Quantum Market Research
Quantum Market Research
Quantum Market Research
business opportunities
assessment
BY
D R . T HOMAS J ENNEWEIN , A SSOCIATE P ROFESSOR & E RIC C HOI , S ENIOR T ECHNICAL A SSOCIATE
market study
quantum
cryptography
1. executive summary
2. introduction
11
18
4.market overview
23
23
25
5. competitive landscape
29
29
37
6. market potential
39
39
41
43
43
7. conclusion
45
8. endnotes
47
9. appendices
50
50
53
1. executive summary
There is a serious threat to the current cryptographic systems upon which
modern information and communications technology depends. Most current
encryption techniques are based upon assumptions of mathematical
complexity that are actually not proven. Therefore, a sudden or unexpected
algorithmic innovation could immediately compromise many modern security
systems. In the longer term, quantum computers will be able to quickly solve
the mathematical problems upon which most current key establishment
methods are based, rendering them useless.
Quantum key distribution is not science fiction, but a present day reality. A
number of companies are currently selling commercial QKD systems, and
several other firms oer related products and services. QKD has attracted the
attention of high technology firms such as Alcatel-Lucent, Raytheon, HP, IBM
and Toshiba. Terrestrial QKD networks using fibre optic cables or free-space
atmospheric transmission are in operation today for both research and niche
commercial applications such as secure bank transactions and data transfers.
Due to some fundamental physical constraints, a complementary solution
would be required to cover distances beyond a few hundred kilometers. Light
signals inevitably attenuate as they are transmitted through fibre optic cables,
and conventional signal amplifiers cannot be used because they would
compromise the quantum mechanical phenomena upon which QKD depends
for the detection of eavesdropping. Free-space atmospheric QKD links are
limited to line-of-sight, subject to local geographical constraints and ultimately
the curvature of the Earth. The only way to oer long-distance QKD services
with current technology is to use satellites as complementary trusted nodes
bridging the distance between geographically dispersed QKD ground
networks, for example, between cities or continents. Teams in Canada, Europe,
the U.S., Japan, China and other nations are currently engaged in a Quantum
Space Race, vying to be the first to demonstrate QKD from space. The
winning team would not only claim a historic scientific accomplishment but
would also be the front-runner to seize a potentially lucrative future business
opportunity.
Currently, the market for quantum cryptography is estimated to be on the
order of $30-million. Over the long-term, as regulatory requirements for
quantum-resistant cryptosystems are expected to become enacted, it is
anticipated that the market will grow significantly. IQC estimates the potential
overall global market for quantum cryptography could reach $23-billion within
twenty years. Satellite-based QKD for long-distance secure key distribution
would be a subset of this overall quantum cryptography market. Such a
service could be implemented with either a constellation of low Earth orbit
(LEO) microsatellites or hosted payloads aboard geostationary (GEO)
satellites. IQC estimates a potential global market for satellite-based QKD of
up to $382-million per year within the next two decades.
2.introduction
2.1. RELEVANCE AND IMPLICATIONS OF
QUANTUM INFORMATION
Each force of Nature that humanity has harnessed has had a lasting impact on
society. Fire, steam, electromagnetism and the splitting of atomic nuclei
represent the most compelling examples. What could be the next force of
nature that we can harness? What forces remain untamed?
Quantum theory was discovered at the beginning of the 20th Century and is
used to describe the behaviour of atoms, molecules, photons (quanta of light)
and their constituents. As a better understanding of this domain was
developed, we have often been left perplexed about the seemingly paradoxical
behaviour of nature at the atomic scale: particles that cannot be pinpointed
because of the uncertainty principle; photons and atoms that act as if they are
in two places at the same time; the interchangeability of particles and waves.
For most of the 20th Century, these phenomena were thought to be only
curiosities. Over the last 25 years, however, physicists and chemists started to
develop better technologies with which to explore the intricacies of the
quantum domain. They were able to demonstrate that indeed Nature behaves
precisely as this theory predicts. A great deal of thought and experiment has
been applied attempting to understand the phenomena presented by
quantum mechanics.
