Quantum physics is likely to protect US electrical networks from hackers

Cybersecurity experts have been sounding the alarm for years : hackers are eyeing the US power grid. And this threat is not hypothetical - a group of people allegedly connected with the Russian government got remote access to the computers of energy companies - at least as reported by the Ministry of Internal Security last March. In some cases, hackers can even directly send commands to equipment, that is, turn off the electricity in the homes of consumers. To protect themselves from hackers, power plants need better security.

One group of physicists believes they have found a means: power plants with quantum encryption.

They tested this idea in February, sending several SUVs clogged with lasers, electronics, and very sensitive detectors from Oak Ridge National Laboratory to Chattanooga . After driving 150 km, they stopped at the station EPB, a local company providing access to electricity, and connected the cars to one of the unused optical cables. For a week they shone infrared light into a cable closed in a loop 40 km long, and monitored the properties of the light propagating back and forth. During the demonstration, they demonstrated how two different quantum encryption systems can be integrated into an existing grid infrastructure. “We hope to show that this concept can be implemented today,” says physicist Nick Peters of the Oak Ridge Laboratory.

Using this equipment, they successfully sent and received sets of numbers that made up the key using the quantum key distribution protocol, QKD, ensuring that no one faked them. QKD provides data security using strange rules of quantum mechanics. It works like this: the sender sends individual infrared photons with different orientations - i.e. polarization - corresponding to zeros or ones. The receiver measures these orientations. Then the sender and receiver compare some numbers. In quantum mechanics, when measuring the polarization of a photon, you instantly change its state. If a hacker tries to intercept photons, he will introduce a characteristic statistical error into the numbers, and you will find out that the connection was not secure. “QKD gives you confidence that the key has not been changed since it was sent,”

If the statistics are OK, the sender and receiver can use these keys to encrypt the message. “Everything is based on trust in physics,” Peters says. This is very different from conventional encryption methods that guarantee security, provided that modern computers are not fast enough to decrypt keys in a reasonable amount of time. The Peters group believes that the energy company can use quantum encrypted data to communicate with equipment. In order to intercept or change the data stream with quantum encryption, you have to break the laws of quantum mechanics.

This approach, of course, has technical difficulties. One of them is the real state of energy networks. This is a mess of transformers, relays and all kinds of parts installed over many years, and pulling on all this new technology will be difficult. “You can't just turn off the electricity,” said Tom Venhouse, a physicist at the Los Alamos National Laboratory, one of the project participants. “It's like repairing a car with the engine running.”

But perhaps the hardest thing to do is get this technology to work over long distances. A photon can be sent via fiber-optic cable no more than 150 km, and then its quantum properties will change too much in order to be able to extract information. In a demonstration conducted in Chattanooga, physicists increased this distance by converting quantum signals into ordinary bits. Then they fed these classic bits into various quantum encryption systems, capable of reproducing the key and transmitting it further. This means that encryption machines can be placed in various power substations, and used as transmitters to ensure the safety of large pieces of the network. To communicate with substation equipment, you need to know the key. The system will not allow hackers to measure or copy the key,

But every time you turn quantum bits into classic, you lose the protection of quantum mechanics and open the door for hackers. And, of course, QKD can only prevent one, specific type of attack. He confirms that no one has forged the key, but does not confirm its sender, says Dodson. In a Chattanooga demonstration, researchers had to combine QKD with other technologies to confirm the identity of the sender.

The EPB also plans to conduct other checks of quantum encryption, including the one that sends quantum keys via wireless radio transmitters rather than optical cable, says Steve Morrison, head of cybersecurity at the company. If the tests are successful, the EPB will be able to switch to quantum encryption of commands to power plant equipment in five years. “I wouldn’t say a single system that it’s impossible to crack, because I’m paid to remain paranoid,” says Morrison. “But I have hopes for this system.” She is able to recognize evil intentions, and in other technologies I have not seen such opportunities. ” Let's hope this system allows the light to stay on.