A Home for Quantum Cat Videos?

How Quantum Mechanics May Shape the Internet and Cybersecurity

Key Takeaways:

• Devices based on quantum mechanics — “quantum technologies” — use three unique features: superposition, entanglement, and tunneling. Superposition enables future quantum computers to solve problems that are too complex for normal (classical) computers, including breaking today’s internet encryption 💻🤦‍♀.️ Entanglement allows communication that is (in theory) unhackable, even with unlimited computer power.
• Quantum computers are the hardest part of the quantum technology stack. The level of the integration and the resources needed to design, build, and run them are crazy, and their commercial applications are still being explored. While exciting, it is a tough space for early-stage investment! We’ll discuss why in the next post.
• To protect against future quantum computers (they ARE coming), there is an immediate need for cybersecurity technologies to replace the current standard. Some of of the solutions proposed are based on quantum mechanics, like quantum key distribution (QKD) technologies. Other solutions are to use harder math problems that *should be* impossible for quantum computers to solve — this area is called post-quantum cryptography (PQC), and is the approach preferred by the National Security Agency.
• China and other countries around the world are investing heavily into building out “quantum internet” networks, which will allow for (in theory) unhackable communication. Quantum communications can be sent via fiberoptic cables, or relayed via satellites.
• The main value proposition for the quantum internet is security, not speed. The quantum communication networks that exist today are in their infancy and still too slow to be practical, even for applications requiring extreme security. To increase their usefulness, the rate that quantum keys are generated needs to be increased, and better methods to transmit entangled photons over long distances (e.g. quantum repeaters, better more secure relays, and/or low-loss transmission fibers) need to be developed.
• The internet infrastructure that we use today will not be replaced by a quantum internet anytime soon. We will be accessing quantum computers from the cloud well before then!

Quantum technology isn’t only about quantum computers, although they tend to dominate headlines and hype cycle. The biggest recent splash was Google’s demonstration of quantum supremacy in 2019. Following this, high profile executives have made predictions that quantum will be “the smartphone of the 2020s”.

However, while quantum computers will unlock some amazing capabilities, most experts agree that major commercial applications of real quantum computers are 15+ years away. In the words of one friend and advisor:

“If the physicists are excited, we don’t understand it and it’s still at least 20 years out.”

As early stage deeptech investors, we’re continuously scanning the horizon for technologies that will change the world in the next ten years. The most obvious and largest market for quantum technology in the near-term is in cybersecurity, so that’s where we’ll start in this post. It’s difficult to talk about quantum security technologies without also discussing quantum communication and the quantum internet, so we’ll touch on these applications of quantum mechanics too. This post will also feature several shots of PML kitty “Littles”, because isn’t that what the internet is for?

But first, let’s quickly align on what quantum technologies are!

Quantum Technologies are Based on Quantum Mechanics

If it’s been a few years since science class, quantum mechanics is the part of physics that looks at subatomic particles (the physics of things smaller than atoms): electrons, light, radiowaves, and other forms of energy. For things bigger than atoms, and at speeds much lower than the speed of light, normal “classical” physics works just fine. When you get smaller or faster, classical physics start to fall apart — you need quantum mechanics to make sense of things.

At the quantum scale, three unique properties emerge: superposition, entanglement, and tunneling. Superposition is perhaps the most well-known part of quantum mechanics, thanks to the rather grim “Schrodinger’s cat” thought experiment. The superposition principle is the idea that something — an electron, a photon, a cat— is in all possible states at the same time until it is measured. A cat in the box is a superposition of two states, alive or dead, until the box is opened (then it is definitely one or the other!) Practically, superposition enables future quantum computers to solve problems that are too complex for normal (classical) computers, by exploring many possible configurations at once. [1]

“Quantum Superposition” as interpreted by Littles (courtesy of Dan Slomski)

Entanglement, or what Einstein referred to as “spooky action at a distance”, happens naturally when two particles are created at the same point and instant in space. These particles are governed by the same mathematical relation known as a wavefunction, so information about one particle can be figured out by measuring the other. The connection between these particles allows people to communicate in ways that are in theory unhackable, even with unlimited computer power.

Quantum tunneling has important implications for nuclear fusion events, scanning tunneling microscopes, and offers one way to generate truly random numbers. It can also enable faster ways to solve optimization problems, which we’ll talk about more in a later post on quantum computing.

The invention of the transistor (the basis of today’s computers), lasers, GPS, semi-conductor devices and MRI imagers are all based on improvements in our understanding of quantum mechanics. These devices are part of what’s sometimes called the “First Quantum Revolution”, which started in the early 1920s. In the First Quantum Revolution, we used quantum mechanics to understand what already existed, and used this knowledge to make some really great devices!

