Successful Joint Verification Test for Low Latency Transmission of Highly Confidential Data Using Quantum Cryptography for Large-volume Financial Transaction Data
January 14, 2022
Nomura Holdings Inc.
Nomura Securities Co., Ltd.
National Institute of Information and Communications Technology
TOKYO―Nomura Holdings, Inc. (President and Group CEO, Kentaro Okuda, hereinafter Nomura HD), Nomura Securities Co., Ltd. (Representative Director and President, Kentaro Okuda, hereinafter Nomura Securities), National Institute of Information and Communications Technology (President, Hideyuki Tokuda, Ph.D., hereinafter NICT), Toshiba Corporation (Representative Executive Officer and President and Chief Executive Officer, Satoshi Tsunakawa, hereinafter Toshiba), and NEC Corporation (President and CEO, Takayuki Morita, hereinafter NEC) have jointly verified the effectiveness and practicality of quantum cryptography for future social implementation using stock trading operations as a use case, where high-speed, large-volume, low-latency data transmission is strictly required. The test, which started in December 2020, is the first in Japan to verify the low-latency and large-volume transmission tolerance of highly secure data transmission conforming to the message transmission format (FIX (*1) format), which is a standard format used in actual stock trading operations. As a result, in our assumed use case, we were able to confirm the following two points: (i) the throughput is maintained at a level of a conventional system, even if quantum cryptography is applied, and (ii) even if a large number of stock orders are placed, highly secure and high-speed quantum cryptographic communication can be realized without depleting cryptographic keys. The success of this test is expected to accelerate the social implementation of quantum cryptography, including a broad range of sectors other than finance.
The test was conducted as part of the Cross-ministerial Strategic Innovation Promotion Program (SIP) (*2) "Photonics and Quantum Technology for Society 5.0" (Funding Agency: National Institutes for Quantum Science and Technology) led by the Cabinet Office.
The threat of cyber-attacks on financial institutions is increasing, and the potential impact on the financial system has become a serious concern. In particular, in the financial sector, the circumstances surrounding systems have changed significantly due to the accelerated development of digitalization, and further strengthening of security measures is required.
On the other hand, in stock trading, "algorithmic trading," in which a computer system automatically determines the timing and quantity of stock trading orders and repeats them according to stock prices, quotation information, volume of trading, and other factors, is widely used. A large number of transactions are conducted every day. In Japan, the daily trading volume of stocks and other securities on stock exchanges is more than 3 trillion yen, and a communication system that can handle a large amount of transaction data is required for the processing of such stock trading. In addition, in stock trading, delays in transaction processing can lead to opportunity losses. Therefore, stock exchanges provide a communication network infrastructure that can process orders with a response time of less than milliseconds.
As can be seen in 5G and Beyond 5G, it is vital that network infrastructures are able to support high-speed, large volume, and low-latency needs. Particularly in stock trading systems, exceptionally large-volume data transmission and low-latency communications are essential.
Outline of the joint verification test
In this project, Nomura HD, Nomura Securities, NICT, Toshiba and NEC jointly verified the applicability of quantum cryptographic communication (*3) for the financial sector, which is the only cryptographic communication method guaranteed to be undecipherable by any third party (eavesdropper who has unbounded computational power, including large scale quantum computing).
Figure 1 shows the outline of the system that used the joint verification system. We verified low latency and large-volume tolerance utilizing cryptographic equipment using shared random numbers (keys) from Quantum Key Distribution (QKD) equipment (*4) that shares keys by placing random number information on photons.
For this purpose, Nomura HD and Nomura Securities developed an application that simulates financial transactions between investors and securities companies on the Tokyo QKD Network (*5), the test communications network environment in which NICT introduced and built a QKD device in 2010. The application generates simulated data in accordance with the FIX protocol, which is the standard format used for actual stock orders.
In addition, NICT has been examining the data-encryption method combined with QKD for social implementation, and has adopted two encryption methods: the one time pad (OTP) method (*6) and the Advanced Encryption Standard (AES) method.
OTP is a highly secure encryption method (information theoretic security) in which the encryption cannot be decrypted by a third party with infinite computing power. However, since it requires the same amount of encryption keys as those used in transmission, it tends to consume a large amount of keys, and as a result, there is a risk of key exhaustion. This time, AES was used in conjunction with OTP in order to prepare for key depletion. In addition, a high-speed OTP device (*7) newly developed by NICT to realize a high throughput of Gbps was adopted for the test.
Unlike OTP, AES is not information-theoretically secure. It is a secure encryption method that depends on the computational complexity that requires astronomical calculations to decrypt the data. In this use case, we thought that the AES method would have sufficient security strength by updating the common key generated by QKD in a short period of time. Therefore, we chose AES (AES256), which uses a key length of 256 bits, as an alternative to OTP. We adopted two types of AES256 implementations: A software-based implementation (SW-AES) (*8) and a low-latency network encryptor (COMCIPHER-Q) (*9) developed by NEC. We measured the communication performance of the three types of encryption methods, high-speed OTP, SW-AES, and COMCIPHER-Q.