3. overview of quantum
cryptography
3.1. INHERENT VULNERABILITIES OF
CONVENTIONAL CRYPTOGRAPHY
Peter Shor discovered 20 years ago that quantum computers will break prime
factoring and discrete-logarithm based cryptographic systems. Fortunately, there
were no quantum computers at the time. The prevailing scientific consensus,
however, is that practical and widespread quantum computing capabilities will
likely be available within the next 10 to 25 years.2 When this happens, most
current encryption methods will be rendered useless.
x is the number of years that cryptography must remain unbroken, i.e. how long
are you supposed to protect health information, or national security information,
or trade secrets?
y is the number of years it will likely take to replace the current system with one
that is quantum-safe or not based on unproven assumptions of mathematical
complexity
z is the number of years it will take to break the current encryption tools, using
quantum computers or otherwise
If x + y > z, then there is a problem right now and immediate action needs to
be taken. This means that for the latter part of those y years, we will have to
either stop doing business or continue to use the current tools with the
knowledge that they will be compromised in z years.3 Neither of these are
desirable options and near-term alternatives are essential, if only to protect
against unexpected algorithmic advances. These alternatives should also be
quantum-safe in order to provide protection against the imminent threat
posed by quantum computers.
There are two possible complementary solutions. The first are post-quantum
or quantum resistant techniques, which are new codes and protocols based
on NP complete problems for which there are currently no known quantum
algorithms capable of breaking these schemes. While post-quantum methods
would not require a lot of new hardware and could be deployed quickly on
existing ICT infrastructures, the inherent vulnerability of being based on
unproven mathematical assumptions remains.
Quantum cryptography is the other solution. To date, quantum mechanics is
possibly the most thoroughly tested model of the Universe that has been
devised by science. For data security over the long-term only systems based
on quantum cryptography, to the extent of our current best understanding of
the laws of physics, are secure against both conventional and quantum
computers. This is due to the fact that quantum cryptography relies upon
fundamental laws of physics rather than assumptions of mathematical
complexity, and hence will never be threatened by innovative algorithms or
increased computational power.
Public key or asymmetric cryptography uses two separate keys, one public
(open) and one private (secret). The open public key is used by the sender to
encrypt a message or verify a digital signature, and the secret private key is
used by the recipient to decrypt a message or create a digital signature. These
key pairs are linked mathematically, based upon computational relationships
that are assumed to be extremely dicult to solve such as the prime product
factorization, discrete logarithms and elliptic curve schemes. Public key
encryption allows users to communicate securely over an open channel
without having to agree on a shared secret key beforehand. This distributed
trust is essential to the success of Internet applications such as electronic
commerce, however, as discussed in Section 3.1 public key cryptography is
inherently vulnerable to increasing computational power or unexpected
algorithmic advancements.
achieve practicality by using long but finite length secret random keys,
however, there are a number of challenges that need to be addressed.
First, it is not possible for conventional computers to generate truly random
numbers. The random number functions in most programming languages are
not suitable for cryptography, and even those that are suitable employ some
methodologies whose security is unproven. Random numbers generated
deterministically by conventional computers are more correctly described as
pseudo-random. Second, the security of AES and other symmetric schemes
is only as good as the security of the key exchange itself. Even today, for many
financial, military and diplomatic applications, secret keys are often delivered
manually using a trusted human courier. While the image of a briefcase
handcued to a courier has been made famous by many spy movies, modern
digital storage media such as USB sticks or DVDs are often used to carry
secret keys from one place to another in a less conspicuous manner.
Distributing keys in this manner is expensive, inconvenient and poses a
significant security risk. In addition to the risk of compromise during transit
(for example, a pickpocket swiping, copying and replacing the pad), there is
no guarantee that the couriers themselves can be trusted. Anyone who
manages to copy or steal the key would be able to decrypt the messages
eortlessly, thereby defeating the purpose of encryption.
Both of these problems can be solved by quantum mechanics. Contrary to
Newtonian or classical physics, quantum physics is fundamentally nondeterministic by nature. Quantum random number generators (QRNG) exploit
the intrinsic randomness of phenomena such as radioactive decay or photonic
transmission and reflection to generate true random numbers. These devices
are available commercially from companies like ID Quantique (see profile in
Section 5.1.1) and have application in numerical simulations and the gaming
industry as well as cryptography.
Quantum key distribution (QKD) solves the key exchange security problem. As
described in Section 3.2.2, QKD establishes highly secure keys between distant
parties by using single photons (or similarly suitable quantum objects) to
transmit each bit of the key. Since single photons behave according the laws of
quantum mechanics they cannot be tapped, copied or directly measured
without leaving tell-tale signs of manipulation. The huge benefit for users of
such systems is the peace of mind of knowing that any attack, manipulation or
copying of the photons can be immediately detected and addressed.
Since many symmetric encryption algorithms are resistant to known attacks
by quantum computers, addressing the emerging threats described in Section
3.1 will not require all of the current foundational blocks of data security to be
replaced. QKD can be used to generate the private keys in a symmetric
encryption algorithm such as block cipher AES. It would thus be deployed as a
complementary technology that enhances and gradually replaces public key
cryptography systems. Most of the current AES and Data Encryption Standard
(DES) key management schemes will still be relevant when augmented by
QKD.
