SlideShare a Scribd company logo
1 of 25
Download to read offline
© 2022 Juniper Networks 1
Chief Architect Juniper Networks
Exploring Quantum Technology
for Networking
Melchior Aelmans
© 2022 Juniper Networks 2
Your computer can factor a 100-digit number in 17 minutes.
A 200-digit number would take about 75 years.
And it gets exponentially more difficult with more digits.
Sounds as if we are safe right?
© 2022 Juniper Networks 3
Source: https://www.laserfocusworld.com/test-measurement/research/article/14067750/ibm-and-fraunhofergesellschaft-team-up-to-promote-quantum-computing-in-europe
© 2022 Juniper Networks 4
Public Key
Cryptography
or
Quantum Key
Distribution
© 2022 Juniper Networks 5
Public Key Cryptography
Steel-Belted Radius
TLS
Asymmetric Public Key
Cryptography
MACsec AES-256
AES-256 has no known vulnerability itself from Quantum computers
MACsec AES-256
Public-key cryptography is vulnerable
when a quantum computer with
enough qubits becomes available. Then
Shor's algorithm can be used to break
public-key cryptography schemes.
© 2022 Juniper Networks 6
How does Quantum technology differentiate?
6
Algorithmic Strength
RSA
DH
AES
pQC
sharing
Crypto
Engine
Typical
use
Entropy Source
Public crypto
(RSA, DH)
Public key Math bootstrap Local RNG
Symmetric
(AES)
Private key Math
Work
horse
from local RNG
or QKD
QKD none Physics bootstrap Quantum-RNG
Public Key Cryptography
Symmetric Cryptography
QKD is one of multiple security
enhancement investments being made
across the industry to prevent the risk
of Quantum Computing being used by
malicious adversaries
Quantum Computer
attack potential
Physical
Strength
100%
QKD
100%
Quantum channel is
information
theoretically secure
NEW!
QKD +
MACsec
/ IPsec
M
ath
Physics
Quantum
safe
© 2022 Juniper Networks 7
Today’s Key Distribution (PKI)
Key Source
(Router)
Key-Sink
(Router)
1. A Key source generates a key by use of a Random Number Generator (RNG)
2. The Key-Source encrypts the key using Public Key Cryptography (PKI) and sends it to the Key-Sink
Result: key is known at source and sink
RNG
1. Issue: The full key information is transported over the data channel, can be intercepted without
knowledge of Key-source and Key-Sink (store&decrypt later)
2. Issue: PKI is considered breakable with Quantum Computers using Shor’s Algorithm
packet flow
© 2022 Juniper Networks 8
Post Quantum Cryptography (pQC) Key Distribution
1. Issue: [same as today] The full key information is transported over the data channel, can be intercepted without
knowledge of Key-source and Key-Sink (store & much harder to decrypt later)
2. Issue: pQC-PKI is considered resistant against attacks with Quantum Computers using Shor’s algorithm. But there
is no proof that another Algorithm exists that could break the encryption
Key Source
(Router)
Key-Sink
(Router)
packet flow
RNG
1. A Key source generates a key by use of a Random Number Generator (RNG)
2. The Key-Source encrypts the key using pQC-based Public Key Cryptography (PKI) and sends it to the
Key-Sink
Result: key is known at source and sink
© 2022 Juniper Networks 9
Quantum Key Distribution (QKD)
QKD-A QKD-B
Quantum Channel
Dark fiber or Satellite
1. Quantum Key Distribution enables two distant devices connected with a Quantum Channel to “distill”
the same information on both devices
Result: key is known at source and sink
1. Advantage: cannot be broken even if the adversary has unlimited computing power. The distribution
mechanism is proven to be information theoretic secure [Wikipedia]
• Quantum state cannot be intercepted without changing it’s state and is detectable
• Quantum state decays fast. It cannot be stored for a long time to decrypt it later
Router Router
© 2022 Juniper Networks 10
Quick Intro: Quantum Communication by dummies
• Quantum state of individual photons is any
fraction between 0 and 1
• Photons can be split into two photons jointly
maintaining the properties of the original
photon. P0 = 1 à (p1 + p2) = 1
• The state of photons is unknown until
measured: p1 =?, p2 =?
• Measurement of one photon ‘collapses’ the
state of both: Measuring p1 = 0.3 causes p2 =
0.7 [Remember: (p1 + p2) = 1 ]
• If we measure the state of a photon and know
that it was entangled, the state of the other
photon is known.
© 2022 Juniper Networks 11
Quantum Key Distribution
BB84* protocol (schematic)
11
*invented by Ch. Bennett (IBM Research)
