Partnerships, Quantum Cryptography, Technology

Vodafone and SandboxAQ Test Quantum-Safe Cryptography

Quantum Business Intelligence
July 8, 2023 by Quantum Business Intelligence
Vodafone And Sandboxaq Test Quantum-Safe Cryptography

Vodafone is working with technology partners and the GSMA to develop quantum-safe defences against potential future threats to data security. The company has partnered with SandboxAQ, an Alphabet spin-off, to test a quantum-safe Virtual Private Network (VPN) using standard smartphones. The test used cryptography algorithms from The National Institute of Standards and Technology (NIST). Vodafone is also part of the GSMA’s Post-Quantum Telco Network task force, which aims to develop industry-wide strategies to address the threat of quantum computing. The company is testing new cryptography to protect against Store Now, Decrypt Later (SNDL) attacks.

“On one hand quantum computing has the potential to rapidly solve ultra-complex problems in key areas such as healthcare, but on the other it could undermine today’s cryptography. This is why we are playing an active role in the transition to a quantum safe world. We are exploring and trialing new algorithms to provide protection for our customers against possible quantum-empowered attackers in the future.”

Emma Smith, Vodafone’s Cyber Security Director

Quantum-Safe Virtual Private Network (VPN) Testing

As part of its initiatives to safeguard against future threats, Vodafone collaborated with SandboxAQ, a spin-off from Alphabet, to conduct a proof-of-concept test for a quantum-safe Virtual Private Network (VPN). This type of network is used by millions of workers to securely access company systems via their devices. The test was conducted using standard smartphones connected to the VPN, that had been specifically adapted using cryptography algorithms from The National Institute of Standards and Technology (NIST).

The aim of the test was to evaluate the latest NIST standards in a real-life telecommunications scenario. Governments are adopting these NIST standards as part of their planning to mitigate the potential risk posed by Quantum Computing.

Store Now, Decrypt Later (SNDL) Attacks

One of the risks associated with quantum computing is the Store Now, Decrypt Later (SNDL) attack. This involves adversaries stealing encrypted data so they can decrypt it in the future with a quantum computer. While cryptographically relevant quantum computers may still be some years off, the threat of quantum-empowered attackers is already present.

Vodafone has begun testing new cryptography in partnership with key industry players to mitigate this risk. The goal is to migrate data to suitable, post-quantum cryptographic methods now to protect customers, governments, and society from future SNDL attacks.

Post-Quantum Cryptographic Smartphones

Vodafone has been conducting experiments to assess the impact of post-quantum cryptography on everyday activities such as web browsing, social media and chat application use, video and audio streaming, and mobile gaming. These tests were conducted using PQC-enabled mobile handsets, helping to test network performance and assess the user experience.

The experiments revealed the strengths and weaknesses of the distinct PQC algorithm classes. Hybrid cryptographic approaches, composed of classical and best-fit PQC algorithms, had minimal impact on the quality of service while still achieving post-quantum security.

“The Store Now, Decrypt Later attack involves adversaries stealing encrypted data now so they can decrypt it in the future with a quantum computer. Although cryptographically relevant quantum computers may remain some years off, the threat posed by quantum-empowered attackers i​​s already here today.”

Vodafone’s Head of Research and Development Luke Ibbetson

The Future of Quantum-Safe Cryptography

The transition to implement post-quantum cryptography (PQC) will take time and resources. However, Vodafone believes it’s important to start acting now. The company continues to actively test new solutions with companies such as SandboxAQ and combine its work with broader industry groups to address the need for global standards to protect society worldwide.

Vodafone’s global team of 900 cyber security experts work on everything from the cyber security of networks, securing both business and consumer products and services, to collaborating with standard bodies on critical topics such as PQC implementation. The company’s scale allows it to benefit from global collaboration, technology sharing, and deep expertise and to have greater visibility of emerging threats.

“The experiments involved the assessment of both synthetic traffic and real data sessions made by internal volunteers from several countries in which we operate, together with the project team. We tested the impact of post-quantum cryptography on activities many of us do every day. These included web browsing, social media and chat application use, video and audio streaming, and mobile gaming using PQC-enabled mobile handsets, helping to test network performance and assess the user experience.”

Vodafone’s Head of Research and Development Luke Ibbetson

Quick Summary

“Emma Smith said: “The cyber risk remains volatile. Every day our global team of 900 cyber security experts draw on their rich technical skills, inquisitiveness, and motivation to protect our customers and society at large. We work on everything from the cyber security of our networks, and securing both business and consumer products and services, to collaborating with standard bodies on critical topics such as PQC implementation.”

Emma Smith, Vodafone’s Cyber Security Director

Vodafone is actively testing new cryptography algorithms to protect against potential threats posed by quantum computing, such as the Store Now, and Decrypt Later (SNDL) attacks. The company is working with partners like SandboxAQ to develop quantum-safe defences and has successfully conducted a proof-of-concept test for a quantum-safe Virtual Private Network (VPN), demonstrating that post-quantum cryptography can secure everyday activities with minimal impact on service quality.

  • Vodafone is working with technology partners and the GSMA to develop quantum-safe defences to protect customers, governments, and society from potential threats posed by quantum computing.
  • Emma Smith, Vodafone’s Cyber Security Director, highlighted the dual potential of quantum computing to solve complex problems and undermine current cryptography.
  • Vodafone and SandboxAQ, an Alphabet spin-off, conducted a proof-of-concept test for a quantum-safe Virtual Private Network (VPN) using standard smartphones adapted with cryptography algorithms from The National Institute of Standards and Technology (NIST).
  • Vodafone is addressing the risk of Store Now, Decrypt Later (SNDL) attacks, where encrypted data is stolen now for future decryption with a quantum computer.
  • Vodafone is leading the GSMA’s Post-Quantum Telco Network (PQTN) task force to develop industry-wide strategies to address the quantum threat.
  • The company is also exploring the performance characteristics of post-quantum algorithms and their impact on existing communication processes.
  • Vodafone established its first-ever quantum-safe VPN with SandboxAQ, testing several scenarios and assessing the impact of post-quantum cryptography on everyday activities.
  • The tests revealed that hybrid cryptographic approaches, composed of classical and best-fit post-quantum cryptography (PQC) algorithms, had minimal impact on the quality of service while achieving post-quantum security.
  • Vodafone continues to actively test new solutions with companies like SandboxAQ and work with broader industry groups to establish global standards for protection against quantum threats.

Read More

Tags: