John Prisco, President and CEO of Safe Quantum, a quantum security consulting firm is interviewed by Yuval Boger. John and Yuval talk about the maturity of PQC, QKD, quantum networks, and their timing overlap, national and international testbeds for quantum security, successful case studies and more.
Yuval Boger: Hello John, and thanks for joining me today.
John Prisco: Hello, how are you?
Yuval: I’m doing well. Who are you and what do you do?
John: Well, I’m John Prisco, and I am the president of Safe Quantum and I consult in the areas of quantum key distribution and quantum internet.
Yuval: There have been a lot of buzzwords floating around: post-quantum cryptography, quantum key distribution, and the quantum internet. Could you make some sense for me in these?
John: Yes, I think we’re in a very early stage in a number of areas that would be based on quantum. Obviously, quantum computers are just at the beginning of development, and they don’t have very many qubits yet, but eventually, they will. And when they do, then we’ll have something to worry about with having our encryption schemes broken that we depend on today. However, the work that’s being done at NIST to develop post-quantum cryptographic algorithms will become quantum resistant. The hope is that these mathematically based algorithms will prevent quantum computers or at least slow them down in terms of being able to decrypt secret information.
On the other side of the equation is quantum key distribution, which doesn’t depend on arithmetic or mathematical rigor. It is relying on quantum mechanics and physics principles. It’s a very interesting technique, it uses keys that are made of individual photons of light, and because of the various quantum mechanical properties, you’re not really able to even observe these keys without changing their state. Once the state has changed, the key no longer works, it no longer unlocks the secret information and therefore provides the protection that one would want when transmitting very secure and sensitive information.
Yuval: If I’m an enterprise and I hear about post-quantum cryptography as an interim step, and then quantum key distribution is something that could be a little bit better and maybe about the quantum internet is the best thing, is it feasible for me to jump right to the best thing?
John: Well, unfortunately, it’s not at the moment, and that’s because there’s a lot of work to be done, actually, in all three areas. Jumping ahead to the quantum internet is probably a misnomer. We should probably first talk about a quantum network, which is not as far-reaching as the internet. And there are a number of test beds around the world that are today working in this area. And at this point, these systems are relying on creating quantum repeaters and using quantum memory. But at this point of development, the repeaters are repeating one photon of information. So when you consider gigabit per second type transmission rates, there’s a long way to go before we could have a complete quantum internet.
But there are many advances going forward throughout the world on quantum networking. And one in particular that I follow closely because it’s right here in the United States, is a company called Qunnect. And what I find interesting about them is that they’re attempting to build quantum network, the basis for quantum internet, using room temperature apparatus. Which is terrific because when you try to commercialize something, it’s very difficult to commercialize a product that has a dilution refrigerator, which is a room full of refrigeration equipment to get superconducting properties out of quantum setup in milli-Kelvins of temperatures. When you have high vacuums, and very low temperatures, you have a long way to commercialization, so I like following companies that are trying to do things at room temperature because I think we get there sooner with that kind of approach.
Yuval: If we start from post-quantum cryptography, I understand that NIST has announced for finalists or candidates for standards, but some of them have already been cracked. How is that process going, and what do you anticipate will happen with it?
John: Well, it’s a long-term process. It started six years ago, and I think it started with something like 88 algorithms that were presented. NIST has been diligently working on looking at the veracity of each one of these algorithms, and they’d come up with four finalists. In addition to the four, there were others in the finalist category, and one of them was hacked a couple of months ago, I think in March. And then, more recently, another had been broken. But that’s all part of the process working. It is open to the public so that people will try to, in some way, bypass the protections that the algorithm offers.
And when you look at an arithmetic approach, which is all of post-quantum cryptography, you have to understand that these algorithms will have a shelf life, just like the RSA algorithms are coming to the end of their useful shelf life. Well, post quantum cryptography may have a 30-plus year shelf life, but eventually, it will be cracked by something. So it’s very important to understand that that approach is a quantum-resistant approach. I’m probably more in line with the QKD basing its protections on laws of physics, but I think you need both of them. I think it’s important to have a defense in-depth strategy, and I think it’s important to have two totally different approaches so that if one fails, it’s not likely the other will have the same failure mechanism and therefore, you’d have more survivability.
