Marc Hentsch Sales Engineer

Transcription

1 Marc Hentsch Sales Engineer Ch. de la Marbrerie, 3 Tel: +41 (0) Carouge / Geneva Fax: +41 (0) Switzerland

2 Presentation outline Optical links must be secured Conventional cryptography offers limited security Quantum cryptography by is the solution 2

3 id Quantique at a glance Spun-out of University of Geneva in 2001 Transfer 10+ years of know-how Exclusive access to key patents Several Swiss and international awards Fast growing company First commercial quantum cryptography products Strategic focus on opportunities offered by Quantum Photonics Breakthrough products available 3

4 System Information Information security Confidentiality of Intellectual property Business & Financial integrity Compliance with regulations Insider abuse to be prevent Industrial espionnage to be prevent Privacy A Business problem 4

5 Some security facts 2005 CSI/FBI Computer security and crime survey: «56% of responding organization have been subjected to unauthorized use of computer and network systems in the past 12 months» «Unauthorized access and Theft of proprietary information showed a dramatic cost increase.» 48% of total Losses for 2005 Cyber attacks on payment systems Economic espionnage in competitive bids Intelligence agencies routinely use communication interception to gather strategic and economic information 5

6 Optical fibers are critical and vulnerable Information transmitted using optical fiber links Foreign government Organized crime Competitors Primary or Secondary Data Centre Backup/archive centre (SAN) Encryption cracking facility Branch office Business Partner Information analysis and exploitation 6

7 Optical Taps Optical taps are cheap and simple to use «Tapping a fibre-optic cable without being detected, and making sense of the information you collect isn t trivial but has certainly been done by intelligence agencies for the past seven or eight years. These days, it is within the range of a well funded attacker, probably even a really curious college physics major with access to a fibre optics lab and lots of time on his hands.» John Pescatore, former NSA Analyst The submarine «USS Carter» worth $4.1 bn will be able to tap and eavesdrop undersea cables. 7

8 Telecom stations may be at risk Technicians from telecom companies, external supplier, subcontractors may have access to telecom equipment in stations Optical taps discovered on the optical network of a US mutual fund 8

9 Cryptography Cryptography must be used to secure mission critical data Krypto = hidden Graphein = writting «Cryptography is the art of rendering data unintelligible to any unauthorized party» 9

10 Secret key cryptography Symmetrical, or secret-key DES, 3DES, AES, one time pad Encryption and decryption keys are identical Security of the system rely on keeping the key secret during its entire life time The longer the key and the more often it is changed m k the higher the security c m k Problem: Key Exchange Must rely on a trusted courier High cost involved Risk of subversion Particulary difficult for one time pad Today key exchange relies on public key cryptography 10

11 Public key cryptography Asymmetrical, or public-key Diffie-Hellman, RSA, Elliptic curve deal with a pairs of keys (public private) Factorisation of large prime numbers (n = a x b) Easy to compute in one direction : x Difficult to reverse (but no impossible) : Decryption key (private) Encryption key (public) Problem : mathematical and technological progress Security depends on the difficulty (?) of factoring large prime number 11

12 Vulnerabilities of public key cryptography Decryption (without key) Classical computer Theoretical progress Computing time Quantum computer Key length Computers become more powerful Encryption Decryption Whether factoring is difficult or not, is not proven Factoring is known to be easy on a quantum computer (Shor s algorithm ) A solution could already exist and have been kept secret by a gov. or org. 12

13 Landmarks of factorization RSA-129 (129 digits = 428 bits) The initial 1979 challenge posed in Scientific American «428 bits key secure for 40 quadrillion years!!!» Factored in 3 months in 1994!!! RSA-155 (155 digits = 512 bits) factored in 1999 RSA-160 (160 digits) factored in 2003 RSA-576 (174 digits = 576 bits) factored in 2003 RSA-640 (193 digits = 640 bits) factored in NOV

14 Retroactive vulnerability Would the exposition of the data your organisation transmitted 5 years ago be damaging? Time + 5 years Decryption: Backward and forward vulnerability Today + 2 years Interception and storage of encrypted information 14

15 Classical and Quantum physics Classical physics Describes the macroscopic world Quantum physics Description of the microscopic world Deterministic Intuitive Probabilistic Central role of the observer Not very intuitive 15

16 Classical vs Quantum Communications Classical communication Quantum communication "0" "1" "1" "0" Fragile! Absolute security guaranteed by the laws of quantum physics 16

17 Quantum Cryptography «Quantum Key Distribution» is a better name! Key validation and use Integrity Verification Quantum Communication Quantum Cryptography reveals eavesdropping a posteriori 17

18 Quantum cryptography A better name: Quantum Key Distribution (QKD) Invention of Quantum cryptography in 1984 by Charles Bennett and Gilles Brassard protocol BB84 Allows to exchange a secret key in an absolute secure manner Security of the key guaranteed by the law of physics Use the fact that elementary quantum system photon cannot be observed and measured without being affected Will reveal an eavesdropper on the link Quantum cryptography solve the key exchange problem By using single photon and Quantum physics to exchange the key in a 100 % secure manner By using this key in a strong symmetric algorithm (AES) By changing the key several time per second No Vulnerability to computing power 18

19 Implementing the quantum channel Transmitting information with a single-photon Necessary components Channel Single-Photon Detector Single-Photon Source 19

20 Photons vs single-photon A single-photon constitutes an elementary quantum system It cannot be split Semi-transparent mirror 50%?? 50% 20

21 Quantum communications Transmitting information with a single-photon Liner States Use a quantum property to carry information = "0" = "1" 21

22 Polarization of Photons Direction of oscillation of the electric field associated to a lightwave Polarization states θ E What can we do with it? 50 % 50 % 22

23 Irreversibility of Measurements Incoming photon polarized at 90 Incoming photon polarized at % 50 % Rotation of polarizer 23

24 Quantum Cryptography Protocole BB84 H/V Basis Bob Polarizers Horizontal - Vertical Alice 45 Basis Diagonal (-45, +45 ) Alice's Bit Sequence Bob's Bases Bob's Results Key

25 Eavesdropping Alice Eve 50% 50% 50% 50% Bob 50% 50% 50% 50% Ok Error Ok Error Ok 25

26 Key Distillation Qubits Transmission Alice Quantum channel Bob Basis Reconciliation Sifted key QBER estimate QBER = 0 : no eavesdropping > 0 : eavesdropping Reveals rather than prevents eavesdropping A better name: quantum key distribution 26

27 Implementation of Cryptographic Systems Message Encrypted Message Message Key "The security of a cryptosystem should not rely on keeping the algorithm secret but only the key Kerckhoff's principle Key Public Key Cryptography: Quantum Cryptography Vulnerable Key Exchange Secure Quantum channel - key transmission 27

28 «Quantum Cryptography is one of the ten technologies that will change the world» July 7, 2003 February 2003 «Absolute security guaranteed by physics» 28

29 Actors Companies Universities European projects 29

30 id Quantique product lines Quantum Cryptography VECTIS Link Encryptor CLAVIS => R&D system (QKD) Random Number Generator Quantis module and Quantis PCI board Scientific instrumentation Photon counters, Short-Pulse laser source, 30

31 Quantis Quantum RNG High bit rate 4 or 16 Mbits/s On line monitoring Main OS s supported 31

32 Vectis Link Encryptor Perform secure key distribution and encryption engine in the same appliance Main features Layer 2, Ethernet Encryption (IEEE802.3) Networking protocole independent Low latency Remote monitoring (SNMP) Automated key management Dedicated pair of optical fibers («dark fiber») Distance < 100 km 32

33 QC Encryptor: Block diagram Encryption Layer Network interface Encryption Classical channel Supervisor Key management Layer Key Buffer Random Number Generation Key Distillation and management Classical channel Quantum Cryptography Layer QC Hardware Classical channel Quantum channel 33

34 SwissQuantum 34

35 Quantum Cryptography idq idq Primary or Secondary Data Centre Backup/archive centre (SAN) SECURED Branch office Business Partner 35

36 Choice of cryptographic technique 36

37 Benefits Simple installation Transparent network equipment Wire speed encryption Lasting data security High security encryption Fast key change (< 1 s) Automated key management Low overall cost of ownership Automated operation Visibility and image 37

38 Management attention Information security is a complex issue Internal threats External threats (viruses, etc.) Security practices (organizational, technical) Regulation (ISO, Basel II, Sarbanes-O etc ) People involved (Staff, contractor, partner and collaborators) By solving the encryption issue, Quantum Cryptography frees management attention to focus on other issues. 38

39 Q & A Session id Quantique SA Chemin de la Marbrerie, 3 CH-1227 Carouge / Geneva Switzerland Visit our web site 39