& G. Brassard (University of Montreal)
in 1984
Quantum Transmission
Quantum Measurement Preparation
Quantum Measurement
Measurement post-processing
Sifting through the Results
Key Result
More on BB84: https://www.youtube.com/watch?v=IE5952ExMK8
© 2022 Juniper Networks 12
Quantum Cryptography Key Exchange
Quantum Key
Receiver
Quantum Key
Transmitter
Key request
1
2 Key-Cipher
+ key-ID
Request Key
with <Key-ID>
4
5 Key-Cipher
Juniper Router
crypt
Juniper Router
crypt
Data communication
MACsec/IPsec secured Data Link
Quantum channel
3
Communicate <Key-ID>
Eve
Alice Bob
© 2022 Juniper Networks 13
Random Number
Generators
© 2022 Juniper Networks 14
Random Number Usecases
BLOCKCHAIN
Secure transactions between users
including payment protection for a
resilient cryptocurrency infrastructure
IOT SECURITY & 5G
Protection of product connectivity
systems and operational technology
PKI/PQE
Quantum secure encryption for
both a pre & post quantum
environment
OPTIMIZATION
New Product development &
reduction in time to market
HYBRID KEY GENERATION
Post-quantum cryptography
used with current encryption
methods in existing systems
SIMULATION
Analytical & statistical
simulation for risk mgt
PREDICTION
Analysis for superior mgt
decision support systems &
forecasting
QKD
Quantum drived cyber security
distribution of crytograhic keys
KEY ENCAPSULATION
Wrap keys with Post Quantum
Encryption (PQE) mechanism and
algorithms
© 2022 Juniper Networks 15
Random Number Generators
Random numbers are fundamental for
cybersecurity & numerical simulations,
optimization & prediction.
Multiple types of random number generators:
pseudo-random, quasi-random, true-random,
quantum-random.
Today’s wide-spread random number generators
are typically slow, predictable & complex to
monitor.
Your code
084 976
© 2022 Juniper Networks 16
Quantum Random Numbers Generator
© 2022 Juniper Networks 17
Comparing random sources
© 2022 Juniper Networks 18
Summary: Potential fields of interest to networking
Currently there are three quantum technology of interest for a Quantum Safe Strategy:
1. Quantum Random Number Generators (QRNG)
QRNG has become a key enabling technology for quantum-level security in mobile devices, data centers and
even medical implants, to name just a few current-day applications.
2. Quantum Key Distribution (QKD)
QKD is only used to produce and distribute a key, not to transmit any message data. This key is used by any
chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a
standard communication channel.
3. Post Quantum Cryptography (PQC)
Post-quantum cryptography refers to mathematical cryptographic algorithms (usually public-key algorithms)
that are thought to be more secure against a cryptanalytic attack by a quantum computer than current-day
public-key algorithms.
© 2022 Juniper Networks 19
But what about a
Quantum Internet?
© 2022 Juniper Networks 20
how will the quantum internet look like?
Application support based on quantum entanglement
• Source: https://arxiv.org/pdf/2010.02575.pdf
“Quantum networks will use
existing network infrastructure
to exchange classical messages
for the purposes of running
quantum protocols as well as
the control and management of
the network itself. Long-
distance links will be built using
chains of automated quantum
repeaters.”
© 2022 Juniper Networks 21
Quantum Networking / Quantum Internet
• Two approaches to construct quantum networks; simply forward quantum information directly
between nodes or create entanglement between not directly connected nodes (somewhat
comparable to overlay networking ) leveraging teleportation and entanglement swapping.
• Classical computer networks tackle the complexity of transmitting bits between two nodes by
breaking down the transmission into several layers of a stack model, the Open Systems
Interconnection model (OSI model). Work is ongoing to establish a comparable model to quantum
network.
• Quantum applications can operate with imperfect quantum states — if the fidelity is above an
application-specific threshold (for basic QKD the threshold fidelity is about 0.8).
A
A
B C
C
B
Source: https://arxiv.org/pdf/2010.02575.pdf
© 2022 Juniper Networks 22
The advent of a Quantum Internet…
22
© 2022 Juniper Networks 23
© 2022 Juniper Networks 24
Questions? Reach out!
Melchior Aelmans
melchior@juniper.net
© 2022 Juniper Networks 25
Thank you

