The Global System for Mobile Communications Association (GSMA), IBM and Vodafone are teaming up to form a task force that will promote quantum-safe cryptography standards for telco networks and, ultimately, enterprise cloud service environments.
The idea behind the new group, called the GSMA Post-Quantum Telco Network Taskforce, is to define requirements and create a standards-based roadmap to implement quantum-safe networking and mitigate anticipated security risks.
“Telco networks are the underpinning of all enterprise services, regardless of what industry they are in, so it is critical that those networks [get] out in front of the security challenges quantum brings,” said Ray Harishankar, IBM Fellow, vice president, and leader of Big Blue’s Quantum Safe strategy. “The idea of the group is to start to develop a quantum-safe plan now, because the components and standards of that roadmap won’t be developed overnight.”
The task force will have to prioritise what it believes are critical technologies and what needs to be done to protect switches, network devices, and endpoints that are connected to that, Harishankar said. “After that, you’d move up the stack into protecting the applications that run on the network, and service provider platforms, and so on,” he said.
The task force expects other players to join its standards-setting efforts, and it expects to work with standards-setting groups such as the Internet Engineering Task Force (IETF) and U.S. National Institute of Standards and Technology (NIST) in the future.
And there is a lot of work to be done. The World Economic Forum recently estimated that more than 20 billion digital devices will need to be either upgraded or replaced in the next 10-20 years to use the new forms of quantum-resistant encrypted communication.
While a world of quantum networking and services is years away, the more immediate concern for enterprise and telcos is protecting against the “harvest now decrypt later” attack scenario, in which attackers steal encrypted data in present time with the idea that they can decrypt it later with a quantum computer.
“A bad actor can download the information today and sit on it for 13 years and then wait for it to be easily cracked open in the future,” Harishankar said. “Enterprise need to be certain the data they have today, that they usually keep for years, or may transmit today to a financial institution or to the SEC, or I may transmit today, is not going to be compromised sometime in the future.”
There's work being done across the industry to develop quantum-computing systems, services, security and networking technology.
For example, NIST selected four algorithms earlier this year to create a post-quantum cryptography (PQC) standard to protect against future quantum processor-based attacks. IBM was deeply involved in the building of those algorithms.
The NIST algorithms are designed for two of the main tasks for which public-key cryptography is typically used: public key encapsulation, which is used for public-key encryption and key establishment; and digital signatures, which are used for identity authentication and non-repudiation, according to Anne Dames, Distinguished Engineer, Cryptographic Technology at IBM, who wrote a blog about the technology.
In addition, Amazon Web Services recently teamed with Harvard University to further quantum-networking research and development. The AWS Center for Quantum Networking and Harvard Quantum Initiative will look to cultivate projects to develop quantum memory, integrated photonics, and quantum applications that could help underpin future quantum networks and a quantum internet.
In the future, networking quantum computers will bring a variety of new applications with clustered computers. In the near term, quantum security and privacy applications are relevant, AWS stated.