A number of QKD protocols have been devised. The BB84 protocol, which was
developed by Charles Bennett and Gilles Brassard in 1984, is based on the nocloning theorem. To illustrate the technique, consider two parties Alice and
Bob who wish to exchange a secret key between them.
Alice transmits a stream of random binary bits as single photons and encodes
the values of 0 or 1 as a quantum state (for example, polarization) in two
dierent non-overlapping bases (for example, rectilinear and diagonal). The
encoding base of each transmitted photon is also selected randomly. For each
received photon, Bob randomly chooses a measurement base and records the
observed polarization of that photon. If Bob happens to measure a given
photon in the same base in which it was originally transmitted by Alice, he will
get the same value. Otherwise, a random polarization will be measured.
When the transmission is complete, Bob contacts Alice over an authenticated
conventional communications channel (in order to prevent man in the middle
attacks) and they compare the sequence of receiver measuring bases Bob had
used versus the transmitter encoding bases that Alice had used. Since they are
only talking about the measurement bases and not the actual transmitted
Instead of human couriers with handcued briefcases or USB sticks, QKD uses
a stream of single photons to transmit the encryption key. According to
Heisenbergs Uncertainty Principle, there is a fundamental limit to the precision
with which the position and momentum of a particle can be known
simultaneously. For example, the more precisely the position of a particle is
determined the less precisely its momentum can be known, and vice versa.
The related observer eect means that the very act of measuring a particle
such as a photon will inevitably aect some characteristic of that particle. It is
therefore impossible to make a perfect copy of a quantum state, a principle
known as the no-cloning theorem.
values, this base reconciliation step could take place over a public or
unsecured channel. Alice and Bob keep the photon measurements (bits)
where both had used the same bases and discard the rest. The shared
encryption key is generated from these bits.
To check for the presence of an eavesdropper Eve, Alice and Bob then
compare a random subset of the remaining bit string. By the laws of quantum
mechanics, any attempt by Eve to tap into the transmission or copy the bits
will result in detectable errors in Bobs measurements. If the error rate exceeds
a certain threshold, Bob and Alice can discard the compromised key and try
again either at a later time or through a dierent quantum channel.
Devised by Artur Eckert in 1991, the E91 protocol is an alternative QKD scheme
that involves a trusted third-party Charlie with an entangled photon source.
Charlie gives Alice and Bob each a quantum state in an entangled pair and
their key is created using consecutive measurements of this pair. The key
exchange then proceeds exactly as BB84 except that in the basis
reconciliation step Alice and Bob both compare their measurement bases
instead of comparing Alices encoding bases to Bobs measurement bases.
The next year Bennett and Brassard published the BBM92 protocol as a followup to E91 in which it was proven that it is not necessary for Charlie to be
trusted because Alice and Bob can perform a Bell test on their
measurements to confirm shared entanglement. For example, a pair of
photons may be entangled in such a way that their polarizations are opposite
to each other. By the laws of quantum mechanics, the polarization of one of
these photons is indeterminate until it is observed. This act of observation,
however, will automatically determine the polarization of the other entangled
photon even if the pair is physically separated. Austrian physicist Erwin
Schrdinger introduced the term entanglement, which was later referred to by
Albert Einstein as spooky action at a distance.
QKD can also be implemented using continuous variables (CV-QKD) carried
by weak optical signals.5 The light fields will have intrinsic noise in their phase
and amplitudes due to quantization of the field, which enables Alice to encode
the phases for signals that are indistinguishable to Eve, as is the case for some
of the polarisation states used in the BB84. CV-QKD has can be implemented
using standard telecom components such as laser sources, phase modulators
and regular photo diodes, however, at larger transmission losses the system
becomes less ecient than single photon based QKD.
10
QKD can be also done between any two points with direct line-of-sight using
free-space links. Unlike fiber links, free-space experiments do not suffer from
losses exponential in distance, although they do suffer in turbulence, dispersion
and scattering. Free-space experiments can cross much larger distances than
fiber links, but they are often difficult to achieve, as it is difficult to find two large
telescopes separated at a long distance with a direct line of sight. At the moment,
the distance record for free-space QKD on the ground is 144 km, which was done
between two observatories in the Canary Islands.6
11
12
13
14
3.3.5. DARPA
In 2003, the U.S. Department of Defense started backing several quantum
cryptography experiments as part of a $20.6-million quantum information
initiative at the Defense Advanced Research Projects Agency (DARPA).9 As
shown in Figure 4, DARPA developed a Quantum Network has been running in
Massachusetts since 2004. This network was developed in partnership with
Raytheon BBN Technologies, Harvard University and Boston University. The
secure key rate is 500 bps and the average length of the links is 10 km. See the
profile of BBN Technologies in Section 5.1.6 for more information.
Figure 4 The DARPA Quantum Network
3.3.7. SwissQuantum
The main goal of the SwissQuantum network (see Figure 5), which was
installed in the Geneva metropolitan area in March 2009, was to validate the
3.3.6. SECOQC
15
cable between Vienna City Hall and the Bank Austria Creditanstalt branch
oce Schottengasse using the one-time pad technique described in Section
3.2.1.
QKD technology provided by the company ID Quantique (see profile in
Section 5.1.1) was used by the Swiss canton of Geneva to transmit ballot results
from polling stations to a data centre in the capital, a distance of 100 km, in
the national election of October 2007. For this application, the issue was not
confidentiality but integrity, making sure that no one could connect to the link
and change the values of the vote counting. The system (see Figure 6) was
installed in September 2006 and operated continuously for more than seven
weeks prior to the Election Day in October 2007. It has subsequently been
used five more times in subsequent elections and remains available for future
utilization. Another ID Quantique customer is Siemens IT Services and
Solutions B.V. in the Netherlands, which uses QKD to secure communications
between a pair of data centres in The Hague and Zoetermeer.
Figure 6 Use of Quantum Cryptography During the October 2007 Swiss National Election
17
Figure 7 Satellite Trusted Node to Bridge Terrestrial Networks Over Long Distances
18
19
satellite in medium Earth orbit (MEO) at altitude of 1,485 km (see Figure 9).
The satellite-to-Earth quantum channel was simulated by reflecting attenuated
laser pulses o the optical retro-reflectors on the surface of Ajisai. Although
Villoresis experiment did not implement a QKD protocol, it did show the
feasibility of sending and receiving single photons between a satellite and an
optical ground station on the Earth. QEYSSat principal investigator Dr. Thomas
Jennewein of IQC was a co-investigator on all of these European activities.
Thomas Scheidl and Rupert Ursin of the Institute for Quantum Optics and
Quantum Information at the Austrian Academy of Sciences have submitted a
proposal called Space-QUEST (QUantum Entanglement for Space
ExperimenTs) for consideration by the European Life and Physical Sciences in
Space Program of ESA. As shown in Figure 9, Space-QUEST would conduct
space-to-ground quantum communications tests from the International Space
Station (ISS), simultaneously distributing entangled photon pairs to separated
locations on Earth to demonstrate QKD and perform fundamental quantum
physics experiments.
3.4.4.NICT
21
22
4. market overview
This section is a top-down overview of the general information security
market. It should be noted that money spent on encryption and security
technologies are not necessarily interchangeable with quantum cryptography
because many products deal with the complexity of things such as key
management and security policy, of which encryption is only one part. The
purpose of this section is to illicit some market questions that should be
considered when evaluating the commercialization of quantum cryptography.
23
Credit monitoring services and other free goods and services to retain customers
According to the Ponemon Institute, in 2010 malicious attacks were the root
cause of 31% of data breaches, up from 24% in 2009 and 12% in 2008. About
85% of all U.S. companies have experienced data breaches, however, the actual
figure is probably higher because many companies do not currently have the
ability to detect exposed information. The Privacy Rights Clearinghouse
estimated that security breaches compromised more than 500 million U.S.
