As a CISO, your mandate is clear: protect data, ensure compliance, and stay ahead of emergent threats. While your team has been battling daily threats from ransomware and phishing, a deeper, longer-term risk has been quietly taking shape: the risk that encrypted data, voice, and video in transit stolen today could be cracked in the near future by quantum computers. Even if a quantum threat is 5-10 years away, data breaches happening today can still be devastating, with hackers using Harvest Now Decrypt Later (HNDL) attacks to collect and save data for decryption at a future date.
Because of these complicating risk factors, many enterprise security teams are actively exploring Post-Quantum Cryptography (PQC), and rightly so. PQC is a necessary upgrade to legacy encryption. However, PQC is math-based and it could be vulnerable to unforeseen sophisticated attacks. So while this is a critical upgrade to your security posture, it’s incomplete on its own. What if you could secure your communications with something unbreakable, not because it’s mathematically complex, but because it’s physically impossible to break? Enter entanglement-based quantum networking.
Entanglement-based quantum networking adds a layer of defense that protects data-in-transit in ways that math-based encryption cannot. Entanglement-based quantum networks provide information-theoretic security, the highest level of security possible. No matter how much computing power or time an adversary has at their disposal, they won’t be able to access the secured data, voice, and video. This is due to two foundational characteristics of quantum networks:
- Entanglement-based key generation does not transmit keys over the fiber. This eliminates the risk of interception of any part of the key being created for securing data-in-transit.
- Intrusions are instantly detectable before any sensitive data, voice, or video is transmitted over the network.
Both of these characteristics are inherent to entanglement-based quantum networks.
In traditional systems (like RSA or even some PQC solutions), encryption keys are generated and then transmitted from one party to another. This transmission can be intercepted, copied, or stored, and represents a vulnerability that, up until now, has been unavoidable.
Here’s how entanglement-based quantum networks fundamentally avoid sending the key material across the network:
- Entangled photon pairs are created. A special source generates a continuous stream of paired photons that are quantum-entangled: their properties are linked, no matter how far apart they are.
- One photon is sent to each of the endpoints which need to be securely connected to one another. For example, Alice, Chief Risk Officer, may be accessing private financial information from the data center from the bank’s headquarters. A secure connection is necessary between headquarters and the data center to carry all of the data between these endpoints.
- To establish the secure connection random measurements of these photons are performed at each endpoint. In our example, quantum devices at the data center and headquarters independently measure the entangled photons they receive. The choice of measurement basis (think of this as being like a filter) is random.
- Measurement settings (not the results of the measurements) are compared over a classical, authenticated channel. Devices at each site compare which measurement settings they used.
- Matching basis = shared key bits. When their measurement settings match, the results are guaranteed to be correlated in a predictable way. These resulting bits form the shared key used for symmetrical encryption between the two sites.
It seems counterintuitive, but while entangled photons travel across your network, the encryption key never does. Instead, the key is generated independently at each endpoint, such as the HQ and data center locations in our example, by measuring the entangled photons. These photons are linked in a way that when both endpoints measure them, they get matching results. These matching results form the key material. An analogy for this would be if two people flip two magically linked coins, far apart from each other, and after every flip both coins always land on matching sides, without anyone needing to tell the other what happened. That’s comparative to what’s happening with the entangled photons. The photons travel, but the key material is generated locally. No part of the key is ever in transit, so there’s nothing for an attacker to intercept or decrypt, even with a quantum computer.
In addition to the key never being sent across the network, tampering is also immediately detectable. If an attacker tries to intercept the entangled photons, the entanglement breaks, and the resulting measurements won’t match. This can produce an alarm within the network that an eavesdropper is present, and endpoints can then choose another path for their data to avoid the eavesdropper.
Entanglement-based networks are not a futuristic technology, even though they may sound like something out of science fiction the first time you dig into the details of how they work. Entanglement-based quantum networks are being deployed right now. Federal and commercial enterprises are already using AliroNet® on their quantum networking journey, from feasibility simulations to deployments in the field.
Are you attending Cisco Live 2025? Aliro will be demonstrating AliroNet® at booth #2411. Come see us for a comprehensive look at how your organization can take advantage of entanglement for securing your most vulnerable and sensitive data.
