Ensuring Long-Term-Secure Government and Medical Communications with QKD
- ‘Harvest now, decrypt later’ attacks mean that even data sent today is vulnerable to future quantum computing attack
- Toshiba QKD technology has recently been deployed to protect critical confidential data in hospitals and government ministries in Austria
- High-performance key generation rates were demonstrated with QKD seamlessly integrated into existing networks
Quantum key distribution (QKD) technology is currently being deployed across the world to protect against the emerging threat of quantum computers. This is timely as even though large-scale quantum computers are still under development, classically encrypted data transmitted now is vulnerable to ‘harvest now, decrypt later’ attacks. This is particularly pertinent for the most confidential forms of data, such as government communications and medical records, as illustrated by Mosca’s Theorem.
Mosca’s Theorem
Renowned scientist Michele Mosca proposed a simple expression, (X + Y) > Z, to highlight when urgent action is needed to protect against the threat of quantum attacks (Figure 1). Put into words, X is the required confidentiality lifetime of the data (i.e. how long must it be kept secure), Y is the amount of time it will take to upgrade an organisation’s infrastructure to become quantum-safe and Z is the length of time it will take for a large-scale quantum computer to be built. Clearly, if (X + Y) > Z is true for your data & organization, there is a problem as it indicates that future attackers can collect, then later decrypt, data while it still needs to be kept secure.
In practice, the quantity Z is challenging to estimate, but with rapid progress being reported in the field of quantum computing, organisations that handle confidential data (i.e. with large X) cannot simply watch and wait. Quantum-secure communication must be given consideration now.
Figure 1 – Visualisation of Mosca’s Theorem
Securing Medical Data with QKD
Medical records are one of the most confidential forms of information about an individual and organisations handling such data are required by law to ensure its long-term protection. At the same time, this data is also one of the most valuable targets for attackers. To demonstrate a solution, Toshiba recently deployed QKD to a secure medical back-up use case, alongside partners in Graz (Austria) as part of the European OpenQKD project, led by the Austrian Institute of Technology (AIT)1.
Figure 2 – Schematic of Graz medical data sharing network
The network2 comprised two medical sites, one at the Medical University of Graz (MUG) and the other at the Institute of Pathology at University Hospital Graz (LKH). Large datasets including images relating to lung cancer studies were generated at the medical sites and needed to be shared and backed up to off-site datacentres (Figure 2). Toshiba’s QKD solution was deployed to generate provably secure keys for data encryption, which were used by ADVA encryptors to generate 10G encrypted streams between sites. The fibre links in the network were up to 20 km long, i.e. typical metropolitan network length scales, and Toshiba’s QKD systems generated secure bit rates exceeding 2 Mbit/s – enabling regular encryptor key refresh for optimal security.
For enhanced protection, the use case also employed Secret Sharing using data sharding technology from Fragmentix GmbH. The confidential image files were split into fragments and shared between the off-site back-up locations, so that even if a site was physically compromised, the data would still remain unreadable (since an attacker would only have one shard which cannot be read in isolation). This demonstrates the integration of QKD with other cryptosystems, offering a new approach to provable security for data in transit and at rest.
QKD in Government
Another communications use case where long-term data privacy is paramount is in Government. Data transmitted between Government ministries can concern national security and other highly sensitive topics, and thus requires decades-long protection. Unfortunately, such data is also a key target for attackers.
Toshiba deployed QKD hardware to the Vienna QKD Network in Austria3, built under the auspices of the OpenQKD project, to demonstrate how quantum communication can meet this data security challenge. Toshiba’s QKD platform operated on two links in the network, connecting the Vienna Internet eXchange (VIX) to AIT and the Federal Ministry for Climate Action, Environment, Energy, Mobility, Innovation and Technology (Figure 3). The fibre link to the Ministry exceeded 16 dB loss (>33 km) but Toshiba’s QKD system was still available to generate keys with secure bit rates in excess of 100 kbit/s. Deploying new quantum technologies to government-controlled locations, here and more broadly, is a noteworthy step. Many governments, particularly in Europe, have been funding quantum communications research for over a decade. Now, the outcomes of this are offering significant benefits. While a certification process will be required for certain applications, it is worth noting that QKD technology is also heading along this path, for example with the recent publication of the ETSI Protection Profile4, to which Toshiba was a contributor.
Figure 3 – Schematic of QKD deployment in Vienna
Conclusion
Any organisation that handles confidential information needs to carefully consider the emerging quantum computing threat now, particularly in light of harvest now, decrypt later attacks and Mosca’s theorem. Medical data and Government communications are two such examples with the longest required confidential lifetime, yet we have demonstrated in practical use cases how QKD can be deployed seamlessly into existing hospital and government ministry networks. QKD is thus a robust and production-ready solution against the quantum threat.
References
2 Zatoukal et al., “OpenQKD Use-case for Securing Sensitive Medical Data at rest and in transit,” EQEC:2021, EB.1.4
3 Huebel et al, “Deployed QKD Networks in Europe,” OFC:2023, W4K.1