Quantum Xchange’s CEO, John Prisco, discusses the challenges and opportunities presented by quantum computing and the role that quantum key distribution can play moving forwards.
Quantum Xchange is a provider of unbreakable quantum keys and secure communications and offers the first and only quantum-secured network in the United States, securing the channel for critical communications and enabling organisations to send quantum protected keys over any distance using the laws of quantum physics. SciTech Europa spoke to Quantum Xchange’s CEO, John Prisco, about the challenges and opportunities presented by quantum computing and the role that quantum key distribution can play moving forwards.
What would you say are the biggest challenges and opportunities presented by the future of quantum computing?
Quantum computers generally are going to be a fantastic opportunity in many fields, not least in the pharmaceutical markets. However, when it comes to cryptography and protecting secure communications, they really present themselves as the best weapon in terms of security, and there are very few defences against that weapon. One would be the quantum key distribution project that we are championing and the other is the post-quantum cryptographic cyphers that are now being evaluated in the USA at NIST, our standards agency.
It is estimated that it would take a billion, billion years to break the current keys that are used in RSA-2048 encryption, but a quantum computer is so much faster that it could actually break that key in about a minute; the power of a quantum computer is quite outstanding.
There are debates around when quantum computers will actually emerge but that debate is essentially not that important; regardless of whether it will be three years, or five years, or 10 years, it is inarguable that, given the efforts taking place in China, the USA, and Canada, for instance, that quantum computing will emerge at some point.
Assuming that the various actors harvesting and storing data today store the key and are then able to go on to factor it and so read plain text, then it is likely quantum computers will emerge sooner rather than later. However, that is a challenge, and one that needs to be addressed today.
What are your thoughts on the European Commission’s Quantum Technologies Flagship, which aims to place Europe at the forefront of the second quantum revolution, bringing transformative advances to science, industry and society? What more could be done to ensure a leadership positon for Europe in this area?
Europe is in a really great leadership position and should continue working in the way that they have. Projects like that taking place at the Cambridge lab with Toshiba are also very significant.
What about the rest of the world? Is the USA, for instance, in a better position?
No, I don’t think so. We made some progress in the USA at the end of 2018 by passing the Quantum Initiative Act which receives $1.2bn (~€1.05bn), and there are three governmental agencies that will be involved in this: the department of energy, the department of commerce, and the department of homeland security.
There will be additional investment in the technology, but that is nothing compared to what China is doing. Indeed, China has publicly announced $10bn in investment and it is interesting to note that China’s launching a three-pronged attack to tackle quantum technology: they are, of course, developing quantum computers; they are in the lead with quantum key distribution (QKD); and then, of course, they are working on the mathematical solutions for cryptographic algorithms.
The USA is really doing two things: quantum computers, and post quantum cryptographic algorithms. In terms of QKD, Quantum Xchange is the only company in the USA which is building a quantum communication network, and we are trying to evangelise this as part of the defensive strategy, in that it can be used to combat a quantum computer and future proof data transmission today.
Does that place you in a good position, in that you don’t have any strong competition? Or does it make things more difficult as you have no one to work with?
It is possible to argue both ways. It is certainly a good thing to be the market leader, but until there are multiple players the market never really develops.
With regard to information security, do you feel that enough is being done to ensure that sensitive data can be protected, and what role will QKD play here?
There is a sense that little is being done to prevent harvesting attacks. The latest and perhaps biggest example of that was the attack on the Marriott hotel chain, which saw tens of millions of records being stolen.
Even if that data was encrypted, which means when they transmitted it, they transmitted it with a key, the keys are classical ones and can be broken. Indeed, with this kind of encryption you know somebody at some point is going to try and hack into that data and get all the information, if they don’t already have it. As such, I don’t think enough is being done to prevent that.
If you look historically at the standards for encryption, this started in the 1970s with DES (digital encryption standard). 20 years later, there was a need to improve that as there was only 56 bits in a DES approach and you could use brute force to break it. In 1997, there was then the request for a new standard cryptographic algorithm, NIST AES (advanced encryption standard), and that is what we are using today. Although we keep increasing the size of the key as the smaller keys are broken.
In November 2017, the NIST agency called for new cryptographic cyphers, and that is what we are working on now. We have got another three-to-five years before this is whittled down to a few finalists from the 64 cyphers submitted to NIST. This means it will be some time before we get what would be considered as something which provides more security against quantum computers (or what they term as ‘quantum resistant’). There is no proof that the mathematical algorithms will work, but there is proof that a quantum key will because it is based on a law of physics that says you cannot observe a key without altering it in a way to make unusable.
Even with NIST’s quest for a new standard, not enough is being done in this area – while this standard is years away from application, quantum key exchange is here today, it works, and we are applying it.
Where are your priorities for Quantum Xchange moving forwards? How will these evolve over time?
We are now working to expand our network and we have bought 800 km of fibre that connect Boston to New York to Philadelphia to Washington DC. We now have 15 co-location sites along that route, so 15 data centres, and our goal is to expand now into the mid-western USA, to the west coast and to the south west and thus create a nationwide quantum communications network. We hope to achieve that over the next two years.
What will be the biggest challenge in realising that?
We own intellectual property for a technology which we have termed ‘trusted node’. This technology allows us to transmit keys an unlimited distance – typically, quantum keys are limited to 80-100 km before they are no longer effective, which means that you have to be able to repeat that signal, with the drawback being that active repeating will cause the key to lose its integrity. To overcome this we have developed a way to further encrypt the key that is at the end of its 80-100km journey with a new key and then transmit that combined key over the next hundred kilometres or so and repeat that again and so on and so forth. So, after solving that distance limitation it really gives us the ability to expand from coast to coast.