More Related Content

Similar to Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Networks

Technical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldTechnical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldSiri Murthy
 
Building the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetupBuilding the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetupBenjamin Cabé
 
Certificate less key management scheme in
Certificate less key management scheme inCertificate less key management scheme in
Certificate less key management scheme inIJNSA Journal
 
CERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHY
CERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHYCERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHY
CERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHYIJNSA Journal
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...IJNSA Journal
 
Framework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptographyFramework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptographyIJCNCJournal
 
Scada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsScada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsAleksandr Timorin
 
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLS
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLSA SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLS
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLSijcsa
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherAashirwad Kashyap
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherAashirwad Kashyap
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)inventionjournals
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionADVA
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA
 
Using open source for IoT
Using open source for IoTUsing open source for IoT
Using open source for IoTIan Skerrett
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchainravi sahal
 
Internet of Things (IoT) Security using stream cipher.ppt
Internet of Things (IoT)  Security using stream cipher.pptInternet of Things (IoT)  Security using stream cipher.ppt
Internet of Things (IoT) Security using stream cipher.pptAliSalman110
 
Three Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyThree Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyIJMER
 
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaWardner Maia
 

Similar to Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Networks (20)

Technical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum WorldTechnical Seminar on Securing the IoT in the Quantum World
Technical Seminar on Securing the IoT in the Quantum World
 
Building the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetupBuilding the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetup
 
Certificate less key management scheme in
Certificate less key management scheme inCertificate less key management scheme in
Certificate less key management scheme in
 
CERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHY
CERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHYCERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHY
CERTIFICATE LESS KEY MANAGEMENT SCHEME IN MANET USING THRESHOLD CRYPTOGRAPHY
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction...
 
Framework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptographyFramework for wireless network security using quantum cryptography
Framework for wireless network security using quantum cryptography
 
Scada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsScada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanisms
 
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLS
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLSA SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLS
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLS
 
Quantum Cryptography
Quantum Cryptography  Quantum Cryptography
Quantum Cryptography
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill Cipher
 
Data Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill CipherData Encryption and Decryption using Hill Cipher
Data Encryption and Decryption using Hill Cipher
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...
 
Using open source for IoT
Using open source for IoTUsing open source for IoT
Using open source for IoT
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchain
 
Internet of Things (IoT) Security using stream cipher.ppt
Internet of Things (IoT)  Security using stream cipher.pptInternet of Things (IoT)  Security using stream cipher.ppt
Internet of Things (IoT) Security using stream cipher.ppt
 
Three Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum CryptographyThree Party Authenticated Key Distribution using Quantum Cryptography
Three Party Authenticated Key Distribution using Quantum Cryptography
 
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
 

More from MyNOG

Peering Personal MyNOG-10
Peering Personal MyNOG-10Peering Personal MyNOG-10
Peering Personal MyNOG-10MyNOG
 
