Mar 16, 2015
Your data may be encrypted, but is it really safe?
That’s the question every organisation – whether public or private, local or international – must ask itself. As the threat of quantum computing looms large, data security has become a question of timing. Although the development of a quantum computer is unlikely to make a breakthrough in the next couple of years, the general industry consensus is that the first working model will be operational within a decade. This means that any data your organisation has, that is still going to be sensitive, mission critical or highly secret in ten to fifteen years’ time is currently at risk.
Essentially, without quantum-safe encryption, everything that has been transmitted, or will ever be transmitted over a network is vulnerable to eavesdropping and public disclosure. This will strike fear into the heart of any organisation – so it is somewhat surprising to note that quantum encryption is not yet commonly used.
Moving Towards Quantum-Safe Practices
Current security standards omit any mention of quantum encryption though this is likely to change in the future, with many members of the European Telecommunications Standards Institute (ETSI) working as suppliers of post-quantum cryptography.
That said, we’re starting to see a real push towards quantum-safe practices. On an international level China is perhaps the most advanced, having announced plans to complete the world’s longest quantum communication network by 2016. Stretching over 2,000km, the network is considered ‘unhackable’ and will be used by the central government, the military and critical institutions such as banks. China has also revealed plans to extend to network worldwide by 2030.
China is by no means first off the mark. Back in 2004, DARPA finalised its 10-node distribution network while SECOQC, an EU funded network, was constructed in Vienna in 2008.
Currently, the skill base of quantum encryption is still small and there are only a few companies which can offer commercial Quantum Key Distribution (QKD) technology (though many more businesses are currently investing in active research programmes). At Atos we’re still expanding our own skill set, working closely with ID Quantique (IDQ), a world leader in quantum-safe crypto systems, based in Geneva. Together with IDQ, Atos has run a pilot QKD network between The Hague and Zoetermeer, which ran successfully over several months, proving the capacities of the QKD technology.
Relying on rare skills and cutting edge technology, getting access to the right experts is a barrier for commercial enterprises wishing to use quantum-safe encryption. However, as the clock ticks down to the development of quantum computing it’s likely that we’ll see quantum risk assessments becoming a more common security practice.
To find out more about the basics of quantum encryptions, read more here.