records since 2005, and again those are just the reported events. According to
the Identity Theft Resource Center, at least 662 data breaches occurred in the
U.S. in 2010, exposing more than 16 million records. Nearly two-thirds of those
breaches exposed Social Security numbers, and 26% involved credit card or
debit card data. The majority of these attacks were malicious hacks or insider
theft. Since 2005, it is estimated that security breaches have compromised
more than 500 million U.S. records. CSO magazines 2011 CyberSecurity Watch
Survey found that 81% of U.S. respondents experienced a security event during
the preceding 12 months, compared with 60% in 2010, while 28% of
respondents saw an increase in the number of security events as compared
with the previous year. In the United Kingdom, a survey found that 94% of
respondents ranked protecting personal information as their top concern,
equal to their concerns about crime, and two-thirds said they would avoid
interacting with firms that they knew had lost confidential information.17
Dr. Cedric Jeannot, the CEO of I Think Security, estimates the average cost of a
data breach to an enterprise is $5.5-million and malicious cyber activity costs
the U.S. economy as much as $100-billion a year.18 Attacks against computer
data and systems, identity and intellectual property theft, and the
perpetuation of online financial fraud incur a global estimated cost of between
$70-billion and $400-billion a year according to new data recently released by
the Centre for Strategic and International Studies (CSIS).19 An earlier 2004
study analyzed 225 security breaches and found that security breaches of firm
data were associated on average with a loss of 2.1% of the firms market value,
or around $1.65-billion of market capitalization, within two days of the
announcement.20 In the medical sector, a 2010 report found that U.S. health
organizations may have to spend $834.3-million in total costs to address
violations of the Health Insurance Portability and Accountability Act (HIPAA).21
The following representative case studies are summarized from the Sophos
State of Data Security Report (2011)22 and highlight how data security
incidents have a serious eect on organizations:
24
Massachusetts General Hospital The oldest and largest hospital in New England
drew a $1-million fine from the U.S. Department of Health and Human Services
(HHS) for losing 192 patient medical records. This violation of the HIPAA Privacy
Rule cost the hospital approximately $15,000 per patient file.
BP An employee lost a laptop containing data on 13,000 oil spill claimants during
routine business travel. The laptop included unencrypted names, Social Security
numbers, addresses, phone numbers and birthdates of people who had filed
claims related to the Deepwater Horizon accident. About 12,000 laptops are lost
every week at U.S. airports alone, or approximately one every 50 seconds.
Epsilon The marketing services provider fell victim to a massive data breach that
compromised email address data belonging to many of the worlds biggest
brands. Epsilon is the largest provider of permission-based email marketing and
sends more than 40 billion emails a year on behalf of 2,500 brands, including
Kroger, Marriott Rewards and Ritz Carlton Rewards.
Nationwide Building Society The U.K. Financial Services Authority (FSA) fined
the company nearly 1-million for lax security procedures and controls that led to
the exposure of the personal details when a company laptop containing
confidential records for nearly 11 million customers was stolen. In addition to the
substantial fine, the company had to bear the cost of notifying the millions of
people whose records were stolen.
Table 1 summarizes the worldwide IT security products market for the period
from 2009 to 2017 as compiled by International Data Corporation (IDC).23
Worldwide market sizes and trends are provided for 2009 to 2012, and a fiveyear growth forecast for this market is shown for 2013 to 2017. According to
IDC, the worldwide IT security products market achieved a revenue level of
$29.8-billion in 2012. This market is forecasted to reach $42-billion in 2017,
representing a compound annual growth rate of 7.1% from 2012 to 2017. The
largest security products market segment in 2012 was endpoint security, which
is driven primarily by consumer spending. At the end of the IDC forecast
period, endpoint security is expected to continue to be the largest market,
however, network security is expected to be a very close second. As discussed
in Section 6.3, over the long-term the steady-state segmentation of the
quantum cryptography market is expected to approximate that of the current
IT security market.
25
Revenues
by segment
($M USD)
2009
2010
2011
2012
2013
2014
2015
Endpoint
$7,016.8
$7,352.2
$7,676.4
$8,085.6
$8,608.2
$9,166.5
$9,758.9
$10,373.0 $11,007.1
Network
$6,574.4
$6,990.2
$7,435.1
$7,936.0
$8,445.7
$8,972.8
$9,461.0
$10,097.4 $10,671.1
Messaging
$2,754.9
$2,305.4
$2,414.0
$2,476.5
$2,622.2
$2,787.6
$2,964.3
$3,139.4
$3,320.6
Web
$1,516.8
$1,692.8
$1,913.6
$1,990.5
$2,121.3
$2,266.1
$2,417.3
$2,569.9
$2,728.7
Identity and
Access
Management
$3,348.5
$3,598.5
$4,018.8
$4,418.3
$4,859.7
$5,331.7
$5,842.6
$6,376.2
$6,927.1
Security and
Vulnerability
Management
$2,875.8
$3,365.3
$3,832.6
$4,191.5
$4,603.5
$5,030.6
$5,495.5
$5,979.0
$6,473.4
Other
$694.8
$698.4
$724.8
$729.5
$760.6
$792.5
$828.7
$868.5
$911.5
2016
The main drivers of the global encryption software market are growing
regulatory compliance requirements for data security imposed by
governments, the increasing adoption of mobile devices and the high financial
cost of data loss (see Section 4.1). These factors are driving end-users to
continuously adopt improved IT security and data encryption solutions, so the
global encryption software market should continue to grow at a healthy rate.
