Intelligence

Russian-led Research Team Reports QRate’s Quantum Key Distribution System is Ready For Certification

Russia flag is depicted on a sports cloth fabric with many folds. Sport team waving banner
Russia flag is depicted on a sports cloth fabric with many folds. Sport team waving banner
Xpanse Xpanse

Insider Brief

  • Russia is preparing its first quantum key distribution (QKD) system, developed by QRate, for formal certification, a crucial step before commercialization to ensure protection against known security loopholes and attacks.
  • The study details the evaluation and testing of QRate’s fiber-optic system, using the BB84 protocol with decoy states, identifying several hardware vulnerabilities like detector attacks and proposing countermeasures such as photocurrent measurement.
  • The certification process follows Russia’s national cryptographic standards, highlighting the growing importance of QKD technology in securing sensitive communications in geopolitical contexts.

One of Russia’s first certified quantum key distribution systems (QKD) system is ready to undergo formal certification to ensure its resilience against known security loopholes and attacks, a critical step before commercialization.

In a study on arXiv, the Russian-led international research team reports it prepared a fiber-optic QKD system for this certification process with a battery of tests, concluding that the system seems secure. This QKD system, which appears to be domestically produced, could be used to securely exchange encryption keys between two parties by leveraging the principles of quantum mechanics. This technology ensures that any attempt to eavesdrop on the key transmission can be detected, providing an unprecedented level of security for sensitive communications, such as in financial transactions or government communications.

The study focused on preparing a QKD system by the Russian company QRate for formal certification. The system, which uses the BB84 protocol with decoy states, explained below, is designed to transmit quantum keys through fiber optics with high levels of security. The study provides an in-depth evaluation of the system, focusing on identifying potential vulnerabilities and the measures required to close security loopholes.

According to the paper, the certification of QKD systems is a critical step in the technology’s development, enabling wider deployment by ensuring that they are resistant to known attacks. International standards for QKD are still evolving, but QRate’s system has undergone rigorous scrutiny as it prepares for Russia’s own certification procedures.

Responsive Image

The team writes: “Preparing a QKD system for certification involves (i) documenting the system in sufficient detail for it to be analysed, analyzing it, patching the security loopholes found Sajeed et al. (2021), and proposing the requirements for future certification tests. These four steps should be completed by the developer of the QKD system and possibly involve an external security analysis team. Here we perform them for a commercial system from QRate, utilising the latest developments in vulnerabilities, countermeasures, and security proofs.”

Although Russian cryptographic standards are classified, the findings and processes outlined in the paper also offers a glimpse into those standards, as well as provided useful insights into the challenges faced in securing these advanced cryptographic systems.

The QRate System and BB84 Protocol

QRate’s QKD system employs a prepare-and-measure scheme based on the BB84 protocol with decoy states — a well-established quantum key distribution method that is widely regarded as secure. The system transmits polarized light pulses through optical fibers to securely share cryptographic keys between two parties, often named Alice and Bob, while preventing potential eavesdroppers, referred to as Eve, from accessing the information.

The study explains that the BB84 protocol’s use of decoy states — a method for detecting attempts to intercept or manipulate quantum keys — makes it particularly robust. In the QRate system, light pulses are encoded with information at a rate of 312.5 MHz, a notable speed that highlights its potential for real-world applications. Yet, even with this proven protocol, the authors of the study point out several potential vulnerabilities in the system’s hardware and optical components, which could be exploited if not addressed.

Identifying and Addressing Vulnerabilities

The researchers write that the certification process for QKD systems is not just about checking the encryption protocols; it also involves identifying hardware flaws that could open the door to attacks. The QRate system was found to have several potential vulnerabilities that could be exploited, such as weaknesses in the single-photon detectors (SPDs). SPDs, which are crucial for detecting the quantum bits (qubits) used in the transmission, can be vulnerable to attacks that manipulate the detection process.

The team also discusses “superlinear detector control,” a type of attack where an eavesdropper can overwhelm the system’s detectors with strong light pulses, effectively blinding them and making the system vulnerable. They propose countermeasures such as photocurrent measurement, which would detect when the system is being overloaded, to prevent such attacks.

In addition to SPD vulnerabilities, the system could be exposed to “after-gate attacks” and “falling-edge attacks,” both of which involve manipulating the timing of light pulses to exploit the system’s gating mechanisms. Addressing these timing-related vulnerabilities is complex, requiring precise engineering of the detectors and the quantum pulses.

Quantum key distribution system under evaluation (a prototype built in 2021), with covers removed from Alice and Bob.

