[5G Future] A superfast network needs quantum security
A series of investigations by the National Police Agency found that 10 hackers accessed nearly 5,000 home surveillance cameras and saved over 27,000 videos capturing people’s personal lives, including their most intimate moments.
The case raised security concerns not only over the number of Internet of Things (IoT) devices that are finding their way into peoples’ daily lives, but also more broadly over Korea’s headlong rush into a hyper-connected society driven by the commercialization of the 5G network.
5G is not only faster than the existing 4G network, but is also capable of connecting to a million devices at once within a square kilometer (0.39 square miles). That is about 10 times more devices than 4G was able to connect to at once.
While such massive connectivity can make life more convenient - by enabling remote control of home appliances and cars as well as constant monitoring of industrial equipment safety and patients’ vital signs - it also means there are a lot more weaknesses in every aspect of everyday life that could be vulnerable to cyberattacks. In the wrong hands, internet-connected cars and appliances could become weapons.
Global market tracker Gartner forecasts that 14.2 billion connected devices will be in used in 2019, and the total will reach 25 billion by 2021. Market researcher IHS Markit predicts that 125 billion IoT devices will be in use by 2030.
KT Economics and Management Research Institute expects the accumulated damages from IoT hacking in the Korean market to reach 26.7 trillion won ($22.2 billion) by 2030.
“In the 5G era where massive IoT networks are in use, cheaper IoT devices can be vulnerable to cyberattacks,” said Professor Youm Heung-youl of information security engineering at Soonchunhyang University.
Quantum cryptography might sound like something straight out of a Hollywood movie script, but it’s a very real science that mobile carriers are hoping can keep their networks safe from cyberattacks.
SK Telecom, Korea’s largest carrier, announced in March that it will embed quantum cryptography technologies in its new 5G network.
Quantum cryptography is essentially a better way of creating digital keys that only the distributor and receiver of data can decode.
Simply put, current security systems are based on mathematical problems, which are vulnerable to hacking and decryption. On the other hand, quantum cryptography protects data by employing quantum mechanics.
The encoded data, which is in a quantum state, can only be decoded by parties that share a random secret key, securing the confidentiality and the integrity of data. If someone tries to intercept or eavesdrop, that person is immediately exposed.
“Think of data transfer on existing telecommunications network as exchanging balls. If a third person steals the ball in the process, makes a copy of the ball and delivers the copied version to the end receiver, it is hard to notice whether the ball has been stolen or not,” a spokesperson from SK Telecom said. “But with quantum cryptography, it’s like delivering bubbles - even a touch from a third person will distort the data, making it impossible for the third person to steal or copy it.”
The carrier began strengthening 5G network security using a quantum random number generator developed by Swiss-based quantum technology developer ID Quantique (IDQ) in its 5G subscriber authentication process in March.
The subscriber authentication process is an indispensable step that prevents personal information leakage when accessing a mobile communications network.
The generator, according to SK Telecom, creates truly random numbers, in this case authentication keys, that are not biased and cannot be predicted.
Because existing random numbers used in security systems are actually produced with patterns, they are vulnerable to hacking by quantum computers with data processing speeds 100 million times faster than supercomputers, SK Telecom said.
“If commercial quantum computers launch within the next decade, we will still be living in the 5G era, and that means the 5G network must be ready with a security system that is not vulnerable to [cyberattacks] through quantum computers,” Youm said. “Quantum random numbers can enhance the security level of IoT devices.”
The carrier also adopted IDQ’s quantum key distribution technology on data transfer between Seoul and Daejeon, one of the major network connections in the country handling heavy data traffic, in April. Quantum key distribution enables two parties to produce a shared random secret key known only to them.
The partnership with IDQ is based on a $65 million investment SK Telecom made into IDQ in February last year. The investment was intended to develop IDQ’s quantum technologies for the telecoms and IoT markets.
SK Telecom is now just a step away from obtaining approval for its quantum random number generating technology becoming an international standard approved by the International Telecommunication Union Telecommunication Standardization Sector (ITU-T). It obtained preliminary approval in September and is awaiting final approval.
Other Korean carriers - KT and LG U+ - are also working on quantum cryptography.
In July, a quantum cryptography communication network framework jointly developed by KT and LG U+, as well as local research institutes, earned preliminary approval from the ITU-T. The standard, which defines the network layer model and functional components necessary to configure a quantum cryptography communication network, will be adopted as long as it isn’t opposed by any of the member countries of the organization.
“The United States, China and Switzerland are in the lead when it comes to the core technologies related to quantum cryptography,” Youm said. “But Korea started showing interest in the technology recently and is making rapid progress, especially thanks to companies like SK Telecom.”
