Senate Select Committee on the NBN gives fiber security warning a hearing

Melbourne encryption specialist Senatas will appear before the Senate Select Committee on the National Broadband Network to argue for encryption on the new network. The company is also set to secure sign-off on a quantum encryption product.

Melbourne encryption appliance and IT services vendor Senetas will appear before the Senate Select Committee on the NBN to explain its theory that all fiber optic networks are vulnerable to attacks.

Julian Fay, the company’s Chief Technologist, says the attack uses “a $US1400 coupling device you can buy on the Internet” and which “works by putting a bend in the glass.” Once the fiber is bent, light escapes and it becomes possible to intercept signals sent over an optic fiber.

The company has posted a video demonstration of the attack here and sent it and details of its content to Senator Stephen Conroy, Fay said. The Senate Committee has since requested a meeting to learn more as part of their ongoing planning for the national broadband network.

The company’s visit to Canberra may also see it drop in on the Defence Signals Directorate, which Fay says is soon to sign off on the quantum encryption technique it has developed with Swiss company id Quantique. The two companies have collaborated on a project that sees encryption keys generated using quantum techniques sent to Senetas’ appliances over a separate link, an arrangement that separates data and the keys used to encrypt it.

“The encryption algorithms we use today are based on difficult mathematics,” Fay says. “But there is an increasing voice that says with the growth in computing power … there could be a breakthrough in factoring technology.” Such a breakthrough would make it easier to deduce keys created using the RSA and Diffie-Hellman algorithms, greatly reducing their security.

Keys generated using quantum techniques are more complex. It is also possible to detect encryption keys that have been used, an advantage over current encryption as it means organisations will be able to avoid the use of compromised keys.

Senetas has already deployed this kind of solution in Switzerland, Thailand and South Africa and Fay says the DSD is weeks away from signing off its use in Australia by certifying it under the Common Criteria program.

Fay said he believes certification will spur demand for quantum encryption, to protect information that needs to be kept secret for a long period of time.

“We are hearing from government agencies that one of the threats they are facing is people storing secret information,” in the hope that they can decrypt it as technology advances.

Read more on IT risk management