Future in the cloud for encryption
Traditional PKI methods of encrypting data are about to fall to the onslaught of quantum computing. Arqit, a start-up led by David Williams thinks it has a quantum-based solution, he tells Alan Burkitt-Gray
A start-up company that is expected to be valued at US$1.4 billion by the end of August is launching its quantum-based telecoms encryption service in the middle of July. Arqit, founded by satellite entrepreneur David Williams, is launching QuantumCloud, a platform-as-a-service (PaaS) for telecoms, including consumer, industrial and defence internet of things (IoT), he tells me.
Early customers, including BT and other telcos that he doesn’t want to name, have already signed contracts and used the cyber security software, but Arqit is likely to be thrust into greater prominence imminently, when a Nasdaq-listed special purpose acquisition company (Spac) buys it in a deal that will value it at $1.4 billion.
Williams and “a small number” of co-founders will own 45%, he tells me – a stake that will be worth $630 million to him and his colleagues.
A former banker, Williams, who is now chairman of Arqit, was founder and CEO of Avanti, a UK-based company that runs a fleet of geostationary satellites called Hylas – with government, military and commercial customers. He left Avanti in August 2017 and a month later set up Arqit.
Being the founder of two satellite companies is a pretty remarkable record after seven years working for three banks following a degree in economics and politics. (He also notes that he was the yard-of-ale champion at the University of Leeds.)
However, his first start-up, Avanti Communications, has not fared well over the past year, long after Williams’s departure. In February 2021 its existing junior lenders injected $30 million of new capital, and its so-called super senior facility, which was due for repayment in February, was extended, but only to the end of January 2022.
But Arqit has moved into a completely different market, addressing something the company calls “an existential threat to the hyperconnected world”. Why? “The legacy encryption that we all use, designed in the 1980s, has done a great job but is now failing us,” says Arqit on its website. “It was never intended for use in our hyper-connected world. The breaches caused are seen around us daily.”
At the same time, there is a bigger problem. “Quantum computing now poses an existential threat to cyber security for everyone. As a result, the world must begin a global upgrade cycle to replace all encryption technologies, an upgrade unlike anything we have seen before,” says the company.
Don’t bother patching and mending, says Arqit. Don’t “take risks with incremental improvements to public key encryption which is no longer fit for purpose”.
Encryption using public key infrastructure (PKI) emerged from the communications intelligence community around 1971 in work by James Ellis at the UK’s Government Communications Headquarters (GCHQ) and was then developed further in 1976 through work in the US and Israel by Whit Diffie and Martin Hellman – and separately by Ronald Rivest, Adi Shamir and Leonard Adleman (known, from their initials, as RSA).
So, the idea is virtually half a century old. But in that time, certainly in the past decade, it has done us well. If the URL of a website starts https://, you know it’s encrypted to those 1970s standards. It means we are reasonably confident we can type our credit card details into a hotel, theatre, travel or shopping site. Messaging apps such as Signal and WhatsApp use encryption based on these PKI principles.
No one trusts PKI
However, “no one trusts PKI any more,” says Williams. The safest way of delivering keys to a battlefield is now to put them on a dongle and fly them in by helicopter.
At the heart of the problem is the fact that quantum computers are coming, and quantum computers are fast. Diffie and Hellman, and the RSA trio, calculated that if it took weeks or months to decrypt a message, PKI was secure. Breaking the code would be “computationally infeasible”, to use the term the crypto community likes.
By – perhaps – as soon as next year, quantum computers will be able to work so fast that they will have decrypted the text in a usable period of time. The challenge will no longer be computationally infeasible. Someone intercepting a transaction could find your credit card details within an hour or so, and use them. So, that’s why there is pressure to upgrade to a new system of key exchange, a replacement for PKI.
However, the security people have something more to worry about. Many suspect that for years governments and other organisations have been squirrelling away in their vaults traffic that is encrypted to current standards, knowing that, any time soon, they will be able to crack it.
Think of all those politicians, on all sides of the global political divides, who have been conspiring via WhatsApp. Think of all those whistleblowers who have leaked information to law enforcement authorities or journalists via Signal. Think of all those criminal organisations that have been using Telegram for their plans.
Lemon juice and milk
That’s why PKI, the current crypto infrastructure, is facing what Arqit calls an existential threat. Pretty soon, it will be as outmoded as writing “Xf buubdl bu ebxo upnpsspx”* in lemon juice or milk and sending it via carrier pigeon. Don’t bother with minor fixes, says Arqit. “It’s wrong to patch and mend, or to take risks.”
The future lies in symmetric keys, with a new way of distributing them. “Symmetric keys are provably secure against any attack, including quantum computing,” says the company.
The problem is that, until now, there has been no safe way to distribute them. Arqit says that it offers a method to create those keys at scale, securely, at any kind of endpoint device. “We have invented a method of creating unbreakable encryption keys locally, both at the edge and in the cloud,” says Williams.
“Arqit has a solution.” It’s called Arq19, pretty much for the same reason Covid-19 has that suffix: “2019 was our Eureka moment,” he smiles.
These are systems he calls “global and trustless”, a confusing term. It seems to mean you can’t trust it, but what Williams and Arqit mean is that you don’t have to trust it, as keys will never be stored in any system, so they cannot be stolen, but they can be put on devices within “less than half a second” to enable a high level of security.
“We create hardware storage modules” in a number of places – he says “London, New York, Sydney, for example”. But those aren’t the keys. They are clues, “a process involving shared secrets to create brand-new symmetrical encryption keys”. No, I don’t understand either; but how many people in 1936 understood Turing’s famous paper, On Computable Numbers, which started the computer revolution? (Turing went on to work during World War Two at GCHQ’s predecessor at Bletchley Park, in what is now the English city of Milton Keynes.)
Arqit can deliver its keys in “unlimited group sizes”, says Williams. The traditional PKI approach is for two-way communications – Alice and Bob, in the crypto community’s terminology.
But what Williams is looking for is a system that will work with Alice, Bob, Catherine, Dave, Eve and a whole telephone directory.
“For example,” says Williams, they can deliver keys “to international telecoms networks, and we can change the key every second if we want.” He says that will result in ultra-secure software defined networks (SDNs).
“We can deliver quantum keys in a manner that’s global and trustless,” says Williams. The company will use a small fleet of satellites, weighing 300kg each, that is being built by QinetiQ, a company formed 20 years ago by the privatisation of part of the UK government’s Defence Evaluation and Research Agency.
BT has an exclusive deal to distribute Arqit’s QuantumCloud services in the UK, and the Japanese firm Sumitomo has a deal as “the first big international customer”, says Williams.
It is working with telcos to encrypt traffic on Japanese fibre cables, he adds.
These are contracts with distributors that have been signed, but the company’s first contract with a corporate user went live in June, he says, although he will not name the partner, “except that it is a big global corporation”. It is “an enterprise customer” and is not BT.
The eventual market will include the internet of things (IoT) and connected cars, enterprise and connectivity, he said. Cost will be low, says Williams. “Users will pay a tiny fraction of a dollar for each key created.”
Heir to Turing
Williams has gathered around him a range of technical, crypto and management talent. CTO and co-founder with Williams is David Bestwick, who was also a co-founder and CTO of Avanti. There’s a chief cryptographer who was at GCHQ: think of David Shiu as the inheritor of the tradition founded by Turing 80 years ago.
There are other ex-GCHQ people, too, and a retired air vice-marshal and a former lieutenant general in the US Air Force. And more, including experts in telecoms, IT and a chief software engineer who was at McAfee. And a former head of operations at 10 Downing Street.
These people are well connected. We’ll see what they achieve.
Though, will we be able to find out, or will it all be encrypted?
*“Xf buubdl bu ebxo upnpsspx” means just “We attack at dawn tomorrow”, using the so-called Caesar cipher, as reputedly used by the Roman dictator