Quantum Xchange has collaborated with Thales to offer immediate quantum-safe and crypto-agile key delivery capabilities. The resulting quantum-resistant network solution enables end-users to future-proof the security of their data and communications networks; overcome the vulnerabilities of present-day encryption techniques, e.g., keys and data traveling together; and protect against man-in-the-middle, harvesting, and future quantum attacks.
Quantum Xchange’s groundbreaking out-of-band symmetric key delivery system, Phio Trusted Xchange (TX), is a simple architecture overlay that works in tandem with conventional encryption systems, in this instance Thales High Speed Encryptors (HSEs), and any TCP/IP connection (wireless, copper, satellite, fiber) to decouple key generation and delivery from data transmissions.
With Phio TX a second, quantum-enhanced encryption key is sent down a separate quantum-protected tunnel and mesh network to multiple transmission points. This presents an attacker with the enormous challenge of having to defeat the combined security of Key Encrypting Key (KEK) – where a second key is in play and sent independently of the data path. Continuous key rotation takes place on every transfer, further heightening the system’s security today and in the quantum future.
Phio TX embraces crypto agility, supporting quantum keys generated from any source, i.e., Quantum Key Distribution (QKD), Quantum Random Number Generator (QRNG), or a combination, and all Post-Quantum Cryptographic (PQC) candidate algorithms being evaluated by the National Institute of Standards and Technology (NIST) scheduled for standardization by 2022.
The FIPS-validated network security appliance also meets the European Telecommunication Standards Institute (ETSI) protocol for QKD. With Phio TX, users can start with PQC, then easily scale to QKD protection levels with no interruptions to their underlying infrastructure and no network downtime.
“Phio TX used in combination with Thales High Speed Encryptors (HSEs) arm customers with a powerful, enterprise security solution capable of making native encryption keys immediately quantum resistant,” said Eddy Zervigon, CEO of Quantum Xchange. “The standards-based solution can easily meet the risk mitigation needs of a business at any time and delivers an infinitely stronger cybersecurity posture to any network environment.”
“Quantum computing will be one of the biggest technological achievements in recent memory, but it comes with a lot of security risks,” said Todd Moore, Vice President Encryption Products at Thales. “While there is no such thing as a silver bullet when it comes to cybersecurity, deploying crypto-agile systems, or those with the ability to update cryptographic algorithms, keys and certificates quickly in response to advances in cyber-attacks is the next frontier in protection against the emerging threats.
“Today Thales is enabling businesses to deploy security algorithms in a flexible way that include quantum-resistant algorithms that provide mitigation techniques to the current and future security risks presented by the evolution of quantum computing. NIST is currently selecting finalists amongst the quantum-safe encryption algorithms being developed. In anticipation of this, Thales already supports the current finalists including Thales’ Falcon algorithm.”