April 13, 2019 at 12:03Quantum communications at ITMO University - a project of unbreakable data transfer systems
The Quantum Communications enterprise is creating encryption key distribution systems. Their main feature is the impossibility of “wiretapping”. Rama / Wikimedia / CC BY-SA
Data is considered protected if its decryption time significantly exceeds the “expiration date”. Today it is becoming more difficult to fulfill this condition - the development of supercomputers is to blame. A few years ago, a cluster of 80 Pentium 4-based computers “mastered” ( p. 6 in the article ) 1024-bit RSA encryption in just 104 hours.
On a supercomputer, this time will be significantly shorter, but one of the solutions to the problem may be an “absolutely strong cipher,” the concept of which was proposed by Shannon. In such systems, keys are generated for each message, which increases the risk of their interception.
Here, a new type of communication line will come to the rescue - quantum networks that transmit data (cryptographic keys) using single photons. When you try to intercept the signal, these photons are destroyed, which serves as a sign of an invasion of the channel. Such a data transfer system is created by the ITMO University's small innovative enterprise, Quantum Communications. At the helm are Arthur Glaim, head of the quantum informatics laboratory, and Sergey Kozlov, director of the International Institute of Photonics and Optoinformatics.
It is based on the method of quantum communication at side frequencies. Its peculiarity is that single photons are not emitted directly by the source. They are carried to the side frequencies as a result of phase modulation of classical pulses. The interval between the carrier frequency and sub-frequencies is approximately 10–20 pm. This approach allows you to broadcast a quantum signal at 200 meters at a speed of 400 Mbit / s.
It works as follows: a special laser generates a pulse with a wavelength of 1550 nm and sends it to the electro-optical phase modulator. After modulation, two side frequencies appear, which differ from the carrier by the value of the modulating radio signal.
Further, using phase shifts, the signal is bit-coded and transmitted to the receiving side. When it reaches the receiver, the spectral filter emits a side-frequency signal (using a photon detector), performs repeated phase modulation and decrypts the data.
The information necessary to establish a secure connection is exchanged over an open channel. A raw key is generated simultaneously in the transmitting and receiving modules. An error rate is calculated for it, which shows whether there was an attempt to wiretap the network. If everything is in order, then the errors are corrected, and a secret cryptographic key is generated in the transmitting and receiving modules.
PxHere / PD
Despite the theoretical “cracking” of quantum networks, so far they are not an absolute cryptographic defense. Equipment has a major impact on safety. A few years ago, a group of engineers from the University of Waterloo discovered a vulnerability that could intercept data in a quantum network. It was associated with the possibility of "blind" photodetector. If you direct bright light to the detector, it becomes saturated and stops registering photons. Then, changing the light intensity, you can control the sensor and deceive the system.
To solve this problem, you will have to change the principles of the receivers. There is already a circuit of protected equipment that is insensitive to attacks on detectors - it simply does not have these detectors. But such solutions increase the cost of introducing quantum systems and have not yet gone beyond the laboratory.
More and more domestic companies are showing interest in quantum solutions. Only Quantum Communications LLC supplies customers with five data transmission systems annually. One set of equipment, depending on the range (from 10 to 200 km), costs 10-12 million rubles. The price is comparable to foreign counterparts with more modest operating parameters.
This year, Quantum Communications received an investment of one hundred million rubles. This money will help the company bring the product to the international market. Some of them will go to the development of third-party projects. In particular, the creation of quantum control systems for distributed data centers. The team relies on modular systems that can integrate into existing IT infrastructure.
In the future, quantum data transmission systems will become the basis of a new type of infrastructure. SDN networks will appear that use quantum key distribution systems paired with traditional encryption to protect data.
Mathematical cryptography will continue to be used to protect information with a limited period of confidentiality, and quantum methods will find their niche in areas where more robust data protection is required.
In our blog on Habré:
Why are quantum networks involved
Data is considered protected if its decryption time significantly exceeds the “expiration date”. Today it is becoming more difficult to fulfill this condition - the development of supercomputers is to blame. A few years ago, a cluster of 80 Pentium 4-based computers “mastered” ( p. 6 in the article ) 1024-bit RSA encryption in just 104 hours.
On a supercomputer, this time will be significantly shorter, but one of the solutions to the problem may be an “absolutely strong cipher,” the concept of which was proposed by Shannon. In such systems, keys are generated for each message, which increases the risk of their interception.
Here, a new type of communication line will come to the rescue - quantum networks that transmit data (cryptographic keys) using single photons. When you try to intercept the signal, these photons are destroyed, which serves as a sign of an invasion of the channel. Such a data transfer system is created by the ITMO University's small innovative enterprise, Quantum Communications. At the helm are Arthur Glaim, head of the quantum informatics laboratory, and Sergey Kozlov, director of the International Institute of Photonics and Optoinformatics.
How technology works
It is based on the method of quantum communication at side frequencies. Its peculiarity is that single photons are not emitted directly by the source. They are carried to the side frequencies as a result of phase modulation of classical pulses. The interval between the carrier frequency and sub-frequencies is approximately 10–20 pm. This approach allows you to broadcast a quantum signal at 200 meters at a speed of 400 Mbit / s.
It works as follows: a special laser generates a pulse with a wavelength of 1550 nm and sends it to the electro-optical phase modulator. After modulation, two side frequencies appear, which differ from the carrier by the value of the modulating radio signal.
Further, using phase shifts, the signal is bit-coded and transmitted to the receiving side. When it reaches the receiver, the spectral filter emits a side-frequency signal (using a photon detector), performs repeated phase modulation and decrypts the data.
The information necessary to establish a secure connection is exchanged over an open channel. A raw key is generated simultaneously in the transmitting and receiving modules. An error rate is calculated for it, which shows whether there was an attempt to wiretap the network. If everything is in order, then the errors are corrected, and a secret cryptographic key is generated in the transmitting and receiving modules.
PxHere / PD
What remains to be done
Despite the theoretical “cracking” of quantum networks, so far they are not an absolute cryptographic defense. Equipment has a major impact on safety. A few years ago, a group of engineers from the University of Waterloo discovered a vulnerability that could intercept data in a quantum network. It was associated with the possibility of "blind" photodetector. If you direct bright light to the detector, it becomes saturated and stops registering photons. Then, changing the light intensity, you can control the sensor and deceive the system.
To solve this problem, you will have to change the principles of the receivers. There is already a circuit of protected equipment that is insensitive to attacks on detectors - it simply does not have these detectors. But such solutions increase the cost of introducing quantum systems and have not yet gone beyond the laboratory.
“Our team also works in this direction. We work with Canadian specialists and other foreign and Russian groups. If you manage to close the vulnerabilities at the iron level, then quantum networks will become widespread and become a testing ground for developing new technologies, ”says Arthur Glame.
Prospects
More and more domestic companies are showing interest in quantum solutions. Only Quantum Communications LLC supplies customers with five data transmission systems annually. One set of equipment, depending on the range (from 10 to 200 km), costs 10-12 million rubles. The price is comparable to foreign counterparts with more modest operating parameters.
This year, Quantum Communications received an investment of one hundred million rubles. This money will help the company bring the product to the international market. Some of them will go to the development of third-party projects. In particular, the creation of quantum control systems for distributed data centers. The team relies on modular systems that can integrate into existing IT infrastructure.
In the future, quantum data transmission systems will become the basis of a new type of infrastructure. SDN networks will appear that use quantum key distribution systems paired with traditional encryption to protect data.
Mathematical cryptography will continue to be used to protect information with a limited period of confidentiality, and quantum methods will find their niche in areas where more robust data protection is required.
In our blog on Habré: