Alibaba’s Key to Cryptosecurity is Its Own Quantum Platform

Like all hyperscalers, Alibaba has been carving its own path through the early quantum computing landscape, starting with a cloud-based service rooted in their own 11-qubit quantum system along with simulators, including one 32-qubit that is available as a service with demonstration of a 64-qubit simulator via work with the Chinese Academy of Sciences.

The quantum technology Alibaba has developed is now being put to the test for quantum encryption for financial transactions among its cloud users, including Ant Financial and Alipay. According to Leilei Huang, an infrastructure engineer and colleagues at Oxford, this quantum security work has been in production for over a year.

At the heart of the work, which is running on one of Alibaba’s quantum simulators, is random number generation. That might sound like a simple function but it is the key to secure financial transactions. Compared to past approaches, quantum random number generation has been proven the most secure cryptographic approach but it takes multiple methods to arrive at a robust result to reduce predictability of the generated set, involving rather sci-fit sounding mechanisms like detecting the path of a single-photon after a beam splitter, finding the arrival time of a weak coherent state, or counting photos or vacuum fluctuations of an optical field.

In short, these physics-based optimization-esque problems are exactly what quantum systems and simulators are designed to do best, which is why cryptography/security are at the top of the list when it comes to governments and financial giants chasing quantum technology so early in the game.

Using the quantum simulation platform, Alibaba uses its own cloud to provide random number generation across four different types of generators with more granularity in a post-processing stage. They can then pop these random numbers directly into applications running on their cloud services (Alipay, Ant Financial, etc.) and for ultra-secure transactions, can combine numbers further for different grades of security.

According to Alibaba engineers, depending on specific circumstances, different strategies can be applied to meet the requirements of different levels of security and speeds. For example, financial services such as Alipay require the utmost security and all possible loopholes in the cryptosystem must be closed. For this purpose, random numbers from various quantum devices are taken and processed. “As a result, the highest speed is limited by the slowest QRNG at a rate of 16 Mbps. If end-users have concerns with some specific entropy sources or if any of the hardware breaks down, they can always choose an arbitrary combination of these quantum random number generators.”

For a security-driven service to operate means major redundancy has to be built in. Alibaba is keeping each of its backup servers and each of the random number generating devices in different server rooms entirely.

“In this case, as long as at least one of the devices provides true randomness, the applications are secure. A universal trust-cloud-center is more reliable than individual device manufactures. In practice, it is much more challenging for hackers to find loopholes in all different QRNGs. In the future, we would add more quantum entropy sources into the systems to further enhance the security on the implementation level,” Alibaba engineers on the project note.

Here’s another unique element to Alibaba’s service. These numbers can also be combined with existing encryption protocols (IPsec and SSL/TLS) and can be delivered via a users own VPN.  In these protocols, the existing pseudo-random numbers used in key exchanges, authentication, and digital signatures are replaced with quantum random numbers.

“Pseudo-random numbers generated by deterministic algorithms will inevitably be predictable and reproducible. The quality of pseudo-random numbers is related to the complexity of the algorithm. With the increasing computing power, the security guaranteed by the complexity of the algorithm is seriously threatened. In contrast, QRNGs with intrinsic unpredictability can be used to greatly enhance the security of cryptosystems,” they explain.

“Our platform demonstrates quantum random number services with sufficient and adaptive generation speeds, reasonably low costs, controllable risks, high stability, and simple maintenance.”

More details about the four types of random number generation techniques and its implementation for both Alibaba cloud users and those connecting via an enterprise network can be found here.

Vendor Voice - High Performance Computing on Amazon Web Services

Sign up to our Newsletter

Featuring highlights, analysis, and stories from the week directly from us to your inbox with nothing in between.
Subscribe now

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.