The financial world looks to quantum cryptography for security

QinetiQ was one of just four companies recently invited to demonstrate to top banks and other City firms how quantum cryptography - the secure optical transmission of messages and encryption 'keys' for protecting information via a secure infrastructure - should help make financial institutions around the globe even more secure in the future.

Organised by Quantum Information Partners LLP at the Bank of England and Department of Trade and Industry, the events explored the opportunities and limitations offered by this entirely new technique for securing electronic communications. They were also designed to prove to the City the viability of quantum cryptography technology thereby enabling it to better understand what is possible and to decide how it should move forward. It is anticipated that a number of pilot schemes will be needed to enable the UK to participate fully in the initiatives to establish global standards for this technology.

"Security is at the heart of everything the City now does and it constantly looks to how technological developments can help improve and assure the integrity and stability of all financial systems," commented Charles Ross of the event organisers, Quantum Information Partners LLP. "Quantum cryptography offers a number of distinct advantages and could be a more cost effective way of operating."

Quantum cryptography enables secure messages to be transmitted over existing insecure networks. This is achieved by sending quantum keys through the air between two line of sight points or via fibre optical cables which are then used to protect the messages. QinetiQ has expertise in fibre optics and is the recognised global expert for line-of-sight transmissions.

"Most quantum cryptography networks will combine both through the air and fibre-optic technologies. Passing information through the air is flexible and quick to install while fibre can be used in complex local routing," explained Dr Brian Lowans, QinetiQ's Quantum and Micro Photonics Team Leader. "Satellites are also critical for today's global businesses and we could soon be relaying quantum keys around the globe, providing secure communications capabilities."

If a quantum cryptography message should ever be intercepted by an eavesdropper they would instantly be detected as the nature of the quantum light particles (photons) would change. This is because there is an uncertainty in any measurements made by the eavesdropper and errors are introduced to the received signals. For the first time originators of the messages now know if they have been sent and securely received. If an eavesdropper is present then the keys can be resent after appropriate security actions are taken. Potentially the use of the quantum signals will protect the entire communications link.

Lowans concluded: "Whilst the existing communication systems are widely considered as secure there are also perceived weaknesses and will be vulnerable to quantum computers. Quantum cryptography offers the only protection against quantum computing. The process for physically moving existing 'master keys' between the necessary parties is also costly, as is the overall cost of key management. If we eliminate much of the human element and can pass the keys around the globe in seconds we have the basis of a faster, more secure and potentially less expensive system."

Toshiba Cambridge, ID Quantique and MagiQ were also invited to participate and they specialise in transmitting this information using optical fibre cable.


Notes for Editors:

• Digital 'keys' are a random set of ones and zeros of a given length which are then used as the basis to encode and decode all messages sent between the two parties for an agreed length of time. These keys are currently distributed and protected using Public Key Infrastructure (PKI). This protection relies on unproven security of 'one-way' mathematical functions and the assumption that a long timescale is needed to break them with brute force attacks. However it is widely agreed that many groups around the world are developing quantum computers that could easily crack PKI codes. Should the PKI ever be cracked by a third party, they would be able to translate, instantly and retrospectively, every message that is being and has been sent. If the messages relate to the secure transfer of funds, then large amounts of money could be siphoned off. Millions of messages are currently sent every day using encryption based on these keys.
  
  
• Root or master keys are the basis of trust between networks and these are only physically distributed by trusted couriers. These keys are not changed very frequently and therefore this limits the scope of the encryption capability. Being able to send quantum 'keys', literally at the speed of light, will improve security and means that new security strategies can be employed. For example a 'one time pad' seen as the ultimate security can be enabled. This is where every bit of information is encoded using one bit of key. Alternatively, the keys are simply used as the seeds for the well established encryption algorithms such as AES and Triple-DES etc.