ViPNet QSS (Quantum Security System)

Main article: Quantum cryptography (encryption)

ViPNet Quantum Security System is a quantum cryptographic key generation and distribution system (KKS VKK) that executes the quantum key distribution protocol (KKK) and supplies encryption secret keys with cryptographic information protection tools (CIPF).

2022: Obtaining FSB certificate

On November 21, 2022, InfoTeCS announced that it had received a certificate from the FSB of Russia for the ViPNet QSS quantum key distribution system. According to the developer, this is the first system of this type, certified by the Regulator and ready for operation at Russian enterprises.

Certification of the ViPNet QSS quantum key distribution system has become an important milestone in the development of quantum communications in Russia, thanks to this, additional opportunities are opening up for the introduction of a quantum complex cryptographic communications on the infrastructure of Russian enterprises.

The SFB Lab has created a laboratory for conducting a full range of case studies of quantum cryptographic systems according to the requirements of the FSB of Russia. Our experts have carried out a full cycle of certification of this type of CIPF and there is still a lot of work ahead. The industry is developing dynamically, new quantum protocols are emerging, the types of attacks on these protocols are becoming more complex. We are ready to conduct certification studies of the products of various companies engaged in the development of KRK products, - said Oleg Arsenyevich Zalunin, General Director of SFB Lab (part of InfoTeCS Group of Companies).

The first customers of quantum key distribution systems will be state structures and state corporations, they are active drivers of this topic in Russia.

2021: ViPNet QSS topology, composition and features

According to information for December 2021, the ViPNet QSS system is a quantum network of the Zvezda topology designed to distribute encryption keys. The ViPNet QSS Point clients, via switchboards the ViPNet QSS Switch optical hierarchical system, are networked server with the ViPNet QSS Server. The maximum capacity quantum network is 864 ViPNet QSS Point clients, to which CIPFs are connected to regularly load encryption keys for secure information interaction with other CIPFs in the same secure network.

Composition of the system

The ViPNet QSS system consists of the following components:

• ViPNet QSS Server - is the central element of the ICS CCM system, and also controls the optical switch system (ViPNet QSS Switch) for organizing a quantum communication channel with each CRM client - ViPNet QSS Point.
• ViPNet QSS Point is a CCS RCD client that provides secret symmetric encryption keys for CIPF connected to it.
• ViPNet QSS Switch is an optical switch that provides the construction of a continuous fiber-optic channel between ViPNet QSS Server and a specific ViPNet QSS Point, thereby forming a quantum communication channel for generating quantum keys.

Main features

• Provides resistance to CIPF cracking algorithms implemented on a quantum computer.
• The ViPNet QSS system is based on the fundamental principle of quantum physics that it is impossible to "eavesdrop on" transmitted information without changing it.
• The secrecy of the generated quantum keys using the applied CRK protocol is mathematically proven.

The applied CRC protocol is agreed with the FSB of Russia.

• Completely automatic regular change of encryption keys.
• The ViPNet QSS system has the forward secret property - read-back protection, which provides resistance to attacks on information encrypted in the past in the event of a CIPF compromise.
• The ability to "manually" request for the development of new keys at any time.
• The ability to connect to one ViPNet QSS Point several separate ViPNet QSS Phone, which will be equipped with individual sets of symmetrical keys, which practically removes the limitation on the capacity of the CIPF used in the network.
• Administrator protection - During system operation, the keys used are not externally accessible, which provides increased protection against compromise by the network administrator.
• The quantum channel length is 25 kilometers when organizing a system of a three-level cascade of optical switches to achieve the maximum quantum network capacity of 864 ViPNet QSS Point. When the cascade levels are reduced to one, the maximum network capacity is reduced - up to 12 ViPNet QSS Point, but the maximum quantum channel range increases - up to 45 kilometers.

Mating with ViPNet QSS CIPF

Any means of cryptographic protection of information can act as devices using the generated keys. The integration solution of the ViPNet QSS system with a secure IP phone forms a cryptographic system for secure information interaction of subscribers, in which voice communication and chat messaging are encrypted on keys unknown even to the network administrator. Such a decision gained fame as the "Quantum Phone."

The CIPF is the ViPNet QSS Phone IP end-user telephone used for point-to-point secure voice communications with other ViPNet QSS subscribers. In ViPNet chat mode, QSS Phone provides information interaction with other system subscribers in an all-with-all topology. The ViPNet QSS Phone is a desktop device with a handset and touch screen under control, OS Android which is equipped with additional mechanisms to provide the required level of protection.

ViPNet QSS Phone comes preinstalled with special software - ViPNet Client and ViPNet Connect, which provides secure voice and chat messaging.

The diagram for deploying the system is as follows: