Protecting Critical Networks with Integrated Quantum Approach

Nokia came to the world’s attention as a popular handset maker in the first wave of the mobile revolution. Communications service providers, cable operators, webscale providers and critical infrastructure operations now rely on its networks to provide a fast, reliable and secure service.

The company is now focusing on protecting its customers’ secure data from near-future quantum computers that could break current encryption, known as Q Day. It is also using quantum technology to add an extra level of security.

Nokia last year completed Europe’s first live hybrid quantum encryption key trial with digital communications provider Proximus, using its own technology along with that of ID Quantique and evolutionQ. In December, the company carried out a proof of concept of quantum-safe networks in a complex optical network ring topology across three locations in Greece with HellasQCI, the Greek National Quantum Communication Infrastructure Consortium.

In conversation at Mobile World Congress Barcelona 2024, Manish Gulyani, senior vice president and chief marketing officer of Nokia Network Infrastructure, discussed the importance of combining quantum-safe and quantum-secured communications.

Enter Quantum: Why is Nokia implementing quantum-safe networks?

Related:AI-Powered Networks Revolutionize Connectivity at Mobile World Congress 2024

Manish Gulyani: We’re in the business of building these highly mission-critical networks. Whether it's service providers, public safety agencies, utilities, energy utilities or rail companies, they all use communication infrastructure to make sure their business can function properly.

For example, in a rail, the signaling systems need communication. So we provide the IP and optical infrastructure for signaling and communication. Power utilities are doing grid management and grid monitoring with a communication network handle underneath to make sure they're measuring the signal and communicating if there's any fault or if any corrective action should be taken. These are life or death critical infrastructure so we have to make sure our networks are secure.

As we move towards this quantum era, there is a growing concern that once the computers are ready to break cryptography - which will come on the five- to seven-year horizon – then all the encryption techniques we use to protect the data can be broken by those quantum computers.

What was the purpose of your trials with HellasQCI and Proximus?

We were trying to demonstrate how you can secure your networks now, in anticipation of Q Day. There are two challenges. One is you won't be ready in time. And two, it's very easy to tap into the data today, this idea of harvest now decrypt later. In which bad actors save the data until they are ready to jailbreak it.

So we are like, well, if that's the case, how about encrypting data now? So that when that comes, you're already protected, not running around quickly to solve that problem. We put together a solution to protect our mission-critical IP and optical networks and make them quantum-safe now.

How did you go about implementing quantum safety?

There are two parts to quantum safety. The thesis is that the encryption that we use today can be broken with those quantum computers. So how do we incorporate encryption schemes that will be quantum-safe?

The first part is encryption uses keys to encrypt the data and those keys need to be generated so that they are long enough and secure enough that they cannot be broken. A lot of keys that are generated today could be broken with quantum computers, as they don’t have enough strength and randomness. Quantum computers will iterate continuously until they break encryption. We built a system called 1830 Security Management System (SMS), a key management system that uses classical physics to produce enough randomness and entropy in key generation, that it is considered safe.

The second part is how to safely deliver the key to the devices that need it. We have a key distribution system as part of that solution that makes sure the keys are distributed safely. The other thing with keys is you don't only put a key once you have to rotate the key, so you need a distribution automation system.

Then the equipment that is carrying all your data at the IP and the optical layer must have the ability to encrypt that data at wirespeed, because these networks are running at very high speeds - 400G or 800G. We've been able to demonstrate that our IP and optical products, in conjunction with a key management system can be certified quantum-safe now, as opposed to many so that's kind of the big deal that we are talking about.

How does quantum technology make that even safer?

It’s a journey. Today we're using classic-based physics and now people want to use quantum physics for key generation, which is called quantum key generation and quantum key distribution.

We’re working with two external companies that focus on key generation using quantum physics, ID Quantique and evolutionQ. For the Proximus demo, they used our 1830 SMS key management system for distribution and our hardware for encryption and validation.

We’re showing that our solutions are interoperable already. Even though the future quantum solution is probably not fully economically viable yet, we have a solution that you can deploy today, we are working with future-ready solutions our products and solutions are ready for Q Day.

How should organizations make their communications quantum-safe?

It’s a call to action. We suggest that you assess where you are. You don't have to do everything at once but start with the most vulnerable links – those that use third-party fiber for example. You may want to encrypt those first rather than implement your own private network. Get the ball rolling, get your hands dirty, start with the most vulnerable parts and add more as you go rather than attempting a one-shot deal.