KT is working on quantum cryptography, but its main focus is on using blockchain technology to enhance security for IoT devices in the 5G era.
The carrier announced on Sept. 27 that it completed development of its blockchain-based GiGAstealth security platform and will begin test services.
According to KT, its solution makes internet protocol addresses of IoT devices invisible to hackers. While IP addresses of some cheap IoT devices can easily be picked up by hackers, the carrier said devices protected with GiGAstealth will not be visible, reducing their chance of becoming a target for hackers.
Even if a hacker manages to find the address of an IoT device protected with GiGAstealth, the platform offers special IDs to the devices and the servers they interact with. To verify whether an authorized user is accessing the IoT device, GiGAstealth offers single-use tokens that verify the special IDs of devices and servers before granting access.
According to Choi Sung-koon, manager of the security intelligence project at KT’s Convergence Laboratory, all communications policies regarding IoT devices and servers such as which device should connect with which server are recorded on a blockchain so that the information cannot be distorted or hacked.
KT said it is developing three forms of GiGAstealth - one that operates through a piece of networking hardware called Gateway, one as a telecommunications module that can be embedded in connected cars or industrial manufacturing equipment and a software version that engineers can use with a license.
Gateway has already been developed and is due to hit the market by the end of this year. The development of the modular version is also expected to be completed by the end of the year, while the software version will launch in 2020 or even later, KT said.
“If you think of quantum cryptography technology as making a lock more complex [by creating true random numbers], our GiGAstealth solution is a security platform designed to take care of the entire security system, meaning not just the lock, but the entire door,” Choi said.
“Using blockchain is also cheaper to adopt compared to quantum cryptography technology,” said Lee Kyung-ro, a team leader in the integrated security business department at KT. “This is why we think our solution will be more practical and cost-effective for our customers.”
Physical network safety
Increased dependence on mobile networks also means network infrastructure must be kept safe and sound, not only in the cyber world, but in the real world too.
When KT’s network infrastructure covering parts of Seoul and Gyeonggi was caught in a fire in November last year, the impact was immediate - navigation systems, credit card processing and mobile communications suddenly ground to a halt. Luckily, services were quickly restored, but the fallout was dramatic enough to show people exactly how much damage network disruption can do in a hyper-connected society.
KT CEO Hwang Chang-gyu said during a press briefing with reporters last month that the company “has been focusing all our efforts into developing technologies for managing our network infrastructure safely, to not make the same mistake again.”
The carrier said it will use its 5G network, artificial intelligence and robots to ensure safer infrastructure management, unveiling new fire-extinguishing robots as well as an integrated system to manage its entire telecommunications infrastructure during the briefing held at KT’s Out Side Plant Innovation Center in Daejeon.
KT demonstrated two fire-extinguishing robots used to put out fires in cable tunnels. One glides along a rail on the ceiling of the tunnel, while the other moves on the ground.
During a demonstration, KT showed how the robots would move to an affected area of the tunnel as soon as an unusual temperature spike is detected. Once there, they extinguished the fire using an aerosol spray.
On doubts whether the robots will still be useful in real disaster situations when the internet is down, a KT spokesperson said the robots will be using a 5G network dedicated to disaster relief set up separately from the commercial 5G network. The spokesperson added that the robots will mainly be used to prevent disasters from happening, not dealing with the aftermath.
The robots may be the cool, futuristic side of network tunnel maintenance, but the most important thing in ensuring KT’s network safety will be the integrated system that manages the entire infrastructure, dubbed the advanced tunnel and cable management architecture, or Atacama.
According to the carrier, it used to operate seven different systems to take care of different infrastructure including base stations, cable tunnels, telephone poles and manholes. Atacama brings the entire infrastructure under one roof.
The system allows the company to plan new routes to establish optical cables in just five minutes compared to some 100 minutes in the past, KT said. It also reduces the time needed to find a network infrastructure error from 48 minutes to 10 minutes.
Oh Sung-mok, president of KT’s network division, said the company spent roughly 5 billion won on developing the system since November 2017, even before last year’s accident.
“The system is already being pilot-tested to manage network infrastructure in the Chungcheong area, and by the end of this month, we will be able to manage our infrastructure nationwide with the system,” Oh said.
KT may have been the carrier to have the accident last year, but SK Telecom and LG U+ also learnt from their rival’s mistake.
The three carriers are jointly discussing ways to start a so-called roaming service in case such accidents happen again. This way, when accidents occur, KT users, for instance, will be able to connect to the SK Telecom and LG U+ networks through a system similar to how people use foreign networks when traveling.
A spokesperson from KT said the three carriers are still in discussions on how to make the cooperation work, with details expected to be released by the end of this year after technical issues are resolved.
BY KIM JEE-HEE [email@example.com]