But I do think post-quantum cryptography is going to require crypto agility just for the reasons we mentioned, you may be heading down the road with a finalist candidate algorithm, and then something happens where a mathematician comes up with an algorithm that defeats that approach. Well, you have to be able to turn on a dime and adopt one of the other algorithms that are in their golf bag, so to speak.
Yuval: I think quantum key distribution uses a side channel to transfer decryption or encryption keys to both parties outside the main channel. And I believe that a previous company that you were involved with did QKD as a service. If I understand QKD, what does “as a service” mean in that context?
John: Well, it means that you are providing a transmission pathway for a customer to secure data in motion. And that could be between two of the customer premises locations. It could be from a customer to the cloud. And when you say as a service, it means that you secure the fiber rights of way between points A and point B. You install the hardware, which is producing the keys and sharing the keys. And it’s a complete service, if there is maintenance required, you provide that as well.
And one of the most important things about this approach is that you can separate the encryption key from the data. Today we make it awfully easy for people to harvest information and the key that’s used to encrypt that information. And even though they may not be able to break that key today, they can simply and inexpensively store the data and the key. And then in the future, when they have the means to break that key, like with a more powerful quantum computer then we currently have, now suddenly all that secure, sensitive information is subject to being read in plain text.
There are an awful lot of things to consider. The time it takes to convert from a classical encryption approach to a quantum encryption approach is measured in decades. The last time there was a conversion like this, it took over 20 years for companies to completely convert to the RSA algorithms. It’s probably going to take more like 20 to 30 years this time around because we have so much more data that we’re storing and transmitting. What was happening in the seventies is much, much smaller than what’s happening in the 2020s. This is not going to be an overnight plug-and-play kind of project, it’s going to take a long time. And you have to constantly be watching to see, are nefarious actors able to crack the new algorithms, and will our sensitive information soon be read by enemies?
Yuval: So it’s not a three-stage rocket where first you have PQC and then you move to the second stage with key distribution and then maybe to a quantum network, these are overlapping stages, if I understand correctly?
John: They are, and I think you know, have QKD today, which is probably the best approach to preventing harvesting attacks, because it’s available today, and it will give you the quantum mechanical security that boasts. PQC is probably two years away from being standardized for the first few algorithms. And then of course that conversion to PQC, which is an enormous task, will probably take at least 20 years.
But the quantum internet is going to require a fair amount of development. Today what we do is we entangle photons and then we try to swap that entanglement in a quantum repeater or quantum memory. And as I mentioned before, each photon is transmitted individually, and it has one bit of information, a one or a zero, could be polarization, could be phase whatever, but one and a zero. Now you’re talking about having billions and billions of photons in order to complete a simple telecommunications transaction. And the hardware and infrastructure has to be put in place for this. But fortunately, we do have test beds springing up all around the world, and breakthroughs are being made on a fairly monthly basis. So we’ll get there, but it will probably be on the order of 20 to 25 years before any substantial networks for substantial distances with substantial data rates will be prevalent.
Yuval: You’ve probably consulted with a lot of companies and looked at many others, are there any examples that you could give of someone that you felt was doing a good job in preparing for this next type of risk?
John: Yes, in fact, I’ve had the pleasure of working with a number of companies, JPMorgan Chase, for one. And what I really think they did right is that they hired quantum experts, their quantum business is run by a fellow named Marco Pistoia, came out of IBM and he’s a friend of mine, and I always tell him that he’s a quantum rockstar, and he is. We did a project when I was consulting for Toshiba that was based on securing a blockchain application. I think if you generalize this to companies and what they might do, I think it’s important to have people who understand what quantum is, what quantum science information technology is all about.
And then you have to start doing some proof of concept tests. I’ve done a number of QKD proof of concepts. One of my first ones was, again, working with Toshiba and we did a Verizon 5G network security. This is all public, there have been press releases on both the companies I’ve just mentioned. But that’s really what you have to do, you have to get started, you have to make an investment. And there’s an equal investment to understanding the PQC algorithms. And the first thing you have to do is take an inventory of your data, what data? What’s the shelf life of the data? What’s the sensitivity of the data? And you have to work from the most sensitive and longest shelf life to the least sensitive and the shortest shelf life. But just knowing that is going to take a long time in a large corporation. So getting started now is important.
