Quantum technologies in information security intersects with cyber-terrorism attacks

New Delhi,UPDATED: Jan 12, 2024 15:26 IST

Today, information technology (IT) is pervasive across various domains, supporting functions such as banking systems, nuclear reactor control, and aerospace operations. The security of IT systems is crucial for the high level of automation seen in these areas. The field of aviation has incorporated the latest communication systems, including Public public-switched telephone Networks (PSTN), Circuit Public Data Networks (CSPDN), Packet Switched Public Data Networks (PSPDN), Local Area Networks (LAN), and Integrated Services Digital Networks (ISDN), for data transmission in different types of telecommunication.

Dr (Prof) Nishakant Ojha, Advisor-Cyber & Aerospace Security (West Asia & Middle Eastern Countries), Eminent Expert-Counter Terrorism, shared important insights with us.

The risk of cyber-terrorist attacks (CTA) poses threats to economic damage, flight security, and potential casualties for aviation companies. Protecting against such attacks is a significant scientific and technical challenge. Cryptographic systems are a highly effective means of ensuring confidentiality and data integrity during transmission, addressing key distribution, authentication, user authorisation, and encryption.

In recent years, quantum cryptography (QC) has gained substantial interest, with Quantum Key Distribution (QKD) playing a pivotal role. Although there is a growing number of Quantum Technologies of Information Security (QTIS), the scientific literature needs a more precise classification of these technologies. Existing works are limited to the classification of QKD protocols. Quantum key distribution protocols primarily focus on generating and distributing encryption keys between two users connected through quantum and classical channels.

The contemporary landscape of quantum technology in information security requires a transparent framework for classification and systematisation. Quantum key distribution (QKD) protocols stand out as the most advanced branch of quantum cryptography, with ongoing development in research institutes and laboratories for secret key distribution to legitimate users over distant connections. Many of the technologies employed in these systems are patented, primarily in the U.S., and can be seamlessly integrated with classical cryptographic schemes to achieve information-theoretic security.

• We'd like two minutes of your time in order to understand you better. Please take this reader survey.

While QKD protocols generally offer higher information security (IS) than classical schemes, other quantum information security (QTIS) technologies are still in the experimental stage. Quantum secure direct communication (QSDC) protocols, such as the ping-pong protocol, present an alternative by eliminating the need for encryption and addressing the challenge of secret key distribution. However, their application is limited by low data transfer rates in quantum channels.

Quantum secret sharing protocols, quantum stream cyphers, and quantum digital signatures provide enhanced security levels compared to their classical counterparts. Despite their theoretical promise, the practical implementation of QTIS faces technological challenges. As QTIS continues to develop, they offer a significant leap in communication system security against cyber-terrorist attacks, given their ability to always detect eavesdropping.

Robust policies are essential for standardising quantum-resistant cryptography, emphasising harmonised cryptographic standards. These policies should encompass initiatives to assess risks posed by quantum technologies, facilitate the transition to quantum-resistant cryptography, promote international coordination, raise awareness amongst leaders, develop a skilled workforce in quantum technologies, and establish dual-use and export control policies. Additionally, organisations should conduct quantum vulnerability assessments, prioritising systems processing sensitive data.

The U.S. National Defense Authorization Act is a notable initiative for quantum vulnerability assessment, emphasising critical national security systems at risk and assessing NIST standards for quantum-resistant cryptography. Similar initiatives could be promoted globally, with the European Commission and India potentially adopting measures to guide member states and companies in addressing the cybersecurity risks of quantum computing in the present scenario & coming era.

International collaboration is vital in quantum technology, as seen in initiatives like NIST's PQC project and the EU's InCoQFlag. Collaborative efforts are needed to establish a foundation for consensus and coordination, ensuring harmonised standards and regulations for quantum technologies in the global supply chain. The quantum skills gap can be addressed by learning from experiences with AI, with organisations specifying talent needs and focusing on roles like quantum hardware engineers, quantum software engineers, and quantum translators. However, the evolving nature of the market suggests that these roles may require hybrid skills, primarily applicable to highly skilled workers.

Also, it is noteworthy that the domain of quantum technologies introduces emerging technologies with many unknowns regarding their potential consequences. A significant security issue stems from the ability of quantum computers to decipher protected communications, posing a specific threat to intercepted and stored messages awaiting decryption through future quantum capabilities. Despite the general optimism within the developer community about the positive impacts, referred to as quantum advantage, there are also unforeseen consequences and challenges. This has sparked a normative discussion on whether quantum technologies should be perceived solely as augmentations to classical computers or as entities with distinctive ethical implications.

The following tips were shared by Dr (Prof) Nishakant Ojha, Advisor-Cyber & Aerospace Security (West Asia & Middle East Countries), Eminent Expert-Counter Terrorism.