- Orange Business is using Cisco tech to launch post-quantum cryptography (PQC)-secured services
- PQC is “easier to implement” than quantum key distribution (QKD) since it’s not restricted by distance, said Orange exec Frank de Jong
- Orange is also doubling down on “crypto agility” so that it can easily upgrade encryption algorithms if they become vulnerable
Orange Business is beefing up its quantum toolkit, as it’s teamed up with Cisco to launch Post-Quantum Cryptography (PQC)-secured services.
PQC refers to algorithms that are designed to fend off attacks by quantum computers and help enterprises get ready for Q-Day, the anticipated moment those computers become powerful enough to break the public-key encryption that currently secures most of the world’s digital communications.
Orange will start by offering PQC-secured WAN services, which are the “traditional routing” services based on Multiprotocol Label Switching (MPLS) technology, said Frank De Jong, Orange Business’ Program Director of Quantum Safe Networks.
Later this year, the operator plans to expand PQC to its managed SD-WAN services, which will also be deployed using Cisco’s 8000 Series Secure Routers. It’s just waiting on Cisco to implement PQC features in its SD-WAN stack and make sure that tech is ready for commercial use, De Jong told Fierce.
“Typically, telcos have a habit of waiting for technology to mature and only then you put that into your network,” he said. “At this point in time, specifically for the quantum threat as we call it, we believe that it is so important for us and for our customers that we’re not going to wait until three releases in and so on.”
Orange began implementing quantum defense measures last June, when it partnered with Toshiba to launch the first quantum-safe commercial network in France, which leverages Quantum Key Distribution (QKD) nodes to allow parties to securely exchange encryption keys.
While that network combines PQC with QKD, De Jong clarified it won’t run Orange’s new PQC-enabled services. “They run without QKD, they just run in the existing IP networks that we have.”
The QKD network, dubbed Orange Quantum Defender, “is really a fiber optic network with a business Ethernet service on top of it” that has an added quantum layer of security, De Jong said.
PQC vs QKD
But the biggest issue with QKD is its distance restriction, as it’s difficult to bring quantum bits (i.e., qubits) from one side to another over a distance greater than 150 kilometers, he explained. Currently, Orange’s QKD network is only available in the greater Paris area.
PQC in contrast is “easier to implement” now that it’s been standardized, and it can just run on top of the services Orange provides to its global customers. “That makes it easier for most of our international customers to do this on an international level,” said De Jong.
As for who’d be interested in buying PQC-based services, he said financial firms and governments “may have the highest risk profile,” but noted, “the quantum threat is something that’s relevant for everyone.”
“To be perfectly honest, if I were a customer today, even if I’m just an enterprise…I would not choose a non-quantum-safe network anymore,” De Jong said. “It’s a bit like you don’t buy a car without an airbag anymore.”
Orange is also striving to adopt “crypto agility,” where it can remotely upgrade encryption algorithms on customer routers. Crypto agility matters because existing PQC algorithms could become vulnerable in a few years.
So, if “we feel not so comfortable about an algorithm that now is looking very safe, we [can] make a new algorithm, upload it to the network and customers can benefit from that immediately,” De Jong said.
Orange, in its announcement, said it’s the first European operator to roll out global PQC services based on Cisco tech. But that’s not to say other telcos aren’t working on quantum advancements, De Jong noted.
Quantum technology is still in its infancy, but a total of 35 telcos worldwide have either announced quantum work or unveiled deployments, per data from STL Partners.
De Jong thinks it’s only a matter of time before PQC demand surges. “You will see that basically every telco will jump on this and see how they can implement this in one way or another,” he concluded.