The federal government is a totally different situation because the information is always very sensitive. And when you look at some of the executive orders that came out last month about when government agencies should be converted to quantum encryption, they were talking about 2032 to 2035. Now, what worries me about that is the harvesting attacks, that’s going to be 10 to 13 years of people sniffing cables. Even the submariner cables crossing the ocean have been tapped. It’s very difficult to know when you’re tapping an optical fiber because you just simply bend it, and the light leaks out of the core and then you detect that light. The thing is that with conventional classical telecommunications, when you detect that light, you also get all the information that’s being sent over that fiber. So you can imagine an optical fiber carrying tremendous amounts of data and all of it being recorded inexpensively and kept somewhere. And then eventually, when you can break that encryption, now all of these very sensitive bits of data are revealed.
I don’t think we have as much time as people think that, “Well, we can do this over 20 years, 25 years.” Sure, it may take that long, but I think you have to take measures before that, especially if your information is a long shelf life and is extremely sensitive. And QKD actually is the only thing that can really protect you at the moment.
Yuval: You mentioned governments and security is obviously not just a corporate issue but also a national issue. Which countries, in your opinion, are ahead in quantum security? And which countries are perhaps behind?
John: Well, I think that the United States has caught up with China. We do some things better than they do. They do other things better than we do. But in terms of quantum computing, I think the US leads. I actually think that some of the QKD implementations in China lead the US. But there’s a lot going on in Europe as well. There’s British Telecom that’s now doing a metro scale network using Toshiba QKD and that’s a very large project and very interesting in terms of seeing a large telecommunications company make that bet. The Netherlands is, and the group at Delft is doing a wonderful job on quantum networking, and they’re just a lot of things going on like Barcelona, Germany, they’re all doing a lot in the field of quantum networking,.
But this is going to be a public-private partnership in the United States, just like the moon launch was in the sixties. And that’s the way to really win this race. And people, a few years ago, started to have that Sputnik moment where they said, “Wow, look at China’s just invested 10 billion in quantum. We better do something about that.” And I think we have, and I think in fact that the NSF has been funding universities and a lot of basic research as well as the venture community funding startup companies. I think that combination is a winning combination. It won once before during the sixties and the Space Race, and I think it’ll win again.
Yuval: As we get close to the end of our conversation today, you mentioned a couple of test beds in Europe, I think in the US, I think there’s a big one in Chicago. Are there others that people could get involved with or should pay attention to?
John: Well, there’s Chicago Quantum Exchange, that’s the one that you are referencing. And of course, that has Department of Energy laboratories working along with very fine universities and terrific researchers. Recently, NIST announced that they’re going to build a DCQ Network, a quantum network that will initially deploy quantum networking on the NIST campus, but then will bring to bear several other agencies like NASA, NSA, CIA. That will be an interesting one to watch. And there is all sorts of rumors about a network coming into Boston and another one coming into New York, and probably another on the West Coast. But none of that has really been publicly announced yet, so we’ll see which ones of those occur. But I think it’s really important that we have these partnerships, test beds, that have universities involved and that have venture capital involved and government involved. Government is looking for the private sector to come with ideas. Many of these companies have been working on networking for a couple of years, three years, and they can bring to bear a lot of experience.
Yuval: Excellent, John, how can people get in touch with you to learn more about your work?
John: Well, you can go to my website, which is SafeQuantum.com, and all my information is there. I am leading the use cases TAC (technical advisory committee) at QEDC. And if you’re a company that wants to join QEDC, I would recommend it. There’s a tremendous amount of knowledge within the group and it’s a very good place to learn. You can also look at me in Forbes Technology Council. I try to publish one paper a month there. That’s how you can find me. And LinkedIn.
Yuval: That’s perfect. Well, thank you so much for joining me today.
John: Well, thank you.
Yuval Boger is a quantum computing executive. Known as the “Superposition Guy” as well as the original “Qubit Guy,” he most recently served as Chief Marketing Officer for Classiq. He can be reached on LinkedIn or at this email.
October 12, 2022