This is good news for the future quantum cryptography market, which will be
driven by similar regulatory and financial factors over the long-term as the
need for cryptosystems resistant to quantum computing becomes increasingly
important over the coming years.
As shown in the chart from TechNavio in Figure 11, the Americas currently
account for the majority of the market share for encryption software at 49%.
The tightening of government regulations and the high frequency of data loss
is leading to the increasing demand for encryption software from dierent
sectors, particularly in the United States. Europe, the Middle East and Africa
(EMEA) follow with a current market share of 34%. Like the U.S., increasing
security breaches are prompting European companies to increase their IT
security budgets, and the growing frequency of cyber-attacks against
European Union government infrastructures is driving the public sector to also
adopt improved encryption software solutions.
The Asia-Pacific (APAC) region currently has a market share of 17%. Although
its present share of the encryption software market is today relatively small,
some of the countries in the region such as Australia and South Korea are
expected to make significant investments in the near future. In the Association
of South East Asian Nations (ASEAN) area, countries such as Vietnam and
26
2017
Figure 10 Global Encryption Software Market 20102014 (US$ Billions). Source: TechNavio Analysis
1.5
0.5
2010
2011
2012
2013
2014
Indonesia are expected to experience strong growth of over 15%. The reasons
for this high growth are two-fold. First, as with the other geographical regions
growth, in Asian countries will be driven by increasing public and private
sector IT security spending. Furthermore, since most of these countries
currently have a low adoption rate, as a percentage the growth rate is
therefore expected to increase rapidly.
Finally, the chart from TechNavio25 in Figure 11 also shows the current
encryption software market by end-user segmentation. The major adopters of
encryption software solutions are large enterprises and various government
departments. Since industries such as financial services and retail as well as
critical government departments such as health, finance and defense are
among the most targeted destinations for cyber-attacks, they are the most
prominent users at 48% of the total market. Other government departments
follow large enterprises at 22% of the total market, with agencies of the United
States and European Union governments being the most prominent adopters
of encryption software solutions.
27
Figure 11 Encryption Software Market by Geography (Top) and End-User (Bottom). Source: TechNavio
Analysis
Others
10%
Mid-market
20%
EMEA
34%
Large Enterprises
48%
Government Departments
22%
28
APAC
17%
Americas
49%
5. competitive landscape
5.1. CURRENT COMMERCIAL VENDORS
Four companies currently oer complete turn-key commercial QKD systems:
ID Quantique, MagiQ Technologies, QuintessenceLabs and SeQureNet. Several
other companies oer related products and services or have active research
programs. Other commercial QKD activities are described in Sections 3.3.9
and 5.2. At the present time, there are no companies oering satellite-based
long-distance QKD services.
29
5.1.2. ID Quantique SA
Chemin de la Marbrerie, 3 1227 Carouge /
Geneva , Switzerland
www.idquantique.com
30
5.1.5. Alcatel-Lucent SA
3, avenue Octave Grard 75007 Paris,
France
www.alcatel-lucent.com
Alcatel-Lucent SA was formed in 2006 through the merger of Alcatel and Lucent
Technologies. The company provides end-to-end solutions including mobile, fixed and
integrated broadband access, enterprise and carrier IP technologies, and other related
services to support government, enterprises and service providers in delivering video, voice,
and data communication services to clients. Its subsidiary Bell Labs has been working on
novel architectures to enable large capacity quantum communications networking. The goal
of this work is to achieve quantum communication networks that have the required capacity
and compatibility with existing fiber optic data networks. Bell Labs expertise in integrated
optics is critical for implementing the low-loss optical components that would be required for
quantum transmission.
31
Ed Campbell President
Steve Milligan Chief Technologist
Susan Wuellner Vice President, Human Resources
BBN Technologies was acquired by Raytheon in October 2009. The company develops
advanced networking, cyber security, immersive learning technologies, information and
knowledge technologies, quantum information processing technologies and sensor systems
for government and business customers. Under DARPA sponsorship, BBN Technologies
collaborated with Boston University and Harvard University to develop, build and operate one
of the worlds first QKD networks. This DARPA Quantum Network, which became operational
in 2003, deploys 247 quantum cryptography to oer high security for a range of standard
Internet trac flows including streaming video, e-commerce and web browsing. BBN
Technologies continues to work on new hardware, software and network protocols for
quantum cryptography as well as high-speed detectors, cryptographic systems and defenses
against quantum hacking techniques.
