pushing us to think differently about how we secure our data. Ultra-secure and reliable connectivity is a key DETI enabler to accelerating digital engineering transformation for UK industry. Future plans will see us extend and expand the reach and scope, integrating with our 5G test bed at the NCC and across our DETI consortium partners.”
Nathan Harper, Head of CFMS Engineering Compute Services, said: “The project demonstrated how QKD can be used in real-world situations. Digital engineering offers significant benefits across a range of industry sectors, but these can only be achieved if large amounts of digital data can be shared securely. Quantum computing has the potential to undermine current IT encryption methods, but this project demonstrates that QKD is ready for commercial use and we can continue to share sensitive data across public networks.”
Andrew Shields, Head of Toshiba’s Quantum Technology Group in the UK said – “Working with the NCC, CFMS and BT has enabled us to demonstrate our secure quantum communication technology within smart manufacturing applications. By multiplexing the quantum signals on ordinary data carrying fibres, we were able to integrate QKD with a standard BT fibre product, demonstrating that QKD is now ready to be deployed without expensive, dedicated infrastructure”.
It is expected that quantum computing will play a key role in the transformation of the UK’s economy in a post-Brexit world, with the potential to have an instrumental impact in the future of connected smart factories and Industry 4.0.
*This section contains links to websites operated by companies and organizations other than Toshiba Corporation.
Quantum Key Distribution | TOSHIBA DIGITAL SOLUTIONS CORPORATION
NCC | Composites and Engineering | National Composites Centre