Verizon is testing how a Quantum Safe Virtual Private Network (VPN) can enhance protection of data today in order to thwart hackers in the future. As quantum computers become more advanced, they will have the potential to break today’s public key encryption ciphers. Theoretically, hackers could capture data riding on networks today and store it until quantum computers have the power to break the encryption. It’s a little like stealing a bank safe today and holding on to it until someone discovers how to pick the lock. Verizon, and others, believe the key to safeguarding information will be a Quantum Safe VPN. This technology uses session key exchange security mechanisms or cryptographic ciphers that can provide a higher level of protection. Essentially, it’s a solution that enhances encryption methodologies today in order to make them even more difficult to hack tomorrow.
In a recent trial, Verizon successfully tested how a Quantum Safe VPN can replace the current public key encryption methods to establish encryption keys using Post Quantum Cryptography (PQC). Keys or ciphers were exchanged between two private 5G networks located in Verizon’s 5G Lab in London and its Executive Briefing Center in Ashburn, VA. The goal of this trial was to demonstrate that early adoption of PQC could prepare today's data from tomorrow's attacks. The US National Institute of Standards and Technology (NIST) is working on a global effort to find PQC algorithms that will be fast and trustworthy, but finalization and integration of the NIST PQC standards may take many years. In the meantime, tests like this demonstrate it is possible to implement NIST PQC cryptography candidates on infrastructure links now with the ability to easily migrate as needed between the different PQC candidate.
“Verizon continues to innovate and test new quantum technologies because now is the time to assess risks of security breaches and develop mitigation strategies to ensure safe networks and communications in the future for consumers and enterprises,” said Jean McManus, Executive Director of Applied Research at Verizon. “While it may be 5 to 10 years before quantum computers are powerful enough to break today’s encryption used in e-commerce and VPNs, it’s important to explore new security methods today to ensure our information is safe down the road.”
Last year, Verizon became one of the first carriers in the U.S. to pilot Quantum Key Distribution, another quantum-based technology that can strengthen security. In the trial, live video was captured outside of three Verizon locations in the D.C. area, including the Washington DC Executive Briefing Center, the 5G Lab in D.C and Verizon’s Executive Briefing Center in Ashburn, VA. Using a QKD network, quantum keys were created and exchanged over a fiber network between Verizon locations. The trial demonstrated that with QKD, encryption keys are continuously distributed in a provably secure manner, which through the properties of quantum mechanics, prevents meaningful eavesdropping and detects the presence of eavesdroppers.