Quantum physics is likely to be able to protect US electrical networks from hackers.

For years cybersecurity experts have been sounding the alarm : hackers are eyeing the US electrical network. And this threat is not hypothetical - a group of people allegedly connected with the Russian government got remote access to computers of energy companies - this was at least reported from the Department of Homeland Security last March. In some cases, hackers can even directly send commands to equipment, that is, turn off electricity in consumers' homes. To protect against hackers, power plants need to provide better security.

One group of physicists believes that they have found the means: power plants with quantum encryption.

They tested this idea in February, sending several off-road cars packed with lasers, electronics and very sensitive detectors from the Oak Ridge National Laboratory to Chattanooga . Having traveled 150 km, they stopped at the EPB station, a local company providing access to electricity, and connected the machines to one of the unused optical cables. For a whole week they shined infrared light into a cable, closed in a loop 40 km long, and tracked the properties of the light that spread back and forth. During the demonstration, they demonstrated how two different systems of quantum encryption can be integrated into the existing infrastructure of the grid. “We hope to show that this concept can be implemented today,” says physicist Nick Peters from Oak Ridge Lab.

Using this equipment, they successfully sent and received sets of numbers that made up the key, using the quantum key distribution protocol, QKD, ensuring that no one has forged them. QKD provides data security using weird quantum mechanics rules. It works like this: the sender sends individual infrared photons with different orientations - i.e. polarization - corresponding to zeros or ones. The recipient measures these orientations. Then the sender and the receiver compare some numbers. In quantum mechanics, when measuring the polarization of a photon, you instantly change its state. If the hacker tries to intercept the photons, he will introduce a characteristic statistical error in the numbers, and you will find out that the connection was not safe. “QKD gives you the conviction that the key was not changed after being sent,” says Donna Dodson, a cybersecurity expert at the National Institute of Standards and Technology.
')
If the statistics are OK, the sender and recipient can use these keys to encrypt the message. “Everything is based on trust in physics,” says Peters. This is very different from the usual encryption methods that guarantee security, provided that modern computers are not fast enough to decrypt keys in a reasonable time. The Peters Group believes that a power company can use quantum-encrypted data for communication with equipment. To intercept or change the data stream with quantum encryption, you have to break the laws of quantum mechanics.

This approach, of course, has technical difficulties. One of them is the real state of the power grids. This is a mess of transformers, relays and all kinds of parts installed over many years, and it will be difficult to pull on all this new technology. “You can't just turn off the electricity,” said Tom Wenhouse, a physicist at the Los Alamos National Laboratory, one of the project participants. “It's like fixing a car with an engine running.”

But perhaps the hardest thing is to make this technology work over long distances. A photon can be sent over a fiber optic cable for no more than 150 km, and then its quantum properties will change too much in order to extract information. In a demonstration held in Chattanooga, physicists increased this distance by converting quantum signals into ordinary bits. Then they fed these classic bits to various quantum cryptographic systems capable of reproducing the key and transmitting it further. This means that encryption machines can be placed in various power substations, and used as transmitters to ensure the safety of large pieces of the network. To communicate with substation equipment, you need to know the key. The system will not allow hackers to measure or copy a key, and this is one of the ways to prevent them from gaining access to equipment.

But every time you turn quantum bits into classic ones, you lose the protection of quantum mechanics and open the door for hackers. And, of course, QKD is able to prevent only one, certain type of attacks. He confirms that no one forged the key, but did not confirm his sender, says Dodson. In a demonstration in Chattanooga, researchers had to combine QKD with other technologies to verify the identity of the sender.

EPB plans to conduct other checks on quantum encryption, including the one that sends quantum keys through wireless radio transmitters, rather than via optical cable, says Steve Morrison, head of the company's cybersecurity department. If the tests are successful, EPB will be able to switch to quantum encryption of commands for the equipment of the power plant in five years. “I wouldn’t talk about any system that it’s impossible to hack because I’m paid to be paranoid,” says Morrison. “But I have hopes for this system.” She is able to recognize bad intentions, and I have not seen such opportunities in other technologies. ” Let's hope that this system will allow the light to not turn off.