- Vodafone is at the forefront of quantum-safe networking efforts
- It is working with a number of partners and the GSMA on such developments
- With partner SandboxAQ it has tested a quantum-safe VPN using standard smartphones
Vodafone Group and SandboxAQ, an AI and quantum computing spin-out from Google’s parent company Alphabet, have tested a quantum-safe virtual private network (VPN) using modified standard smartphones as the end-user devices.
The quantum-safe VPN project “assessed the impact of PQC [post-quantum cryptography] algorithms on this key telecommunications service, without compromising the customer experience,” noted Vodafone in this blog. “During the project, Vodafone established its first ever quantum-safe VPN, using new technology and customised SandboxAQ software for quantum-safe internet protocols and analytics,” it added.
The smartphones were adapted using cryptography algorithms developed by the National Institute of Standards and Technology (NIST), part of the US Department of Commerce, which has “developed a framework of standards for national or corporate cyber security practices,” noted Vodafone. The operator added that “adapting a standard smartphone for the test allowed Vodafone/SandboxAQ to evaluate the latest NIST standards in a real-life telecommunications scenario.”
Vodafone engineers “conducted a series of experiments to test several scenarios, including connecting the modified smartphones to a server and site-to-site connections to replicate a link between head office and local branches,” the operator added.
The test is part of Vodafone’s quantum-safe networking efforts that the operator is undertaking with partners and industry body the GSMA.
“On one hand quantum computing has the potential to rapidly solve ultra-complex problems in key areas, such as healthcare, but on the other it could undermine today’s cryptography,” noted Emma Smith, Vodafone’s director of cyber security. “This is why we are playing an active role in the transition to a quantum-safe world. We are exploring and trialling new algorithms to provide protection for our customers against possible quantum-empowered attackers in the future,” she added.
Vodafone noted that it has “taken a leading role in the GSMA’s newly established Post-Quantum Telco Network (PQTN) Taskforce,” which was launched last September, “to help develop industry-wide strategies and planning to address the quantum threat,” and that the taskforce published a whitepaper in early 2023 “discussing the quantum threat and outlining the telco-specific implications.”
The operator stressed in the blog that it’s important to focus on these developments now because there is already a very real threat from so-called ‘store-now-decrypt-later’ attacks, where data is stolen now and stored to be hacked once quantum computing capabilities become available.
Vodafone is also carrying out research to look at the “performance characteristics of the post-quantum algorithms,” as “different types of post-quantum cryptography can have varying performance characteristics, which may impact existing communications processes, such as voice calls or web browsing and telecommunications infrastructure.”
To better understand the risks, the operator is developing “real-life scenarios” in addition to the one tested with SandboxAQ.
It’s also worth noting that Vodafone is working very closely with IBM, one of the world leaders in quantum computing developments – see A quantum of solace? Vodafone and IBM team on R&D.
There’s a lot more detail and background in the Vodafone blog, which is a recommended read: This is critical work for the whole industry and something that all parts of the ecosystem should be aware of.
- Ray Le Maistre, Editorial Director, TelecomTV