Hitachi ABB Provides Quantum Safe encryption

By Hubert Yoshida posted 08-11-2021 00:11


Current public-key algorithms for encryption are dependent on one of three hard mathematical  problems: the integer factorization problem, the discrete logarithm problem, or the ellipti-curve discrete logarithm problem. Although current computers do not have the processing power to solve these problems and decipher our encryption keys, all these problems can be easily solved by a sufficiently powerful quantum computer.  Current quantum computers in the 50 to 100 Qubit range are not a threat today. However, if we believe Neven’s Law that the quantum computer is gaining computational power at a doubly exponential rate, it won’t be too long before this happens.

There is good news in that there are other ways to develop encryption keys and distribute them securely that are not based on mathematical problems that a quantum computer can solve.  The bad news is the process of selecting an algorithm, standardizing it, and implementing it will take years and even decades.

NIST (National Institute of Standards and Technology)  has been working to evaluate and select post-quantum encryption algorithms since 2016, and the migration process is also expected to be a lengthy process. Because nothing can protect today’s hardware, software, applications or data from a quantum-enabled adversary, encryption keys and data will require re-encrypting with a quantum-resistant algorithm and deleting or physically securing copies and backups. What’s more, replacing cryptographic algorithms requires all system components -- protocols, schemes and infrastructures -- be ready to process the new encryption scheme. As a result, NIST said, “algorithm replacement can be extremely disruptive and often takes decades to complete”

To ease the migration from public-key cryptographic algorithms to quantum-resistant algorithms, the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence (NCCOE) has released a draft document describing migration challenges and approaches for facilitating that migration.

The goal of NIST is to develop standards for post-quantum cryptography (also called quantum-resistant cryptography) in order to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.

However, this will take time. What can you do if you need to implement a new project today and want to ensure its security for the next 40 years?

The Sultanate of Oman,  is in the process of installing a high-reliability grid communications technology solution. This will protect the critical digital electrical infrastructure for the Oman Electricity Transmission Company (OETC). OETC owns and operates Oman’s main electricity transmission network and sends power from generating stations to load centers throughout the country. The company monitors and controls its entire electricity transmission system, including 93 substations, through a load dispatch center (LDC) in its capital, Muscat.
OETC’s new telecommunication system will connect to the existing utility communications network and provide services for a supervisory control and data acquisition (SCADA) system, as well as other applications. SCADA is a computer-based system for gathering and analyzing real-time data to monitor and control equipment that deal with critical and time-sensitive materials or events. Security was a key requirement for the upgrade, as new packet-switched technology could make the communication network more vulnerable to threats. They were also mindful of the possibility of post quantum computer hacks.

OETC decided to work with Hitachi ABB Power Grids’ FOX615 quantum-safe network solution. This solution enabled OETC to meet all their requirements in a single product, by minimizing operational complexity, while eliminating migration risk and service disruption. Through modular design, the device can scale to support multiple services, each with its own set of specific requirements, over a shared packet infrastructure with guaranteed performance.
This new communication system for OETC is among the first in the world* to feature a quantum-safe security card with E2E encryption for mission-critical utility networks. The quantum-safe security solution uses physical properties of light to generate truly random encryption keys, guaranteeing security with real-time performance.

Mission critical systems, such as railway, air-traffic control or power-grids require encryption that is both extremely secure and provide long term data protection in a post-quantum world. Quantum physics provides such a solution. Secure transmission has two phases: the encryption of the data and the exchange of the necessary keys. Conventional methods based on mathematically generated random numbers will soon no longer be sufficient for secure key generation, because the computers they run on are themselves deterministic, and because quantum computers will soon be able to crack this type of asymmetric encryption. Quantum safe cryptography breaks new ground and uses a method that uses the physical properties of light to generate truly random numbers. Hitachi ABB’s SECU1 encryption card uses quantum physics to create encryption keys in a truly nondeterministic manner.

The second phase is the key transmission. In quantum key distribution, the basic idea is that the orientation of the electric field of a photon is used to transmit the keys. To transmit the keys, a transmitter generates photons with random orientation. As soon as a hacker tries to listen to the key, he changes the bits of the quantum code. The quantum method for key distribution has already been successfully tested and makes data transmission much more secure.

In 2017, ABB acquired the network business of KEYMILE and is now able to offer quantum-safe communication solution for critical infrastructure. End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another. In E2EE, the data is encrypted on the sender's system or device, and only the intended recipient can decrypt it. As it travels to its destination, the message cannot be read or tampered with by an internet service provider (ISP), application service provider, hacker or any other entity or service. By installing devices such as the SECU1 encryption card →2 between a device and the network, communications can be made quantum safe.

Hitachi ABB Power Grids launched its Smart Digital Substation offering which brings together digital substation technology with the predictive, prescriptive and prognostic capabilities of Hitachi’s Lumada Asset Performance Management (APM) solution.