Embedded CDNs in 2023
Embedded CDNs in 2023Embedded CDNs in 2023
Embedded CDNs in 2023MyNOG
 
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksMyNOG
 
Equinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersEquinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersMyNOG
 
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureMyNOG
 
Hierarchical Network Controller
Hierarchical Network ControllerHierarchical Network Controller
Hierarchical Network ControllerMyNOG
 
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformAether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformMyNOG
 
Cleaning up your RPKI invalids
Cleaning up your RPKI invalidsCleaning up your RPKI invalids
Cleaning up your RPKI invalidsMyNOG
 
Introducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIXIntroducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIXMyNOG
 
Load balancing and Service in Kubernetes
Load balancing and Service in KubernetesLoad balancing and Service in Kubernetes
Load balancing and Service in KubernetesMyNOG
 
Cloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKICloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKIMyNOG
 
SDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable ParadigmSDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable ParadigmMyNOG
 
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDEAI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDEMyNOG
 
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...MyNOG
 
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveFUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveMyNOG
 
Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...MyNOG
 
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...MyNOG
 
MyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIXMyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIXMyNOG
 
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, OpengearQuick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, OpengearMyNOG
 
Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...
Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...
Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...MyNOG
 

More from MyNOG (20)

Peering Personal MyNOG-10
Peering Personal MyNOG-10Peering Personal MyNOG-10
Peering Personal MyNOG-10
 
Embedded CDNs in 2023
Embedded CDNs in 2023Embedded CDNs in 2023
Embedded CDNs in 2023
 
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier Networks
 
Equinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersEquinix: New Markets, New Frontiers
Equinix: New Markets, New Frontiers
 
Securing the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
 
Hierarchical Network Controller
Hierarchical Network ControllerHierarchical Network Controller
Hierarchical Network Controller
 
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformAether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
 
Cleaning up your RPKI invalids
Cleaning up your RPKI invalidsCleaning up your RPKI invalids
Cleaning up your RPKI invalids
 
Introducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIXIntroducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIX
 
Load balancing and Service in Kubernetes
Load balancing and Service in KubernetesLoad balancing and Service in Kubernetes
Load balancing and Service in Kubernetes
 
Cloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKICloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKI
 
SDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable ParadigmSDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable Paradigm
 
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDEAI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
 
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
 
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveFUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
 
Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...
 
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
 
MyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIXMyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIX
 
Quick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, OpengearQuick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, Opengear
 
Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...
Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...
Data Centre Interconnect (DCI) with X86’s DCI Solution by Raja Akmal, X86 Net...
 

Recently uploaded

ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxNIMMANAGANTI RAMAKRISHNA
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
TRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxTRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxAndrieCagasanAkio
 
Company Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxCompany Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxMario
 
Cybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesCybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesLumiverse Solutions Pvt Ltd
 
Unidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxUnidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxmibuzondetrabajo
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 

Recently uploaded (9)

ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptx
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
TRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxTRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptx
 
Company Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxCompany Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptx
 
Cybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesCybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best Practices
 
Unidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxUnidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptx
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 

Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Networks

  • 1. © 2022 Juniper Networks 1 Chief Architect Juniper Networks Exploring Quantum Technology for Networking Melchior Aelmans
  • 2. © 2022 Juniper Networks 2 Your computer can factor a 100-digit number in 17 minutes. A 200-digit number would take about 75 years. And it gets exponentially more difficult with more digits. Sounds as if we are safe right?
  • 3. © 2022 Juniper Networks 3 Source: https://www.laserfocusworld.com/test-measurement/research/article/14067750/ibm-and-fraunhofergesellschaft-team-up-to-promote-quantum-computing-in-europe
  • 4. © 2022 Juniper Networks 4 Public Key Cryptography or Quantum Key Distribution
  • 5. © 2022 Juniper Networks 5 Public Key Cryptography Steel-Belted Radius TLS Asymmetric Public Key Cryptography MACsec AES-256 AES-256 has no known vulnerability itself from Quantum computers MACsec AES-256 Public-key cryptography is vulnerable when a quantum computer with enough qubits becomes available. Then Shor's algorithm can be used to break public-key cryptography schemes.
  • 6. © 2022 Juniper Networks 6 How does Quantum technology differentiate? 6 Algorithmic Strength RSA DH AES pQC sharing Crypto Engine Typical use Entropy Source Public crypto (RSA, DH) Public key Math bootstrap Local RNG Symmetric (AES) Private key Math Work horse from local RNG or QKD QKD none Physics bootstrap Quantum-RNG Public Key Cryptography Symmetric Cryptography QKD is one of multiple security enhancement investments being made across the industry to prevent the risk of Quantum Computing being used by malicious adversaries Quantum Computer attack potential Physical Strength 100% QKD 100% Quantum channel is information theoretically secure NEW! QKD + MACsec / IPsec M ath Physics Quantum safe
  • 7. © 2022 Juniper Networks 7 Today’s Key Distribution (PKI) Key Source (Router) Key-Sink (Router) 1. A Key source generates a key by use of a Random Number Generator (RNG) 2. The Key-Source encrypts the key using Public Key Cryptography (PKI) and sends it to the Key-Sink Result: key is known at source and sink RNG 1. Issue: The full key information is transported over the data channel, can be intercepted without knowledge of Key-source and Key-Sink (store&decrypt later) 2. Issue: PKI is considered breakable with Quantum Computers using Shor’s Algorithm packet flow
  • 8. © 2022 Juniper Networks 8 Post Quantum Cryptography (pQC) Key Distribution 1. Issue: [same as today] The full key information is transported over the data channel, can be intercepted without knowledge of Key-source and Key-Sink (store & much harder to decrypt later) 2. Issue: pQC-PKI is considered resistant against attacks with Quantum Computers using Shor’s algorithm. But there is no proof that another Algorithm exists that could break the encryption Key Source (Router) Key-Sink (Router) packet flow RNG 1. A Key source generates a key by use of a Random Number Generator (RNG) 2. The Key-Source encrypts the key using pQC-based Public Key Cryptography (PKI) and sends it to the Key-Sink Result: key is known at source and sink
  • 9. © 2022 Juniper Networks 9 Quantum Key Distribution (QKD) QKD-A QKD-B Quantum Channel Dark fiber or Satellite 1. Quantum Key Distribution enables two distant devices connected with a Quantum Channel to “distill” the same information on both devices Result: key is known at source and sink 1. Advantage: cannot be broken even if the adversary has unlimited computing power. The distribution mechanism is proven to be information theoretic secure [Wikipedia] • Quantum state cannot be intercepted without changing it’s state and is detectable • Quantum state decays fast. It cannot be stored for a long time to decrypt it later Router Router
  • 10. © 2022 Juniper Networks 10 Quick Intro: Quantum Communication by dummies • Quantum state of individual photons is any fraction between 0 and 1 • Photons can be split into two photons jointly maintaining the properties of the original photon. P0 = 1 à (p1 + p2) = 1 • The state of photons is unknown until measured: p1 =?, p2 =? • Measurement of one photon ‘collapses’ the state of both: Measuring p1 = 0.3 causes p2 = 0.7 [Remember: (p1 + p2) = 1 ] • If we measure the state of a photon and know that it was entangled, the state of the other photon is known.
