Quantum-safe networks: protecting the future against quantum threats

We have to start now to work on protecting valuable communications services

Matthieu Bourguinon

It’s no secret that the fabric of cybersecurity is being strained. Since the onset of the pandemic, the frequency of cyberattacks has more than doubled. If not taken seriously, cybersecurity incidents can lead to steep fines, extortionate ransom demands, and intangible yet severe repercussions such as loss of customer trust and damaged brand image.

For example, a recent ransomware attack on Royal Mail in the UK caused a significant interruption of the international postal service. Governments and emergency response authorities are increasingly becoming attractive targets as well; a long-standing breach was identified in Japan’s digital defence agency, and in the same period, the personal information of police officers in Greater Manchester was compromised through a ransomware scheme.

Increasingly, organisations – especially those responsible for supporting critical infrastructures – are beginning to realise that cyberattacks are a matter of “when”, not “if”. Moreover, the global average cost of a data breach rose by 15% to $4.45 million in 2023, highlighting an urgent need for reinforced cybersecurity efforts to safeguard essential services.

Many fear the imminent arrival of a Cryptographically Relevant Quantum Computer (CRQC), commonly referred to as Q-Day

As both private and public sectors push digital transformation to enhance operational efficiency, sustainability, and security, organisations are actively looking to adopt advanced protective measures to shield against the sophisticated cyber threats of the digital age. Underpinning all of this are telecommunications networks that can provide secure and trusted connectivity.

The coming threat of quantum computing

Yet, a new challenge is still emerging – quantum computers. Fundamentally different from classic computers, these machines operate on the principles of quantum mechanics, using quantum bits, or qubits, enabling them to handle massively parallel computations at a swift pace.

While quantum computing promises substantial benefits to world economies and societal operations, by their very nature, these machines also pose a significant risk to the cryptographic systems that have protected secure communications for decades, potentially allowing threat actors to execute attacks unmatched by today’s standard computers.

Many fear the imminent arrival of a Cryptographically Relevant Quantum Computer (CRQC), commonly referred to as Q-Day. When Q-Day comes, quantum computing will likely make many of the current encryption methodologies obsolete, jeopardising the security of digital infrastructure and economic systems worldwide.

Industry experts believe that quantum computers may achieve this level of power by 2030, if not sooner. A recent DSP Leaders report revealed that nearly two-thirds (64%) of executives from the global telecoms industry think telecoms operators should deploy technology that enables quantum-safe networking between now and 2028 to combat this growing concern. 

This potential reality drives the critical urgency for “quantum-safe” networks – advanced security measures that can withstand the capabilities of quantum computing.

Harvest now, decrypt later

One sinister strategy already in play by some malicious actors is the “harvest now, decrypt later” scheme. Hackers collect encrypted data over time in order to decrypt it once quantum technology has matured enough – posing an immediate and pressing threat to data privacy and security. In fact, more than 50% of organisations believe that they are at risk from HNDL attacks.

Organisations may even already be experiencing breaches with their data stored for future decryption. This persistent threat magnifies the need for quantum-safe networks capable of resisting these deep-future tactics.

Recognising these risks, specific organisations are at the forefront of making networks quantum-resistant. The US CISA, NSA, and NIST agencies have provided industry roadmaps, urging preparation for quantum readiness, a clear indicator of the federal recognition of quantum threats.
Multiple telcos have already made public commitments to quantum safety. Efforts are directed at not only securing their enterprise and government customers against ‘harvest now, decrypt later’ attacks but also ensuring a seamless transition into the era of quantum readiness.

Building quantum-safe networks

As quantum computing continues to advance, so too does the threat landscape, escalating from quantum-speed problem-solving to quantum-speed security breaches. As a result, there is an urgent need to modernise and upgrade networks to multi-layered, defence-in-depth, quantum-safe architectures. Organisations must also extend quantum-safe protection beyond the optical core to IP edges and application layers.

Quantum-safe networks (QSN) employ cryptographic methods that either quantum computers cannot crack or that provide a security infrastructure resilient enough to detect and counteract attempts at quantum decryption. The protection is fortified through a combination of strategies, including:

  • Data encryption: Ensures the confidentiality of critical business information, preventing unauthorised access, disclosure, or use. AES-256 with symmetric key distribution is the gold standard for QSN. 
  • Robust key generation, management, and distribution: Strengthens the network’s defences against an attack. Keys generated by either classic or quantum physics can be quantum-safe, provided asymmetric distribution is avoided. 
  • Independent certification: Verifies the security measures in place are effective and up to date.
  • Integrity assurance: Safeguards data against alteration or corruption during transmission.
  • Guaranteed non-repudiation: Ensures that involved parties cannot deny sending or receiving encrypted messages.

Telecoms providers must evaluate their cryptographic agility in order to understand the implications of post-quantum cryptography for their products and the effort required to offer post-quantum cryptography solutions. 

Related Story:

Creating quantum-safe networks is achievable today using existing tools such as pre-shared keys, traditional physics-based keys of adequate length and symmetric key distribution. These can be further enhanced by leveraging quantum physics generated keys in a hybrid classic/QKD framework.

In the future, mathematical-based cryptography will be adopted at higher, ephemeral connectivity layers. Collectively, these methods constitute a quantum-safe ecosystem, which is projected to evolve further in response to the developing landscape of quantum threats.

Quantum-safe networks are not a futuristic luxury but a present-day necessity. The transition requires time, modest investment, and a strategic approach to security that aligns with the most advanced cyber threats. As quantum computing will make waves through various industries, from electric vehicle innovation to financial forecasting and medical advancements, the flip side of this power must be managed with resilient, adaptable, and robust cybersecurity defences.

The movement towards embedding advanced cybersecurity measures and embracing zero-trust frameworks with quantum-safe encryption across organisations is undeniably the foundational step to future-proofing the digital economy. Organisations must continuously safeguard their most critical assets and customers’ privacy and ensure the uninterrupted continuity of the services that form the backbone of our society. The journey to quantum safety must begin now.

Matthieu Bourguinon
Matthieu Bourguinon / Guest Writer

Matthieu Bourguignon is Senior Vice-President and Head of Europe for Network Infrastructure Business at Nokia