Cryptography is having a rough few months. On September 5th, leaked NSA documents revealed a systematic effort by the agency to undermine encrypted communications across the board, breaking accepted standards like SSL and systematically weakening others. But while the news has been unsettling for math-based cryptography, it's fueled interest in less conventional means of secure communication, particularly a fiber-optic technique called "quantum cryptography" that uses the properties of light to fend off would-be wiretappers. For years, it's been an object of interest for the cryptography scene — but after Snowden, it's becoming big business.
"The time is right to accelerate."
ID Quantique is one company cashing in on the newfound interest. The Geneva-based company has been tinkering with quantum cryptography designs since 2001, even designing a secure system for the city of Geneva to share its election results, but in the months since the NSA leaks, interest in the firm has skyrocketed. Last week, the company announced a partnership with contracting firm Battelle to build America's first quantum key distribution network, a line of direct fiber optic cable and secured quantum servers that will let Pentagon employees in Washington DC send encryption keys to contractors in Columbus, Ohio without anyone listening in. Today, ID Quantique is also announcing $5.6 million in funding from venture capital firm Q Wave, which will fund a new push into the US market. As CEO Gregoire Ribordy told The Verge, after 12 years of research, "the time is right to accelerate on the commercial side." The tech may not be new, but the business is just getting started.
"It gives you the ability to build a completely different kind of corporate system."
The strength of quantum cryptography comes from the principle that a stream of light cannot be observed without changing it. The setup used by ID Quantique and others leverage that law of physics to provide an instant alert whenever any signal has been compromised. If the NSA taps into your quantum line, you'll know immediately, and be able to cut off communication before any usable data can be collected. As a result, quantum cryptography businesses usually bill themselves as "uncrackable." Aside from a few slip-ups, the claim has held true.
Network diagram for ID Quantique quantum key exchange.
While the system is powerful, it can also be unwieldy. Unlike math-based encryption, which can be run on any data network, quantum cryptography is hardware-based, requiring two secure nodes and an unbroken fiber optic cable in the middle. For ID Quantique, that means the technology is best for internal IT systems, usually in high-security sectors like finance and government. By now, those systems are already running on fiber optics, so ID Quantique provides servers to sit on either end of the line, establishing the right protocols to ensure everything in the middle stays safe. "It gives you the ability to build a completely different kind of corporate system in terms of information protection, password distribution, exchanges, all of that," says Q Wave founding partner Sergei Kouzmine. "And we're starting to build that now."
"I should really say thank you to the NSA."
At the moment, the killer app for this setup is key exchange, using quantum tech to transmit the sensitive encryption keys used to secure the rest of the network through more conventional cryptography. ID Quantique's Cerberis hardware is built specifically for key exchange, which enables companies to keep most of their pre-existing cryptography protocols in place while changing passwords more securely and efficiently. Quantum tech can also be used to lock down information exchange within a network. Kouzmine is particularly excited about securing real-time backup systems, which maintain a mirror copy of a company's data to make sure nothing is lost in a server crash. It's a useful practice, but a long-running security headache, potentially revealing all the company's data to anyone who manages to tap into the line between servers. If implemented right, quantum cryptography servers could secure those lines as well.
As crypto experts will be quick to note, this isn't a silver bullet. The nodes in ID Quantique’s network are still potentially vulnerable to NSA trickery, but thanks to quantum physics, the links between the nodes really are unassailable. After recent revelations, that's a reassurance that companies can't get anywhere else. "I should really say thank you to the NSA," Kouzmine says. "That was when interest really began to take off."