Discuss This in the eWEEK Forum
MagiQ Technologies Inc. on Monday plans to release the first version of its much talked-about quantum key distribution product, known as Navajo. The system is to be unveiled at next weeks Computer Security Institute show in Washington and is among the first commercially available quantum cryptography products.
In theory and practice, Navajo is not much different from most existing public key cryptosystems. It encodes the encryption keys, performs the key exchange, encrypts the message and then sends it to the recipient. The difference is in the manner in which the key is encoded and distributed to the recipient.
Navajo encodes each key by placing several bits of information on a series of individual photons, which are then transmitted to the recipient over a dedicated fiber optic line. When theyre reassembled by the recipient, the bits on the photons form the encryption key.
During transmission, the key is protected elegantly by the laws of physics. The nature of quantum mechanics is such that if someone was able to eavesdrop on the key exchange process, the simple act of reading the bits on one photon would irreversibly change that photon. This, in turn, would alert the recipient that the key had been compromised and should be thrown away.
The system can handle both triple-DES and AES encryption and its transmission rate is about 1Gbps, company officials said.
One other key difference in Navajo is its key regeneration rate. In practice, many commercial cryptosystems are set to generate new keys infrequently, if ever. This can lead to a situation where an attacker can read supposedly secure communications ad infinitum if he or she is able to compromise the encryption key. Instead, MagiQs system refreshes its keys continuously.
"The issue is flipping keys in a secure way. Most people dont change them very often," said Michael LaGasse, vice president of engineering at MagiQ, based in New York. "And its pretty easy to tap a fiber link with a couple of hundred dollars in equipment."
Meanwhile, the nature of the Navajo system presents a couple of unique challenges for potential customers. Because the system relies on photons of light for transmission of the keys, customers must have fiber optic lines available. This isnt much of a barrier for most large enterprises, which typically have such lines in place already. However, the system is limited by a range of about 62 miles right now, although the transmission can be sent through repeaters to increase the range, LaGasse said.
Much of the early interest in the system has come from telecoms that are looking to put some of their extra fiber capacity to work. "These carriers have between 50 and 70 percent of their fiber lying unused, depending on the company, and they want to find ways to generate more revenue from it. Security is one of the obvious ways," said Bob Gelfond, CEO of MagiQ.
Pricing for Navajo starts at $50,000 per endpoint.
Also next week MagiQ will release a separate box that does key distribution only and is meant for use by researchers looking into quantum cryptography.
Discuss This in the eWEEK Forum