In the second “quantum revolution” that is beginning to ramp up, we are now creating quantum states that wouldn’t occur naturally. Quantum technology companies are manipulating photons, ions or atoms into quantum states to store or retrieve specific information. This information is stored in quantum bits, or qubits, which can hold more information than the typical 1 or 0 bits of today’s computers.

Quantum Security

One thing we know: quantum computers will be great at breaking current internet encryption protocols. In secure data transmission, the information can only be accessed if someone has the key to decrypt it. Today, secure data transmission over the internet mostly uses RSA encryption, which relies on the fact that today’s computers cannot factor large numbers in a reasonable amount of time. RSA encryption uses prime numbers multiplied together that equal a larger number as components of the key. (For example, 15 can be factored into 3 and 5.) This is hard because real RSA keys use numbers that are 1000 digits long. However, factoring 1000 digit numbers is something quantum computers can do very efficiently.

We’ve known that this is a problem since 1995, when mathematician Peter Shor proposed an algorithm to rapidly factor 1000 digit numbers on a quantum computer. (Here’s an explanation of Shor’s algorithm for the math folks, and a lighter version.) Shor’s algorithm was demonstrated in 2001 by a group at IBM, which factored 15 into 3 and 5, using a quantum computer with 7 qubits.

Although powerful quantum computers are still potentially 20 years out, today’s data are vulnerable to intercept now/decrypt later attacks. A hacker could steal and hold on to encrypted data until quantum computers that can break RSA are available, then crack the encryption. Organizations like NIST (which publishes crypto standards and guidelines) also note that it has taken almost two decades to deploy our modern public key cryptography infrastructure. To implement a new standard before sufficiently powerful quantum computers are developed to break RSA, the roll out needs to begin ASAP.

Cybersecurity Solutions: Math vs Physics/Engineering

There are several ways to make “quantum safe” data encryption. One approach is to just come up with a harder math problem that will take classical and quantum computers many many years to solve. This field is called “post quantum cryptography” (PQC), and is likely how standard internet traffic will be secured in the future.

The challenge of the math approach, as I see it (and those working on this, please correct me!) is that there’s really no way to know or prove that a math problem or algorithm won’t be solvable by some new computational paradigm in the future. (What will we be able to do with exascale computers?) The benefit is that this strategy involves primarily a software rewrite rather than deploying quantum hardware (which introduces security vulnerabilities).

Rather than use an algorithm to generate secret keys, quantum cybersecurity technologies use quantum mechanics to generate secure keys that allow communication through entanglement. Basically, optics are used to generate pairs of quantum particles (e.g. photons, electrons, neutrons) that are entangled, which remember means that their physical properties are correlated — if you know something about one particle, you automatically know something about the other.

Imagine a quantum burrito restaurant. Alice orders two burritos, one carnitas and one veggie supreme. A delivery person takes one of these foil-wrapped burritos to Alice, and one is sent with another delivery person to Bob. When Alice opens her burrito, she instantly knows which burrito Bob has — the burritos were effectively entangled. Similarly, two entangled photons can be sent to different people, and they would instantly know information about the other person’s photon.

Quantum burrito measurement.

Even better — if an intruder intercepted the message, not only would they not have the full set of information to decode the message, but measuring the photon would alert Alice and Bob that something nefarious was happening. Another key point of quantum mechanics is that measuring a quantum system changes it. If someone opened the foil to identify the burrito, Alice and Bob would know!

Because of this, a cryptography system based on quantum mechanics is in theory unhackable, backed by the laws of physics. This is due to the “observer effect” — a quantum state cannot be observed without changing it. If an entangled photon were intercepted and measured, this would introduce errors that can be detected.

Many of the quantum security technologies that are available today use a set of technologies called Quantum Key Distribution (QKD). These technologies use different methods to securely generate a “quantum key”, that only Alice and Bob know. They can then use this key to encode the messages they send back and forth, rather than relying on a protocol like RSA. Because they are generating the keys themselves with a piece of quantum mechanical equipment, an eavesdropper Eve couldn’t break the code even with unlimited computational power (as long as no one gets their keys, and the hardware they use to generate the keys isn’t tampered with). “Security based on the laws of physics” became the selling slogan of QKD.

“Quantum Entangled Photon Generator” — this currently don’t look very Star-trek like, but I have high hopes for the future… (Image by nateOne, under CC BY 2.0)

In reality, the security of these systems depends on how they are implemented. This is where engineering really matters. While the underlying physics may be sound, the hardware used can be vulnerable to attack — see [2] for examples. For instance, the laws of physics do not prevent someone from reading the outcomes of a detector (i.e. hiding a camera in Bob’s house to spy on what he’s eating, or at the burrito shop to see which burritos are being made).

Still, QKD and other quantum cryptography methods aren’t more problematic than classical cryptography. In fact, QKD does have an advantage over classical methods, namely that once encoded, the key itself (the burrito) is more secure against hacking.

