Paul van Gerven
19 October 2020

For ‘classic’ cryptographic standards, there are authorities to certify system security. But where do you go when you’re using quantum cryptography? Eindhoven University of Technology hopes to become the place to be for quantum cryptography certification.

Eindhoven University of Technology (TUE) is setting up a security test environment for quantum key distribution (QKD) technology in real-world applications. Along with accelerating the adoption of quantum cryptography, TUE aspires to become a worldwide hub for quantum security validation and certification.

In QKD, quantum properties of photons such as polarization state and entanglement are used to create cryptographic keys. These keys, in turn, are used to establish safe communication channels. QKD’s strength lies in the fact that anyone attempting to eavesdrop on the key will be caught. This is inherent to the quantum nature of the key: quantum mechanics dictates that any measurement to a quantum system disturbs the system. Hence, any attempt by third parties to reveal the key will lead to detectable anomalies.

QKD technology is already quite mature; there are even commercial implementations available. However, there’s no infrastructure available to validate the safety of QKD systems. “For our current cryptographic standards, we have protocols, security and validation tests. There are even authorities that can certify whether your system is safe. There’s no such thing for QKD,” says Idelfonso Tafur Monroy, TUE professor at the Electro-Optical Communication group and the Center for Quantum Materials and Technology Eindhoven (link in Dutch).

Real attacks

This is where TUE steps in. Tafur Monroy is currently building a testbed to ascertain if a QKD system is viable and secure. “It’s not a lab, it’s not a computer, but it’s the closest thing to real-world deployment, with real nodes, real fibers, real systems, and we’re also going to run real attacks to test whether systems are secure.”

The first use case is autonomous driving, which obviously has to deal with major security risks: hackers being able to take control of vehicles is clearly something nobody wants. Latching on to existing research projects in the Eindhoven region, QKD will be introduced to secure communication between the 5G link, the cars and the edge-computing nodes. Tafur Monroy: “We expect to have a fully quantum-secured 5G autonomous driving system by the end of next year.”

TUE’s testbed centers around the optical fiber network ring around Eindhoven. Credit: Eindhoven University of Technology

All elements of the testbed are connected to each other via the existing optical fiber network ring around the city of Eindhoven. This ring also connects the labs on the TUE campus with various test locations in the region, enabling the expansion of the testbed for other applications. Next on the list are robotic communication for industrial inspection and civilian and governmental data in the city of Waalre, near Eindhoven. After that, additional use cases may follow.

Ultimate dream

In parallel, Tafur Monroy will work on miniaturization and cost reduction of QKD components and systems, which will accelerate their adoption. “We have the knowledge and technology in Eindhoven to eventually manufacture QKD in – photonic – chips so that they also fit into a mobile phone,” says Tafur Monroy. His ultimate dream is to play a role in the ‘certification’ of QKD cybersecurity solutions. “This would allow people to come to Eindhoven with their chip or QKD product and we can guarantee that it passes the quantum cryptography test.”