Based on the keys exchanged by the high-speed QKD equipment developed by Toshiba and the QKD equipment developed by NEC, we tested cases in line with actual stock trading operations and measured the response times of several different data encryption methods during large-volume data transmission. In this way, we verified the practicality of QKD systems and each encryption method. Specifically, we examined the effects of the three types of encryption methods, high-speed OTP, SW-AES, and COMCIPHER-Q, on the total data capacity of the FIX messages transmitted in the stock trading operations of securities companies per day and the response times measured assuming a data transmission volume several tens of times larger than the total data capacity. By comparing and verifying the practicality of QKD systems and data encryption methods during large-volume data transmission in line with these specific test cases for stock trading, we have obtained important suggestions for the future social implementation of quantum cryptography in various fields, including non-financial fields.
This time, we successfully verified (i) low-latency communications and (ii) high-volume data communications. At the same time, we will also verify (iii) continuous operation of the quantum cryptography system for a long period of time (about one week) to prevent system failure (long-run test) and if system switching occurs without delay in the event of system failure (stress test). We plan to verify this by the end of March 2022.
Based on the results of the test, we will work on measures for the utilization of quantum cryptography and quantum secure cloud systems, as well as the formulation of appropriate implementation plans, in order to steadily implement quantum cryptography in society in the future.
If we can prove the practicality of quantum cryptography in the financial sector, which requires particularly strict standards in terms of large data capacity, low communication delay, and continuous system operation, it is likely that quantum cryptography can be applied to other industries as well. Based on this verification, we will work to open up further prospects for the social implementation of quantum cryptography.
The FIX (Financial Information eXchange) protocol is a set of message specifications for exchanging financial data and transaction-related messages electronically. It is developed by banks, brokers, exchanges, institutional investors, and information technology (IT) providers around the world and is a globally accepted standard for messaging specifications.
- *2Cross-ministerial Strategic Innovation Promotion Program (SIP):
The SIP is a national program led by the Council for Science, Technology and Innovation (CSTI) of the Japanese Government with interdisciplinary management to realize scientific and technological innovation in Japan. It promotes interdisciplinary research and development which covers fundamental study to industrial application with industry-academia-government cooperation. https://www.jst.go.jp/sip/en/index.html (Japan Science and Technology Agency)
- *3Quantum cryptographic communication:
A cryptographic technology which uses a quantum key distribution (QKD) device that uses photons to share encryption keys, and an encryption technology that uses the encryption keys to encrypt and decrypt information using the one-time pad method. This technology makes it possible to realize extremely secure communication that cannot be deciphered in principle by any computer including a quantum computer.
- *4Quantum key distribution system:
A Quantum key distribution (QKD) system is equipment that enables two parties to share random numbers (common keys) with information theoretical security. Toshiba has already made it into a product.
- *5Tokyo QKD Network:
This network is a testbed for Quantum Key Distribution (QKD) networks which NICT has been building and operating in Tokyo since 2010. QKD equipment developed by various industrial and academic institutions such as NEC, Toshiba, NTT-NICT, and Gakushuin University and others have been installed in this network. In addition to research and development for practical application of QKD network technology including R&D for equipment improvement, long-term operation tests, and interconnection and network operation tests, the Tokyo QKD Network is also proceeding with research and development of new security applications that integrate QKD networks with modern security technology.
- *6One time pad system:
One Time Pad (OTP) is a method in which an encryption key that is used once will not be used repeatedly, but discarded.
- *7High-speed OTP device:
The prototype of a high-speed, secure encryption device that uses the one time pad (OTP) method without frequent periodic key exchange.
This is a prototype product developed to improve the mechanism of physical key exchange on the hardware of a network encryptor (COMCIPHER-Q) for software, and to easily perform key exchange.
- *9Network encryptor (COMCIPHER-Q):
This is a custom product (a research prototype) that adds a function for QKD to the network encryptor (COMCIPHER (AES) series) used in the field of high security requirements such as security. Low delay and stable cryptographic communication are realized by the encryption and decryption function that realizes high-speed hardware processing by the FPGA (Field Programmable Gate Array). In addition, functions for QKD are added by adding functions in software.
"COMCIPHER" is a trademark of NEC Magnus Communications, Ltd. registered in Japan.
About NEC Corporation
NEC Corporation has established itself as a leader in the integration of IT and network technologies while promoting the brand statement of “Orchestrating a brighter world.” NEC enables businesses and communities to adapt to rapid changes taking place in both society and the market as it provides for the social values of safety, security, fairness and efficiency to promote a more sustainable world where everyone has the chance to reach their full potential. For more information, visit NEC at https://www.nec.com.
NEC is a registered trademark of NEC Corporation. All Rights Reserved. Other product or service marks mentioned herein are the trademarks of their respective owners. © NEC Corporation.