Decisions, decisions…

So should future encryption strategies be based on math or physics? In the US, this is a question that the National Institute of Standards and Technologies (NIST) and the National Security Agency (NSA) have been exploring for the past five years. Last fall, the NSA issued the following statement regarding quantum security technologies, specifically QKD:

“In summary, NSA views quantum-resistant (or post-quantum) cryptography as a more cost effective and easily maintained solution than quantum key distribution. For all of these reasons, NSA does not support the usage of QKD or QC to protect communications in National Security Systems, and does not anticipate certifying or approving any QKD or QC security products for usage by NSS customers unless these limitations are overcome.” [3], [4]

As an investor considering quantum technologies with near-term applications (like QKD), this gives me pause… if the NSA, clearly one of the biggest potential customers for encryption, is not interested, the market for QKD technologies may be limited. Others with secure data needs may reach similar conclusions or take their cue from the NSA.

This does not mean that a fully secure or “unconditional security” with QKD is impossible, or that QKD products won’t be successful in some markets. Since the idea of QKD was first proposed in 1984, researchers have been iterating and improving on both the way information is encoded and the hardware. This also hasn’t stopped QKD technologies from being deployed out in the real world. The Swiss first used a QKD technology developed by IDQuantique in a 2007 election to securely transmit votes to a counting station. Today a dozen other companies offer commercial QKD product, sincluding Qubitekk, Quantum Xchange, ETSI, Quintessence Labs, Toshiba, and several startups. [5]

The Quantum Internet: Achieving Quantum Cat Videos

About a month ago, a Chinese university announced that it had built the world’s first quantum communication network. The network is made up of 700 optical fibers (the same fibers that internet providers like Sonic and Google use), plus two ground-to-satellite links, connected by trusted relays. [6] This project sets up key infrastructure to enable quantum key distribution over a total distance of 4,600 kilometers (about the distance from SF to NYC) for users across the country.

How does a “quantum internet” work, and what makes it better? Will we all one day have quantum internet at home?

“Quantum Entanglement: Self-interference of Photons” by someHerrings under CC BY-NC-SA 2.0

As for how it works, both the normal internet and quantum internet can send information over optical fibers, or over radio waves (e.g. satellite internet like Viasat). This information is carried by photons, which are neat little packets (or “quanta”) of energy.

Quantum communication is mostly done with entangled photons, which can be generated today (albeit this tech is not yet highly optimized). However in addition to needing special equipment to generate these photons, their entangled nature introduces challenges for long-distance communication. In typical fiberoptic cable, single photons are destroyed by noise after about 50km. [7] This signal reduction isn’t a problem in normal fiber communications because you can just amplify the number of photons you use to send the information — if you lose a few, it doesn’t matter. However, there is a “no-cloning” law of physics for entangled systems — you can’t copy or amplify entangled photons.

This means that the quantum message needs to either be received and resent every 10–50 km by a trusted relay (which could be hacked), or that quantum repeaters are needed to rebroadcast quantum communication signals. While classical repeaters are used to broadcast radio signals all over the world, quantum repeater technology, like quantum computers, is still in development.

A “quantum internet” is desirable for security, not speed. Photons travel at the same speed whether or not they are entangled, so there is not a speed advantage. Currently the quantum key generation rate is too slow to be useful, and the associated signal processing will probably be slower for quantum hardware too. It certainly won’t be cheaper.

Regarding the quantum communication network in China, the most valuable part of this project will the be their learnings on how to build a system like this, and the accompanying entanglement research. While the rate of the key exchange was too low for practical use, this also was a major proof point that quantum communications can indeed be built. While the US, Japan, Canada, Singapore, and Europe initially led the efforts in quantum key distribution, China has clearly taken the lead.

Most of the driver for building out quantum communication networks appears to be international competition: the United States, the U.S. firm Battelle, together with the Swiss company ID Quantique, is constructing a 400 mile link between Columbus, Ohio, and Washington, D.C. [8] A smaller quantum communication network is being built between Stoneybrook and Brookhaven labs in New York. Europe is also building out several links to test QKD technology.

It is difficult to say when and how commercial quantum communications networks will be built out, and who outside the defense space will drive adoption. As potentially the most secure way to send information, it is clearly valuable for defense applications, banks, power grids and healthcare providers to varying degrees. Unfortunately, the quantum internet probably won’t have cat videos any time soon!

Summary

In this post, we described what sets technologies based on quantum mechanics apart: superposition, entanglement, and tunneling. The prospect of quantum computers that can break current RSA encryption is driving major research and commercialization efforts in cybersecurity. The organizations responsible for internet security in the US, the NSA and NIST, seem focused on post-quantum cryptography solutions (better algorithms that can run on classical computers). This is good, because we will all most likely be running classical computers on the classical internet for some time!

It is worth noting that interesting things are happening in the world of quantum communication. Countries (particularly China) are linking together fiberoptic cables to provide the backbone for highly secure communication networks based on quantum principles. Quantum Key Distribution (QKD) has been commercialized and deployed in demonstrations around the world — the back-and-forth in the literature shows that these systems are being continually refined and improved to address loopholes created by system architecture and engineering. While the market for quantum cybersecurity technologies is still largely nascent, there is enough activity in this space that it could quickly take off following a highly publicized breach (or scary hacking event like the one on Ukraine’s power grid several years ago.)

There are other interesting near-term applications for quantum technology that we didn’t cover, particularly quantum sensing technologies. Demand for these technologies is still small (and driven by R&D in other organizations), but I think this is an area to watch closely — they could enable an “unfair advantage” for adopters in other sectors.

With all that said, here is a final disclaimer, again from the world of XKCD:

https://imgs.xkcd.com/comics/quantum_mechanics.png

Many thanks to the extremely smart and patient scientists, entrepreneurs, and advisors who informed this post through discussions. Any errors are my own, and I would love the opportunity to correct them!

Notes

1. For example, classical computing optimization routines struggle with problems like the “traveling salesman problem” and the “bin-packing problem”, where there are a multitude of discrete options. Gradient solving methods don’t work here. Quantum computers are expected to perform much better on these types of problems, and for simulating things found in nature (like chemistry and material science).
2. This “black paper” on quantum cryptography from 2014 illustrates some practical examples of how some QKD schemes might be (or have been) hacked. If you’re curious what the hardware actually looks like, watch this 5-min video abstract on a quantum hacking technique. It may be 10 years old but trust me, oscilloscopes in physics labs still look exactly the same!
3. The US National Security Agency (NSA) spelled out its reasoning for this statement in a public whitepaper. It does not recommend the use of QKD for national security given its current limitations: a) There isn’t a good way to authenticate the source of the keys. You need pre-placed keys to be sure they haven’t been compromised. b) The specific hardware used to perform QKD can introduce vulnerabilities, resulting in several well-publicized attacks on commercial QKD systems. c) Quantum key distribution increases infrastructure costs and insider threat risks. QKD networks frequently necessitate the use of trusted relays, entailing additional cost for secure facilities and additional security risk from insider threats. d) Denial of service — if the message is intercepted, it is disrupted and doesn’t get through.
4. Companies in the QKD space (and there are many) have of course responded to the NSA’s statements… see for example QuantumSafe’s article in Forbes.
5. What makes a good quantum key distribution system? Like current public-key infrastructure systems, the keys are generated by random number generators (RNGs). There are two main categories of RNGs — pseudo random number generators (PRNGs) and True or Hardware RNGs, that measure a physical phenomenon that is expected to be random (e.g. noise in a measurement). Quantum key distribution systems include quantum random number generators (QRNGs), which use quantum phenomenon. For example, Quintessence Labs measures charged particles tunneling through a barrier they shouldn’t classically be able to cross.
   The speed of a quantum random number generator is essential for practical applications, such as high-speed quantum key distribution systems. For example, getting a QRNG to 68 Gpbs requires not only high-speed photodetector with high sampling rate, but also a very stable interferometer (or one that incorporates active feedback. There’s usually a trade-off between “true” randomness and speed.
   Despite how complicated all this sounds, you don’t need a fully equipped physics lab to generate quantum random numbers; you can have a physical process happen inside a small electronic module inside your computer, that is monitored to generate the QRNGs.
6. In 2016, China launched the world’s first quantum communication satellite (QUESS, or Mozi/Micius) and achieved quantum key distribution with ground stations in China and Austria, roughly 2,600 km apart. (NYT, Nature, BBC) While traditional communications satellites send signals use radio waves, the Chinese/Austrian quantum communication satellite uses a crystal to produce a pair of entangled photons whose properties are dependent on each other — one photon from each pair was beamed down to base stations in China and Austria. (More on how this worked.)
7. In space, there is much less interference, and the distance from the satellite’s orbit to ground is 500 km. (Although aiming them is tricky!)
8. A brief perspective from the Brookings Institute: “The first QKD network was established in Boston by DARPA in 2003 and, by 2004, ran between Harvard University, Boston University, and the offices of the research firm Bolt, Beranek, and Newman. Between 2008 and 2009, the European FP6 project integrated several QKD systems into one QKD backbone in Vienna. In 2010, researchers in Tokyo demonstrated a QKD network with encryption for video.” A quantum communication network covering ~140km is currently being built out in New York between Stoneybrook and Brookhaven labs.

Prime Movers Lab invests in breakthrough scientific startups founded by Prime Movers, the inventors who transform billions of lives. We invest in companies reinventing energy, transportation, infrastructure, manufacturing, human augmentation, and agriculture.

Sign up here if you are not already subscribed to our blog.