  • 11. © 2022 Juniper Networks 11 Quantum Key Distribution BB84* protocol (schematic) 11 *invented by Ch. Bennett (IBM Research) & G. Brassard (University of Montreal) in 1984 Quantum Transmission Quantum Measurement Preparation Quantum Measurement Measurement post-processing Sifting through the Results Key Result More on BB84: https://www.youtube.com/watch?v=IE5952ExMK8
  • 12. © 2022 Juniper Networks 12 Quantum Cryptography Key Exchange Quantum Key Receiver Quantum Key Transmitter Key request 1 2 Key-Cipher + key-ID Request Key with <Key-ID> 4 5 Key-Cipher Juniper Router crypt Juniper Router crypt Data communication MACsec/IPsec secured Data Link Quantum channel 3 Communicate <Key-ID> Eve Alice Bob
  • 13. © 2022 Juniper Networks 13 Random Number Generators
  • 14. © 2022 Juniper Networks 14 Random Number Usecases BLOCKCHAIN Secure transactions between users including payment protection for a resilient cryptocurrency infrastructure IOT SECURITY & 5G Protection of product connectivity systems and operational technology PKI/PQE Quantum secure encryption for both a pre & post quantum environment OPTIMIZATION New Product development & reduction in time to market HYBRID KEY GENERATION Post-quantum cryptography used with current encryption methods in existing systems SIMULATION Analytical & statistical simulation for risk mgt PREDICTION Analysis for superior mgt decision support systems & forecasting QKD Quantum drived cyber security distribution of crytograhic keys KEY ENCAPSULATION Wrap keys with Post Quantum Encryption (PQE) mechanism and algorithms
  • 15. © 2022 Juniper Networks 15 Random Number Generators Random numbers are fundamental for cybersecurity & numerical simulations, optimization & prediction. Multiple types of random number generators: pseudo-random, quasi-random, true-random, quantum-random. Today’s wide-spread random number generators are typically slow, predictable & complex to monitor. Your code 084 976
  • 16. © 2022 Juniper Networks 16 Quantum Random Numbers Generator
  • 17. © 2022 Juniper Networks 17 Comparing random sources
  • 18. © 2022 Juniper Networks 18 Summary: Potential fields of interest to networking Currently there are three quantum technology of interest for a Quantum Safe Strategy: 1. Quantum Random Number Generators (QRNG) QRNG has become a key enabling technology for quantum-level security in mobile devices, data centers and even medical implants, to name just a few current-day applications. 2. Quantum Key Distribution (QKD) QKD is only used to produce and distribute a key, not to transmit any message data. This key is used by any chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a standard communication channel. 3. Post Quantum Cryptography (PQC) Post-quantum cryptography refers to mathematical cryptographic algorithms (usually public-key algorithms) that are thought to be more secure against a cryptanalytic attack by a quantum computer than current-day public-key algorithms.
  • 19. © 2022 Juniper Networks 19 But what about a Quantum Internet?
  • 20. © 2022 Juniper Networks 20 how will the quantum internet look like? Application support based on quantum entanglement • Source: https://arxiv.org/pdf/2010.02575.pdf “Quantum networks will use existing network infrastructure to exchange classical messages for the purposes of running quantum protocols as well as the control and management of the network itself. Long- distance links will be built using chains of automated quantum repeaters.”
  • 21. © 2022 Juniper Networks 21 Quantum Networking / Quantum Internet • Two approaches to construct quantum networks; simply forward quantum information directly between nodes or create entanglement between not directly connected nodes (somewhat comparable to overlay networking ) leveraging teleportation and entanglement swapping. • Classical computer networks tackle the complexity of transmitting bits between two nodes by breaking down the transmission into several layers of a stack model, the Open Systems Interconnection model (OSI model). Work is ongoing to establish a comparable model to quantum network. • Quantum applications can operate with imperfect quantum states — if the fidelity is above an application-specific threshold (for basic QKD the threshold fidelity is about 0.8). A A B C C B Source: https://arxiv.org/pdf/2010.02575.pdf
  • 22. © 2022 Juniper Networks 22 The advent of a Quantum Internet… 22
  • 23. © 2022 Juniper Networks 23
  • 24. © 2022 Juniper Networks 24 Questions? Reach out! Melchior Aelmans melchior@juniper.net
  • 25. © 2022 Juniper Networks 25 Thank you