Cyber Technology Transitions From the Lab to the Street
National laboratory research promises to transform cybersecurity.
Quantum encryption technology created in a national laboratory will be available this summer to government and commercial clients. The system provides faster and more cost-effective cryptographic services with long-term system security. Future iterations may be available for laptops and handheld devices, dramatically improving on-the-job communications security for first responders and other professionals who rely on communications on the go.
The story of the Quantum Secured Communications (QSC) system is one of a government-private sector partnership. The system was developed over two decades at Los Alamos National Laboratories (LANL). The U.S. Homeland Security Department’s (DHS’s) Science and Technology Directorate then transitioned it to Allied Minds Company, which created Whitewood Encryption Systems Incorporated to further develop and market the technology.
“What we’ve licensed from Los Alamos are 21 patents or patent filings for quantum cryptography,” explains John Serafini, a vice president with Allied Minds and general manager for Whitewood Encryption Systems. “Really that portfolio breaks down to two primary products. The first is a quantum random number generator. The second is a system of quantum key management.”
Random number generators create a cryptographic code for securing communications, whether digital, audio or video. All communicating parties must have the code, also known as a key. Ideally, anyone without the code is locked out. But with many traditional cryptography systems, random isn’t quite random enough. “All systems of encryption depend upon randomness, or entropy, to generate secure keys. If you have a system of random number generation that is faulty—for example, it can be reverse engineered—then it’s possible for an attacker to decrypt the information,” Serafini says.
Quantum mechanics, he adds, is the only source of true entropy in the entire universe. “In order to have a random number generator that’s producing entropy at very high throughput rates—gigabit-type speeds—you have to move away from software and use a true random number generator, which we are building using the physics of light,” he elaborates.
Additionally, quantum encryption is theoretically tamperproof because any act by an outsider—even viewing the encryption code—will alter the code, indicating the data has been compromised. “It’s a little mind blowing. If somebody even tries to measure something that’s quantum, that measurement in and of itself fundamentally changes what they’re trying to measure,” says Michael Pozmantier, Transition to Practice program manager, Cyber Security Division, Science and Technology Directorate, DHS. In this position, Pozmantier is responsible for identifying cybersecurity technologies developed in national labs or funded by government agencies and helping to find commercial partners to get the technology to market.
Initial versions of the QSC will be available in the coming months. “We anticipate releasing our product sometime this summer. The entropy management platform allows the client to properly select the source of entropy, test that source of entropy, install it into any system of encryption and then provide periodic health checks to ensure that it is operating appropriately,” Serafini reports. “In addition, clients will be able to upgrade their source of entropy to have it come from our stream generated by our quantum random number generator.”
While the quantum random number generator and the entropy management platform are designed to be complementary, they can be used separately. The entropy management system will feature an open-source portion that enables clients to select entropy and install that entropy with their system of encryption. “They can use one or the other,” Serafini says.
Whitewood will offer three “flavors,” Serafini says. The first is a peripheral component interconnect that can be inserted into a client’s server to provide entropy locally at the server level for any transactions the server conducts. The second has been bulked up into its own server to be installed in a data center or colocation facility to support many servers within the center. This version would be installed into the network infrastructure.
In the future, the third version will shrink the quantum random number generator capability to a chipset in silicon to be embedded within various original equipment manufacturer systems, including laptops, personal computers, tablets and mobile devices.
For the smaller platforms, Serafini says, emergency services communicators will be among the ideal users. “Certainly, first responders are cognizant of data protection requirements that have certain accreditation standards to be met. As the U.S. government thinks critically about assuring high levels of entropy are installed within systems of encryption, we would anticipate that government standards will require a true source of entropy to enforce certain encryption standards,” he states.
The National Institute of Standards and Technology currently is working on encryption standards. “We built our quantum random number generator to be uniquely capable of meeting those draft recommended standards,” Serafini reveals.
Quantum-based encryption systems already exist, but the QSC pushes the technology further, Pozmantier indicates. “It’s not the first, but it is, I think, by far the most effective and fastest. The quantum random number generator is far beyond what anyone else has been able to achieve that’s on the commercial market,” declares Pozmantier. Allied Minds officials decline to disclose the system’s speed, saying the time is not yet right.
Vulnerabilities often arise when traditional encryption is implemented even if the algorithm itself is sound. QSC developers tried to remove some of the difficulty of implementation with an open source entropy library. “Around that [library] will be a subscription-based model for the entropy management ... and then if the clients desire to have a high-throughput source of randomness, they can select our quantum random number generator to produce that entropy for them,” Serafini says. If a customer wants to acquire the quantum random number generator either as a peripheral component interconnect, or PCI, board deployed locally at the server or as a server, the organization can do so without using the management platform, he adds.
The QSC was the first technology Pozmantier’s team transitioned to the commercial market. The Transition to Practice program allows up to three years to develop a technology into a commercial product, but the QSC did so in about nine months. Because this transition is the program’s first and because the transition happened so quickly, team members are left wrestling with whether they still have a role to play. “Our job is not to promote Whitewood Encryption Systems, but what I think we can do is still promote the technology through Los Alamos,” Pozmantier explains.
The Allied Minds business model centers around the adoption of research and development projects. “We specialize in finding and transforming intellectual properties that exist in federal labs and universities, working with those institutions to further incubate the capability and eventually licensing them and commercializing the technologies,” Serafini explains.
The company was introduced to the QSC in late 2013 and learned the LANL had issued a request for proposals in search of a commercialization partner for the quantum cryptography portfolio. Allied Minds entered a proposal and was ultimately selected.
Pozmantier, of course, was the one who introduced the technology to Allied Minds, but he admits he didn’t quite get it the first time he learned about the QSC. “The lead scientist explained it very scientifically to me, and I knew there was something very interesting there, but I didn’t really fully grasp what it was,” he says.