Toshiba and BT boast 'unhackable' network security with new quantum cryptography tech

...though Toshiba later concedes technology cannot thwart all types of attack

Toshiba and BT have announced what the former is calling an "unhackable" network security solution, having combined 500 encryption-key-per-second quantum cryptography technology with high bandwidth transmission of 2,000Gb/s in a "milestone" for the IT security sector.

Quantum key distribution (QKD) is a method of secure communication that enables two parties to share a randomly-generated security key, but with advanced detection of any third party trying to gain access to the communication. The detection works because a third party attempting to eavesdrop on the communication has to "measure" the system, which the rules of quantum mechanics dictate must disturb it in some way.

As a trial run, Toshiba has begun rolling out the encrypted networking solution to a select number of UK universities.

QKD is not a new technology, with several other companies utilising it - though Toshiba has now broken its own previous record by four times in terms of the speed of communication it can support.

But the "unhackable" boast needs qualifying. So-called "quantum hacking" has been around since at least 2010, when the first eavesdropped key exchange was proved. The single-photon detectors that should be theoretically "disturbed" by the eavesdropping process were fully remote-controlled by using specially adapted bright lighting, a technique called "blinding". Other physical weaknesses in elements such as Avalanche photodiodes have also become the source of successful hacking attempts.

Computing got in touch with Toshiba to ask it to qualify the "unhackable" claim on the initial press release we received.

When pressed, Dr Andrew Shields, assistant managing director at Toshiba Research Europe, was quick to backpedal on the company's behalf.

"We have to be careful saying it's unhackable," he told Computing.

"But of course there are always other ways to hack systems, such as by bribing people for example," added Shields.

But aside from social engineering attacks, Shields is adamant that Toshiba's spin on QKD won't be subject to the same technical exploits as earlier versions.

"We've closed many of those security loopholes," he said.

"They can detect blinding and trojan horse-based attacks.

Shields went on to say that Toshiba's QKD doesn't even use the same kind of photon detectors as those solutions affected by bright light attacks.

Dr Tim Whitley, MD of research and innovation at BT, called the two companies' solution "a remarkable world first", "showing not only that the ultimate security of our fibres is just around the corner, but that this can be achieved at very high bit rates and over the sort of distances that will generate great interest from financial institutions, data centres and other customers."