The Russian Certification Process

As with most cryptographic systems, certification is essential for QKD systems to ensure their reliability and security. However, in Russia, the certification process for quantum technologies remains largely classified. The study points out that while the system has undergone rigorous internal analysis, the final certification will be carried out under Russia’s national cryptographic standards, which are not publicly available.

Despite this, the study offers an extensive outline of how QRate is preparing its system for certification, providing insights into the types of tests and evaluations required. The system will need to be tested for various optical vulnerabilities, detector mismatches, and potential side-channel attacks — where an attacker could gain information indirectly through flaws in the system’s implementation.

To mitigate the risks, QRate has implemented several hardware and software countermeasures. For example, the company has designed its system to be resistant to detector blinding attacks, a common vulnerability in QKD systems. They have also strengthened the system’s ability to handle timing mismatches in its detectors.

QKD’s National Importance

The study suggests that QRate’s system is being developed in a geopolitical context where the certification of QKD systems is becoming a matter of national importance. While international standards for quantum key distribution are still evolving, Russia is moving forward with its own certification process. This comes amid growing concerns over securing national communications infrastructure, particularly as quantum computing threatens to break traditional encryption methods in the future.

Quantum key distribution is seen as a critical technology in securing communications, not just for individuals and companies but also for governments. Scientists from China — represented on this team — have already made significant strides in deploying QKD in their communication networks, and Russia appears to be positioning itself to develop a domestic QKD systems like QRate’s.

  • Research institutions involved in this include scientists from Russia, China, Thailand, Spain and Canada:
  • Russia: Russian Quantum Center, Skolkovo; NTI Center for Quantum Communications, National University of Science and Technology MISiS; Steklov Mathematical Institute, Russian Academy of Sciences; QRate; National Research University Higher School of Economics
  • Spain: Vigo Quantum Communication Center, University of Vigo; atlanTTic Research Center, University of Vigo
  • Thailand: Department of Physics, Faculty of Science, Mahidol University; Quantum Technology Foundation, Bangkok
  • Canada: Institute for Quantum Computing, University of Waterloo; Department of Physics and Astronomy, University of Waterloo
  • China: Institute for Quantum Information & State Key Laboratory of High Performance Computing, National University of Defense Technology

While not officially labeled in the paper, the QKD system appears mostly domestically produced. However, the global makeup of the team at least suggests that it benefits some international expertise.

For a deeper, more technical look at the research, including details on a list of tests implemented by the team that we did not have space to cover in this summary article, please see the paper on arXiv.

Matt Swayne

With a several-decades long background in journalism and communications, Matt Swayne has worked as a science communicator for an R1 university for more than 12 years, specializing in translating high tech and deep tech for the general audience. He has served as a writer, editor and analyst at The Quantum Insider since its inception. In addition to his service as a science communicator, Matt also develops courses to improve the media and communications skills of scientists and has taught courses. [email protected]

Share this article:

Relevant

More

Recommended

More

Keep track of everything going on in the Quantum Technology Market.

In one place.

Get started

Related Articles

View all

A Superconducting Waltz: Elia Strambini on the Quantum Future of Computing

James Dargan

October 16, 2024

PQC for Critical Sectors Communication Platforms

Quantum Computing and Critical Infrastructure: PQC Is Released, What Now?

Matt Swayne

October 16, 2024

hybrid cv dv qubit

KIST Develops Hybrid Quantum Error Correction, Merging the Power of DV and CV Qubits

Cierra Choucair

October 16, 2024

SWAP-less

ParityQC and University of Innsbruck Introduce SWAP-less, Efficient Quantum Fourier Transform for Limited Connectivity Systems

Cierra Choucair

October 16, 2024

HEMEX Sapphire - Crystal Systems

Improved Performance of Superconducting Qubits Makes Investigation of Sapphire Substrates Compelling as an Alternative to Silicon

Jakob P

December 14, 2023

UK Innovate Report

UK Pushes Quantum Technology Into Healthcare, Eyes 2030 Target

Matt Swayne

October 10, 2024

IBM Roadmap

IBM Quantum Roadmap Guide — Scaling And Expanding The Usefulness of Quantum Computing

Matt Swayne

October 12, 2024

qlass-logo

QLASS Project Secures $6.5M from the European Commission to Develop a Fully-Integrated Quantum Photonic System

Cierra Choucair

October 15, 2024

qiskit code

IBM Releases Qiskit Code Assistant to Streamline Quantum Coding with AI Tools

Cierra Choucair

October 11, 2024

Cookies
We use cookies to improve your experience on our site. By continuing to browse our site, you consent to our use of cookies. For more details, you can manage your preferences under "Settings". Read our cookie policy
Settings Accept all
Cookies
Choose what kind of cookies to accept. Your choice will be saved for one year. Read our cookie policy
Save Accept all

Join Our Newsletter