The federal government is giving a Toronto startup an opportunity to prove that its fledgling technology could help protect today’s encrypted Canadian communications from being hacked by quantum computers.
Quantum Bridge Technologies (QBT) said this month it has received a $1 million contract that will allow the department of Innovation, Science and Economic Development’s research unit to test its Key Management Entity and Black Phone products.
When quantum computers become practical, they will pose a threat to traditional encryption technologies used today. Users of these technologies include governments that use classical encryption to protect communications between departments and other governments, financial institutions that protect bank accounts and transactions, social media sites that protect messages between consumers, personal information stored by corporations … the list goes on.
While governments around the world are funding public and private sector work on quantum computers, they are also looking at quantum-resilient solutions that could prevent breaking current encryption protocols.
Quantum Bridge says its Key Management Entity uses distributed symmetric key exchange (DSKE) and can integrate with existing network appliances and infrastructure. It says its Black Phone app for instant messaging, voice and video calls uses DSKE to deliver secure authentication and end-to-end encryption and authentication that can’t be hacked by a quantum computer.
“In the long run, most critical infrastructure will have to adopt solutions like this to guarantee quantum safety,” company CEO Mattia Montagna said in an interview.
The tests involve creating two points of presence — one in Ottawa and one in Montreal — with Layer 3 tunnel (a VPN) with IPsec, and a Layer 2 tunnel. Quantum Bridge’s key management solution will provide the encryption and authentication for the tunnels.
Over a two-month period, there will be performance and penetration tests plus an audit. For the mobile test, there will be iPhones and laptops, plus scalability and penetration tests.
Current encryption protects data with a cryptographic key. There are two types of encryption: asymmetric, also known as Public-Key Cryptography, which encrypts and decrypts the data using two separate yet mathematically connected cryptographic keys, one of which is public (for encryption), the other private (for decryption), while symmetric encryption uses one key for encryption and decryption.
“When you think about what quantum computers can do to cryptography,” Montagna said, “it’s important to understand the big threat is to asymmetric encryption. Quantum computers are not particularly threatening to symmetric encryption; the problem comes from RSA and public key infrastructure. The government is looking for new solutions for key distribution, which is what public key infrastructure does today, and they’re looking for new solutions that do not rely on asymmetric encryption.
“You can either do quantum key distribution or pre-shared keys. Quantum key distribution is still extremely expensive.” Quantum Bridge’s technology — based on research done at the University of Toronto by company co-founder Hoi-Kwong Lo — makes pre-shared keys easy to use and scalable, he said.
Michele Mosca, a member of the University of Waterloo’s Institute for Quantum Computing, welcomed news of the Quantum Bridge test. “Part of making Canadian digital infrastructures quantum-safe is to be ready for the possibility that what we currently believe is strong public-key cryptography is unexpectedly broken,” he said in an email. “So, in addition to the public-key methods, for critical systems we need robust and scalable solutions that aren’t susceptible to mathematical cryptanalysis.
The test is just one of the efforts Canada is taking to help companies here find and market quantum-resistant solutions.
“Under the National Quantum Strategy, our government has indicated it will ensure the privacy and cybersecurity of Canadians through investments towards a national secure quantum communication network and by encouraging the deployment of post-quantum cryptography,” said Laurie Bouchard, senior communications manager for the department of Innovation, Science and Economic Development (ISED). “These efforts will be in collaboration with Canadian researchers, industry, international partners and standards organizations.
“Canada’s strong technical expertise and its reputation as a neutral broker provide opportunities to build technological leadership in sensitive technologies such as quantum, in a way that also responds to our economic and national security interests.”
Meanwhile, work continues on creating internationally agreed-upon quantum-resistant algorithms.
Last year, the U.S. National Institute of Technology and Standards (NIST) chose the first group of encryption tools it believes will withstand the assault of a future quantum computer.