Rouven Floeter, ABB Power Systems, Grid Automation Baden, Switzerland; rouven.floeter@ch.abb.com
Mission critical systems, such as railway, air-traffic control or power-grids require encryption that is both extremely secure and provide long term data protection in a post-quantum world. Quantum physics provides such a solution.
Industry is becoming more and more digital and more and more interconnected. Ever increasing volumes of data are being transmitted. Some of this data requires a high level of security and even long-term futureproof protection, especially in mission-critical processes. Even communication links that are physically protected and encrypted are not invulnerable to attacks. Physical security can be worked around, and there are sniffing methods that permit data to be coupled from a communication line without requiring physical contact to the device.
Cryptography revolves around digital keys. A key is essentially a large number used to encrypt data. If a third party eavesdrops on the transmission, they can observe and record the individual bits of the message, but if they do not know the key, the number crunching required to break the code is so large as to be unviable.
Secure transmission has two phases: the encryption of the data and the exchange of the necessary keys. Conventional methods based on mathematically generated random numbers will soon no longer be sufficient for secure key generation, because the computers they run on are themselves deterministic, and because quantum computers will soon be able to crack this type of asymmetric encryption. Quantum safe cryptography breaks new ground and uses a method that uses the physical properties of light to generate truly random numbers.
One simple way of achieving this is to consider a photon hitting a semi transparent mirror. A single photon can be reflected from the surface or transmitted through it, but not both at the same time. If one detector is positioned to register a transmitted photon and another a reflected photon, the combination of the outputs of both detectors forms a truly random binary sequence. →1
The second phase is the key transmission. In quantum key distribution, the basic idea is that the orientation of the electric field of a photon is used to transmit the keys. To transmit the keys, a transmitter generates photons with random orientation. As soon as a hacker tries to listen to the key, he changes the bits of the quantum code.
The reading process already changes the state. Sender and receiver detect this, and the attempted eavesdropping is revealed. The key generation and transmission starts again from the beginning. The quantum method for key distribution has already been successfully tested and makes data transmission much more secure.
The best cryptography is of little value in a mission-critical system if the special requirements of mission-critical applications regarding communication performance (eg, jitter, migration, latency), but also regarding the availability of the communication infrastructure are not taken into account by extensive measurements of these critical parameters.
In 2017, ABB acquired the network business of KEYMILE and is now able to offer quantum-safe communication solution for critical infrastructure. By installing devices such as the SECU1 encryption card →2 between a device and the network, communications can be made secure without adding to latency.
