Quantum Cryptography to the Rescue

Cryptographic systems can be cracked. And people make mistakes. Take those two factors out of the equation, and you have quantum cryptography and a new way to protect your data.

The reason that Heisenberg doesn't protect today's wireless networks is that they send each bit of information on trillions upon trillions of photons. Some of those photons go from the access point to your laptop's wireless card, some of them get absorbed in your eyeballs and some of them go to the attacker's sniffer across the street. Heisenberg affects each one of those photons, of course, but because there are so many to go around, everybody gets their crack at your data.

So who needs quantum cryptography? One obvious customer is all of the financial institutions crowded into Lower Manhattan, says Mike LaGasse, MagiQ's vice president of engineering. These companies typically have offices in New York City, data centers across the river in New Jersey, and rented dark fiber connecting the two. The problem with this dark fiber is that it typically runs through junction boxes that are located in the basements of the buildingssometimes in a location that's controlled by a direct competitor. Companies rely on strong encryption to protect the information that's moving over these fibers. The problem, of course, is that there is no way for the companies to know if their keys have been compromised. It's the sort of thing that should keep a CSO up late at night.

MagiQ's boxes are ideal for organizations that have a large campus and a lot of sensitive informationfor example, a military base, an airport or a large commercial campus. These organizations typically have lots of fiber, lots of random people walking around, and lots of insiders who could be blackmailed into revealing secret keys, given the right incentives. With QPN there's nothing to reveal.

Of course, QKD can't really provide unbreakable security because the MagiQ boxes are not the only component on your network. A well-funded and sufficiently motivated attacker could try to intercept your data before it goes into the QPN or when it comes out on the other end. There's also a chance that MagiQ has some sort of flaw in its encryption devicesprobably not in the quantum or the optical system but perhaps in the design of the packet encryptor that runs the QPN. And there's a chance that the box might have some kind of radio emanations that reveal the raw, unencrypted data to an attacker who has a good radio and directional antenna.

To address these kinds of concerns, MagiQ is in the process of applying for federal certification of its project. Once the certification has been awarded, MagiQ will submit its device for evaluation. And the next generation of the company's devices will use standard IPsec protocols. Steps like these go a long way toward addressing concerns that security experts might have with the part of the system that doesn't rely on physics for its security.