INDUSTRY PERSPECTIVE
Quantum-Safe Networks – Enhanced Capability and Security With a focus on data protection in the quantum era, Nokia is providing a reliable solution for securing in-flight data against current and future threats
Martin Charbonneau
Philippe Agard
Head of Emerging Markets, Optical Networks, Nokia
Head of Defence Vertical, Nokia
Why do emerging quantum computers pose such a threat to mission-critical defence communications networks? The threat posed to mission-critical defence communications networks by emerging quantum computers stems from their potential to break widely used encryption algorithms, compromising the confidentiality, integrity and long-term security of sensitive and classified information. Therefore, it is imperative to address this threat by investing in quantum-safe cryptography and adapting military communications systems accordingly. • Breaking public-key cryptography: Public-key cryptography is often used in defence communications networks for secure key exchange, digital signatures and secure communication channels. However, common public-key algorithms, such as RSA and Elliptic Curve Cryptography (ECC),
•
are vulnerable to attack by quantum computers. If an adversary is able to intercept encrypted defence communications during transmission, or gains access to stored data, they could subsequently use a quantum computer to break the encryption and compromise the confidentiality and integrity of the data and/or communication. Longevity of encrypted data: Defence communications networks often require long-term security for classified information, which means that cryptographic systems need to be designed to protect the confidentiality and integrity of data for extended periods. However, if an adversary captures encrypted data and stores it for future decryption with a quantum computer, the security of that data could be compromised once a powerful quantum computer becomes available.
What is unique about Nokia’s Quantum-Safe Networks solution and how does it work? Nokia’s Quantum-Safe Networks (QSN) solution offers a comprehensive and robust framework that encompasses multi-networks, including wireless, wireline, terrestrial and subsea connectivity. With a focus on data protection in the quantum era, our solution provides a reliable transport solution for securing data in-flight against today’s and future quantum-computer threats. These solutions leverage existing encryption standards and are able to incorporate future standards once available and ratified, such as those based on the NIST PQC activity. Nokia’s Quantum-Safe Networks solution encrypts and decrypts data in-flight in the many connectivity domains of our rich portfolio, including optical terrestrial and subsea, IP, microwave and even mobile. We achieve this in-flight data protection via the quantum-safe AES-256 block cipher. When it comes to quantum-safe keys, Nokia uses two types and two different methods to obtain them: physics-based keys and mathematics-based keys via symmetrical and asymmetrical encryption. In symmetrical cryptography, we use pre-shared keys (PSK), so the same PSK is used for encryption and decryption of the in-flight data at both endpoints. Such cryptography is foreseen to be used with engineered connections, such as: