Researchers secure an important win in the race against cybercriminals by using quantum communication to securely transfer data at Danske Bank.
Many years’ work developing secure quantum communication at DTU has culminated in researchers, in collaboration with consultancy firm KPMG, successfully transferring data between two of Danske Bank’s computers that simulate data centres. The demonstration which has just been completed is promising for future data security and society’s race against cyber criminals. The event marked the first data transfer in the Nordics secured by quantum keys on a network outside a laboratory.
"Our approach uses the fundamental unpredictability and randomness of quantum mechanics as the source of security. This way we create the foundation for data transfers that are impossible to hack unless you break the laws of physics"
The technology has moved out of the laboratory and into the real world, in practice by fitting the highly specialised optical systems that researchers have developed for quantum communication with a transmitter and a receiver unit, into standard 19” racks. While it perhaps sounds simple, the team encountered some challenges, for example, the challenge of integrating electronics and optics and ensuring the temperature independence of the optical components.
Data protected by the laws of physics
The technology used is ‘continuous variable quantum key distribution’ (CV-QKD). Developed at DTU, it enables the creation and sharing of secure encryption keys with the help of standard telecom fibre optics.
“We are very proud to help the researchers reach this milestone and at the same time gain first-hand experience of quantum-safe data transfer, which potentially has great significance for the future security of digital communication,” says Lance McGrath, Chief Security Officer at, Danske Bank. He continues: “As a bank, we have a responsibility to constantly seek new ways to protect our customers’ data and ensure that we are a step ahead of the criminals in the tech arms race.”
The technology underpinning ‘continuous variable quantum key distribution’ is compatible with the standard fibre-optic network and can therefore be used in the bank’s network and eventually in other critical infrastructures where security is paramount.
“Data security using standard encryption methods is based on great mathematical complexity. You can think of it as a calculation where the solution is very difficult to find but, conversely, where it is very easy to check whether a solution is correct. Our approach is different and instead uses the fundamental unpredictability and randomness of quantum mechanics as the source of security. This way we create the foundation for data transfers that are impossible to hack unless you break the laws of physics,” says associate professor Tobias Gehring, DTU Department of Physics, who has led the research group behind the new technology.
“Our technology exploits quantum physics to provide the sender and receiver with the keys they need to encrypt and decrypt their data while ensuring that no one else has knowledge of the keys.”
Everyone should quantum-secure their data transfers
KPMG has contributed both financing and technological assistance to the quantum-safe data transfer experiment at Danske Bank – and according to the consultancy we should all begin to quantum-secure our data transfers:
“The incredible power of quantum computers could easily break the encryption our entire digital society is built on. It underlines the importance of projects like these that take the
first steps towards securing our data from hacking in a future that will become reality within the next ten years,” says Bent Dalager, partner in KPMG’s NewTech department.
The data transfer at Danske Bank provided an important test of whether the technology could be taken out of the laboratory and used in a real network. The solution now has to be further developed so it can, for example, run autonomously and thus without human intervention.
The further development of this quantum-safe communication is being carried out in a major collaborative project, CryptQ that merges researchers at DTU with Danske Bank and other organisations in Denmark.
About the technology
Quantum key encryption is a new generation of encryption, designed to be resistant to malicious attacks from attackers with access to a quantum computer.
Regular encryption is based on mathematical formulas that are easy to create but hard to break or calculate. This have worked fine for many years. However, computer power is evolving and enables faster calculation, thereby breaking the encryption and making it possible for people with malicious intent to read our encrypted communication.
Quantum key encryption uses quantum technology to create the randomness of the key, and thereby making it impossible to do the “reverse calculation” even if the malicious person had access to a quantum computer to do the calculations.