5.1.7. HP Laboratories
1501 Page Mill Road Palo Alto, CA 94304
www.hpl.hp.com
32
5.1.8. IBM
New Orchard Road Armonk, NY 10504
www.ibm.com
33
34
5.1.12. Toshiba
1-1, Shibaura 1-chome
Minato-ku, Tokyo 105-8001, Japan
www.toshiba.co.jp
Atsutoshi Nishida Chairman of the Board
Norio Sasaki Vice Chairman of the Board
Toshiba was founded in 1875 and today operates a global network of more than 500
consolidated companies with over 200,000 employees worldwide. The company is at the
forefront of quantum information R&D and is currently seeking commercial partners to further
develop applications for quantum cryptography. Toshibas Quantum Information Group (QIG)
is led by Dr. Andrew Shields and is actively researching the application of quantum physics to
information technology. The group developed a quantum key server capable of generating
approximately one hundred 256 bit keys every second over a fiber optic network spanning a
distance of 120 km.
In 2005, the company employed quantum cryptography to relay video and voice over a
secure optical fiber network, demonstrating the feasibility of single photon encryption over
commercial networks. Two years later, researchers at Toshiba Europe in the United Kingdom
claimed to have successfully integrated decoy photons into quantum signals for secure
QKD. These decoy pulses are arbitrarily scattered within the quantum cryptographic signal
and are intended to reduce the chance of the pulses containing multiple photons and thereby
enable easy detection of attacks during data transmission. The decoy method also allows the
use of more power laser pulses, which should increase both the bit rate and the transmission
distance. Toshiba achieved a transmission rate of 5.5 kbits/sec over a distance of 25 km.
Toshiba has undertaken several field trials for its QKD networks, including the SECOQC
network in Vienna. The SECOQC collaboration was aimed at developing protocols and
hardware for operational QKD networks and was in operation from 2004 to 2008. In 2010,
Toshiba deployed its QKD technology demonstrator at Tokyo's National Institute of
Information and Communications Technology (NICT). This system was capable of operating
over long distances exceeding 120 km using standard telecom fibres.
35
36
37
38
6. market potential
6.1. DISCUSSION OF MARKET POTENTIAL
6.1.1. General Considerations
To get a sense of how the quantum cryptography market may develop over
time, a comparison with the historical uptake of conventional cryptography
could be considered:
Phase 1 Governments, militaries and research institutions
39
39
All financial values in this and the following sections are expressed in 2013 U.S.
dollars. Financial values without citation are IQC internal estimates.
41
42
Following this phased timeline and assuming that adoption by each market
segment follows a Bass diusion model, IQCs long-term estimate of the
market potential for quantum cryptography by user segment is shown in
Figure 13. As discussed in Section 4.2, the market segmentation for the global
encryption software market in 2012 was 48% large enterprises, 22%
government departments, 20% mid-market and 10% other users. The IQC
forecast model assumes that over the long-term the steady-state
segmentation of the quantum cryptography market will approximate that of
the current encryption market.
43
44
2. conclusion
For over a decade, the Institute for Quantum Computing (IQC) has been
aggressively exploring and advancing the application of quantum mechanical
systems to a vast array of relevant information processing techniques,
particularly as they apply to quantum computing, communications and
sensors, and of course cryptography. Since its discovery at the beginning of
the 20th Century, researchers around the world have been working on how to
harness quantum mechanics for the benefit of humanity, in the manner that
chemical, electromagnetic and nuclear phenomena became understood and
utilized in past centuries.
45
A new Quantum Space Race is on, with teams in Canada, Europe, the U.S.,
Japan, China and other nations vying to be the first to demonstrate QKD from
space. The winning team would not only claim a historic scientific achievement
but would also be the front-runner to seize a potentially lucrative future
business opportunity. The current market for quantum cryptography is
relatively modest, however, it is expected to grow significantly over the longterm as regulatory requirements for quantum-resistant cryptosystems are
expected to become enacted. Within twenty years, IQC estimates the potential
overall global market for quantum cryptography could reach $23-billion within
twenty years. Satellite-based QKD for long-distance secure key distribution,
using either a constellation of low Earth orbit (LEO) microsatellites or hosted
payloads on geostationary (GEO) satellites, would be a subset of this overall
quantum cryptography market. IQC estimates a potential worldwide market
for satellite-based QKD of up to $382-million per year within the next two
decades.
The quantum revolution is on. Quantum information science is moving from
the realm of research to the world of business. The need, the science, the
technology, and the business opportunity are there for those who wish to
seize it.
46
3. endnotes
Corker, D., Ellsmore, P., Abdullah, F., Howlett, I. Commercial Prospects for Quantum
Information Processing, Quantum Information Processing Interdisciplinary Research
Collaboration, 1 December 2005.
