Nokia Bell Labs quantum security researcher is prepping our networks for Q-Day By Aron Heller | Nokia, Monday, 09 Sep 2024

We are entering a new era of quantum technologies that will unlock new capabilities in computing, networking and sensing. But there is one quantum technology that will have an immediate and direct impact on all of humankind: quantum security.

Quantum computing’s problem-solving capabilities will indeed be revolutionary in many industries, but they will also present a devastating threat against the privacy and security of our communications and data. Once quantum computers advance far enough, they will be able to crack data encryption that is unbreakable today with classical computers. We’re talking about individual health records, critical infrastructure data and state secrets.

Therefore, we’ll need strong defense systems in place to avoid such global mayhem. In other words, we’ll need to make sure our networks and data are quantum safe.

That’s where Nokia Bell Labs security research scientist Dimitrios Schoinianakis comes in. He’s focused on preparing for the day a Cryptographically Relevant Quantum Computer (CRQC) comes online, exposing nearly all classical data encryption to attack. The day is ominously referred to as Q-Day and it is still some 10-25 years away. But Schoinianakis says there is no time to waste.

“A lot of people take the approach that Q-Day is still far off in the future so why should we care now,” he said. “But my message is that security doesn’t work that way. If you wait until you see the threat, it is too late. To be on the safe side, you must be cautious and pay your due diligence when it comes to security, and especially cryptography.”

He’ll be delivering that message of caution and urgency this week when he addresses a panel at the IEEE International Communications Quality and Reliability Workshop in Seattle.

A quantum leap in cryptography

Quantum technologies are nothing new. In fact, many of Nokia Bell Labs’ greatest inventions were based on quantum research, such as the transistor, the solar cell and quantum dots. The difference between that first wave of quantum technologies and those of today is that we can now utilize individual quantum systems. This means we can harness the properties of quantum superposition and quantum entanglement to manipulate particles like electrons and photons. These particles can be used as quantum bits, or qubits, to store and process information, allowing a quantum computer to perform certain computations massively, at speeds exponentially faster than classical computers.

It all opens up a slew of new possibilities that until recently had been only imaginable. A Google experiment, for instance, performed a computation in just 200 seconds that would take the world’s fastest supercomputer 10,000 years to complete. As quantum computers mature, their calculative power could be used in solving immensely complex problems. They could, for instance, revolutionize drug discovery or help address climate change by optimizing our global energy infrastructure.

The flip side is that this same computational power could be applied to decrypting the world’s secrets, something that is close to Schoinianakis’ heart.

Growing up in Athens, Greece, Schoinianakis was always drawn to the sciences. He completed all his advanced electrical and computer engineering education at the University of Patras, earning his Ph.D. there in 2013.

It was a master’s thesis, though, that sparked his career trajectory. He was working on unconventional arithmetic systems that used a different method of representing data beyond the typical decimal format. It triggered an investigation into whether these mathematical constructions could be applicable to cryptography.

“This turned out to be a very open space, there was not a lot of research on this back then,” he explained. “I was lucky enough to be among the first to get into it.”

In parallel to his Ph.D. studies, he started working for Nokia as a telecom engineer. In 2014, he moved to Munich, Germany, and became a product line manager focusing on microwave radio technology. A year later, he joined Bell Labs as a security research specialist, focusing on cryptographic research. Apart from post-quantum crypto, his research has since evolved to also include constructions like Homomorphic Encryption and Zero-Knowledge Proofs (ZKP).

This had a big impact on his career, leading to a focus on a particularly timely and specialized security threat called harvest now, decrypt later (HNDL). Under this sort of attack, a bad actor could harvest encrypted data today and simply hold onto it until a CRQC arrives in the future that can decrypt it. There is no retroactive defense against this and that’s why Schoinianakis is eager to get out in front of this dangerous threat.

“The sooner we deploy a quantum-safe strategy, the more we mitigate the risk of data being exposed in the future. This is common sense,” he explained.

A mathematical threat

At the core of the problem are a pair of algorithms that can harness the power of quantum computers to crack our mainstream cryptography: Shor’s and Grover’s quantum algorithms. (Incidentally, both algorithms are named for researchers, Peter Shor and Lov Grover, who were affiliated with Bell Labs when they developed them for the purpose of solving real-world quantum computing problems).

Our digital world is secured by two main types of cryptography: asymmetric (often referred to as public-key cryptography) and symmetric.

Asymmetric encryption uses mathematics that allows parties that have never met before to agree on a common encryption key. This type of cryptography is also the basis for another fundamental security construction – digital signatures. However, Shor’s algorithm can easily break these asymmetric systems.

Symmetric encryption refers to algorithms that use a common key between communicating parties. This type of encryption could potentially be attacked by Grover’s algorithm, which is a quantum algorithm designed to speed up the process of searching an unsorted database. In the context of cryptography, it can be utilized to, theoretically, brute-force the symmetric key.

The mathematics behind Shor’s and Grover’s algorithms is extremely complex, but one thing is clear: Once a quantum computer powerful enough to run these two algorithms efficiently, they could be put to nefarious purposes.

“This kind of change to the basic foundations of the security of our digital systems is something we have never faced to this extent,” Schoinianakis said. “It is a very complex task to migrate from our legacy cryptography to something we call quantum-safe cryptography.”

Minding your Ps and Qs

The answer to this quandary lies in new quantum-resistant encryption that could protect today’s data from a quantum computer-initiated attack. An emerging technology in the encryption field is called post-quantum cryptography (PQC), and it uses our understanding of quantum computing to create mathematical encryption systems that will be extremely difficult for a quantum computer to crack. The US National Institute of Standards and Technology (NIST) recently standardized the first three such algorithms.

Another tool that goes beyond the conventional network into quantum networking is called quantum key distribution (QKD). Rather than mathematics, this approach employs the laws of quantum physics to establish a common encryption key between two communicating parties. Due to these fundamental laws, no one can tap into the communication channel without being detected.

The gist of Schoinianakis’ job boils down to optimizing the basic mathematical operations of post-quantum algorithms so they can be efficiently implemented in future products and applications. He tests PQC’s performance when integrated into actual systems. He also consults various groups to make sure there is a common understanding of the threats and solutions and an increased “quantum literacy” going forward.

“It takes years to gain the confidence of the community on new cryptographic developments, so we immediately need to set up our systems as early as possible,” Schoinianakis said. “We are also going to need cryptographic agility for systems to accommodate new algorithms or switch between algorithms without major disruptions in the underlying service.”

A break from quantum threats

Schoinianakis returned a year ago from Germany to Greece to be closer to family as he and his wife raise their three-and-a-half-year-old twins. Most of his down time revolves around parenting and his pair of personal passions: road cycling and photography.

Schoinianakis, whose home office is adorned with bicycles mounted on the wall, trains for competitive road races in the 60–80-kilometer distance range but also often participates in endurance events of up to 300 kilometers.

While in Munich, he began developing an interest in street photography to immerse himself in the culture and language of his new German home. It evolved into an impressive portfolio of projects, one of which earned a photography prize in New York.

“Away from work, I try to shut down. Getting into all the math takes a lot of your energy so in my free time I just want to hang out with the kids and do stuff with them,” he said. “The training and the cycling, that’s just my personal psychotherapy, if I can call it that.”

It’s a well-earned distraction for someone whose job is to protect the world from Q-Day.