Andersen Cheng, Chairman and Founder of Post-Quantum poses the big question of how quantum computing could impact on satellite security
Satellites are incredibly important in our daily lives, for communication, navigation, and beyond, in addition to being indispensable for defence and intelligence. Perhaps unsurprisingly, this makes them a prime target for cyber attacks, particularly for Nation-State actors whose main goal is widespread disruption.
Yet in the face of this risk, many of these crucial devices are still reliant on legacy IT systems that are poorly equipped to deal with today’s threats, let alone the existential risk posed by a quantum attack.
The development of quantum computing
The swift progress of quantum computing poses a significant and rapidly escalating threat to the security of all IoT devices, satellites included. While quantum machines won’t outperform classical computers in every area, they will have a decisive advantage in breaking public key encryption.
In the coming years, it’s likely that a quantum computer capable of defeating today’s encryption standards will emerge. The implications of this breakthrough would be profound – it would render existing encryption ineffective and open the door for malicious actors to compromise critical infrastructure, including satellites.
An attack on satellites
With the recent blackout across Spain and Portugal, the world has seen what the devastating effects of a cyber attack on the national grid might look like. But the effect of an attack on satellites could be equally severe.
We have already caught a glimpse of the effects this could have. On the day of Russia’s invasion of Ukraine, a cyber attack disabled modems that communicate with Viasat’s KA-SAT satellite network, which supplies Internet access across Europe. The attack disrupted broadband satellite Internet access, impacting civilians and Ukrainian defences alike. However, this attack was relatively minor in comparison to what will be possible with a cryptographically relevant quantum computer.
With national space assets becoming increasingly integral to global security and economic stability, the threat of sophisticated cyberattacks grows more severe. The emergence of quantum computing will increase these risks exponentially. A large-scale quantum computer will be able to break into any encryption system currently protecting satellite systems, allowing attacks to spread malware undetected on a huge scale.
Satellite infrastructure: the world’s Achilles’ heel?
Once they have bypassed the encryption, attackers would be able to target the data transmitted and stored by satellites, potentially stealing sensitive information, including military intelligence or other state secrets. They would even be able to gain control of a satellite’s systems, potentially altering its trajectory, disabling its instruments, or even causing it to malfunction or crash.
Not only would such an attack threaten national security, but it would also prove to be hugely disruptive for the targeted nation state. Navigation systems like GPS could be disabled, impacting air travel and maritime navigation, and weather forecasting would become completely inaccurate, potentially impacting supply chains across the globe.
But the most invasive economic effect will result from the sudden unavailability of time stamps. These precise timings are enabled by satellites and used most notably in broadcasting and communications, including both mobile phones and the Internet.
Satellite enabled time stamps also ensure that data packets arrive at the same time in financial services, which is necessary for trading and well-functioning markets. Indeed, our entire financial system is based upon such time stamps. Energy grids are also driven by this same precise synchronisation. This is why the world’s satellite infrastructure can be thought of as our Achilles’ heel.
Preparing for a quantum attack
Preparing for quantum attacks is already on the agenda for the national security space, but CNI and space operations in particular are lagging behind.
So, what can be done to protect satellites from this threat? The obvious answer is that we need new encryption algorithms that can withstand a future quantum attack. Post-quantum cryptography, which is believed to be unbreakable for both classical and quantum computers, will replace the vulnerable algorithms currently used.
Such post-quantum algorithms have already been developed and rigorously tested by the cryptographic community. Indeed, the National Institute of Science & Technology (NIST) has already recommended several such algorithms for standardisation. This shift will take major investment and commitment from a range of stakeholders, including governments, international space agencies, tech companies, and post-quantum encryption specialists.
Transitioning to post-quantum cryptography will be significantly more complex than previous cryptographic transitions. Particularly so in the satellite sector, where devices have a long lifespan, a small payload to cater for any post-quantum cryptographic algorithms and are almost inaccessible for upgrades once launched There is no point in just being able to upgrade at the land earth station end when you cannot change anything once in constellation
This means that satellite operators and manufacturers should move to deploy post-quantum cryptography as soon as possible, ideally designing their systems to allow for software-based cryptographic solutions that can be updated without the need to adjust physical hardware.
Adopting the algorithms approved by NIST is only the first step; ensuring that the algorithms are implemented effectively and that any downstream effects are mitigated will be a significant undertaking. The time to act is now.
In 2009, Andersen established Post-Quantum, the world’s first company that provides a modular platform supporting organisations to become quantum-safe across their entire digital footprint. Products cover encryption, transmission and identity, with the firm’s technology in use by NATO to encrypt communications between alliance members. The company’s NIST submission ‘Classic McEliece’ is currently a round four candidate algorithm and the company’s quantum-safe proposals to IETF have now been standardised.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.