2.
3.
4.
Stebila, D., Mosca, M., Ltkenhaus, N., The Case for Quantum Key Distribution, arXiv:
0902.2839v2 [quant-ph] 2 Dec 2009.
5.
Warwick P. Bowen, Nicolas Treps, Ben C. Buchler, Roman Schnabel, Timothy C. Ralph,
Hans A. Bachor, Thomas Symul and Ping Koy Lam, Experimental Investigation of
Continuous Variable Quantum Teleportation, arXiv:quant-ph/0207179v1, 31 Jul 2002.
6.
7.
Ibid.
8.
Nauerth, S., Moll, F., Rau, M., Fuchs, C., Horwath, J., Frick, S., Weinfurter, H. Air-toGround Quantum Communication, Nature Photonics 7, 382386 (2013).
9.
10.
11.
T. Jennewein, B. Higgins. The Quantum Space Race, Physics World, March 2013.
1.
47
48
12.
13.
Mann, A., The Race to Bring Quantum Teleportation to Your World, Wired, 3
October 2012, http://www.wired.com/wiredscience/2012/10/quantum-satelliteteleportation/all/
14.
A New Dawn for Chinas Space Scientists, Science, Volume 336, 29 June 2012, pp.
1632-1633.
15.
McCracken, H., SXSW: Edward Snowden Has No Regrets About NSA Leaks, Time, 10
March 2014, http://time.com/18691/edward-snowden-talks-privacy-and-security-atsxsw-interactive/
16.
17.
The State of Data Security: Defending Against New Risks and Staying Compliant,
Sophos Security Report 5.11v1.dNA, 2011.
18.
19.
20.
Cavusoglu, H., Mishra, B., Raghunathan, S. (2004). The eect of internet security
breach announcements on market value: Capital market reactions for breached firms
and Internet security developers, International Journal of Electronic Commerce, 9,
70104.
21.
Nicastro, D. (2010, August 12). HIPAA breaches near $1-billion, HealthLeaders Media,
10 April 2011, http://www.healthleadersmedia.com/content/ TEC-255015/HITRUSTHIPAA-Breaches-Near-1-Billion
22.
The State of Data Security: Defending Against New Risks and Staying Compliant,
Sophos Security Report 5.11v1.dNA, 2011.
23.
Kolodgy, C.J. et al, Worldwide IT Security Products 2013-2017 Forecast, IDC Report
#245102, December Rev2013.
24.
25.
Ibid.
26.
27.
Stix, Gary. Best-Kept Secrets, Scientific American, January 2005, Volume 292, Issue
1, pp.78-83.
28.
Wilkinson, K., How Mike Lazaridis Plans to Turn Waterloo into the Silicon Valley of
Quantum Computing, Canadian Business, 9 November 2013.
29.
30.
31.
32.
Corker, D., Ellsmore, P., Abdullah, F., Howlett, I. Commercial Prospects for Quantum
Information Processing, Quantum Information Processing Interdisciplinary Research
Collaboration, 1 December 2005.
33.
34.
QWave Invests $4.5M in Quantum Encryption Developer ID Quantique, Russia & CIS
Business & Investment Weekly, 18 October 2013.
35.
36.
Parker, P.M. The 2013-2018 World Outlook for Quantum Cryptography, Icon Group
International, ISBN 1-114-88185-6, 2012.
37.
49
9. appendices
9.1. APPENDIX A: LIST OF ACRONYMS
50
AES
AIIA
APAC
Asia Pacific
ASEAN
BB84
BBM92
BBN
BP
British Petroleum
CEO
CERN
CHAMP
CNSA
CRYPTREC
CSA
CSEC
CSIS
CV-QKD
DARPA
DES
DPS-QKD
DVD
ECC
EISG
EMEA
ESA
FAST
FPGA
FSA
GEO
HSM
HHS
HIPAA
ICT
IDC
IDQ
ID Quantique SA
IM
instant messaging
IP
Internet protocol
ISS
IT
information technology
IQC
LEO
LLC
NASA
NICT
NIST
NSA
NTT
NP
OTP
one-time pad
PIER
PLC
PPLN
QEYSSat
QIP
E91
51
52
QIPS
QKD
QRNG
QUEST
R&D
RF
radio frequency
RSA
SECOQC
SEQURE
SOCRATES
SFL
SME
small/medium-sized enterprises
SOTA
U.K.
United Kingdom
UQCC
UQD
U.S.
United States
USB
UTIAS
53
D OCUMENT N O . IQC-QPL-R-1403001