Quantum Questions and Answers
This Q&A section provides answers to the most frequently asked questions that we hear on Quantum Technology. We hope that this is useful to you. If you have a question and you don’t see it, you can submit it at the bottom of this page.
Nobody knows when a general-purpose quantum computer of sufficient scale to threaten our security will be available. Guesses range from a few years to many years, but it’s thought we should plan for ten years. That means we should expect the total breakdown of all currently used key exchange systems within a decade, and need to put in place a strategy early enough that will allow us to implement quantum resilient in time to protect sensitive data for its full security life. For many applications where data remains sensitive for five or more years, the time to act is really now.
- Use full-entropy random numbers for all cryptographic purposes. These are necessary for all quantum-safe cryptography.
- Use longer keys for symmetric encryption: these will need to be at least twice as long as those used today, to allow similar protection.
- Ensure your key managers are crypto-agile, i.e. able to work with longer keys and new quantum resistant algorithms.
- Explore key exchange solutions such as quantum key-distribution (QKD) and keep abreast of NIST’s selections of new quantum-resistant encryption algorithms (QRA).
- Use secure links between key management nodes, protected by QKD and/or quantum resistant algorithms.
NIST is currently managing a program to evaluate the best protocols with the aim of publishing standards on this topic. These standards are expected to be presented in a draft form by 2022.
- Pseudo-random number generator (PRNG): uses algorithms to produce random results, often from short randomization seeds. Their generators are capable of high throughputs, but attackers can derive the random number from knowledge of the seed.
- Hardware/true random number generator (TRNG): measures a physical phenomenon expected to be random. Even though it can deliver high quality random, the rate is usually limited, resulting in entropy starvation that will impact performance, security, or both.
- Hybrid random number generator: uses both hardware and software derived randomness depending on the read rate needed and has similar qualities to the PRNG at high throughputs.
- Quantum random number generators (QRNG): measure true random directly from a quantum effect. It delivers full entropy and can do so at very high throughput. No seed is needed. QuintessenceLabs QRNG, qStream, delivers 100% entropy at 1 Gbit/s.
The strength of your encryption relies on the strength of the encryption keys. Weak (predictable) keys will allow attackers to easily break the algorithm behind them and access your “encrypted” data. With the increase in computing power, being quantum-safe means protecting your data with keys that are full entropy from a non-deterministic source of true randomness. An example would be the true random numbers generated from our quantum number generator, qStream.
Cybersecurity relies on several industry-standard encryption algorithms such as RSA and ECC for exchanging keys and AES for encrypting the data itself. Since each is secured using different mathematical approaches, not all of them will remain secure in a quantum world. For example, integer factorization (RSA), discrete logarithm (DH, and DSA), and elliptic curve (ECC) will no longer be safe, as quantum computers will be able to break the type of math used to secure them. Post-quantum algorithms, on the other hand, use mathematical structures such as lattices and isogenies that, to the best of our knowledge, are resistant to quantum attacks.
Quantum computers are very different to traditional computers. For example, they use quantum bits, or qubits, which can represent a “0” and a “1” simultaneously. Their processing power increases exponentially with the number of these qubits, which is one reason why they are able to solve the mathematically complex problems on which some of our security system are based, in a fraction of the time that is required today. The math behind asymmetric encryption is one example.
- Discrete Variable QKD: this is the most common and oldest protocol (BB84 or EK91 protocol) and is originally based on the transmission of information encoded on the physical properties of a single photon. The generation of a true single photon source is both difficult and resource intensive.
- Continuous Variable QKD: with this next generation QKD approach, information is encoded onto the amplitude and phase quadrature of a bright coherent laser and is neither limited by single-photon generation nor single-photon detection techniques. Because of this, standard optical network components can be leveraged, reducing the costs considerably.
Quantum Key Distribution is a secure way of sharing encryption keys between parties using properties of quantum mechanics. If an eavesdropper intercepts a quantum signal, the content of that signal will be modified enabling the detection of the third party’s presence and allowing the key to be discarded.
QuintessenceLabs is at the forefront of quantum cybersecurity, providing the strongest data protection to keep your information safe against today’s and tomorrow’s threats. Our capabilities extend from quantum key generation, crypto-agile key management through to quantum key distribution, helping you build a quantum safe future for your organization.
If you have a question and didn’t see it above, you can submit it here: