Start-up makes quantum leap into cryptography

A 4-year-old start-up has begun shipments of what it says are the world's first commercial data-scrambling devices that use the radically new technology of quantum encryption.

Magiq Technologies, a privately held firm based in New York City, said this week it is selling Navajo Secure Gateway for between $50,000 and $100,000 a unit. It uses a combination of quantum cryptography and traditional cryptography to provide a virtual private network (VPN) running over fiber-optic cable that's designed to be completely secure against all eavesdroppers.

		Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.

"We're getting very strong interest from service providers, the companies who own the fiber in the ground," Magiq CEO Bob Gelfond said in an interview Thursday. "The reason this is very attractive for them is that they're looking for ways to distinguish themselves. Security seems to be a way to do this. They feel they can add 30 or 40 percent to their top line by creating ultrasecure lines."

Quantum cryptography addresses the most worrisome aspect of current public key cryptography, which powers Web browsers, applications like Pretty Good Privacy (PGP), and workhorse protocols like SSH and SSL. For security, those applications rely on the amount of time it takes to factor large numbers used in encryption keys, a task that mathematicians strongly believe is quite difficult but have never managed to prove.

If an eavesdropper such as the National Security Agency, the FBI, or a criminal enterprise ever managed to find a much faster way to factor large numbers, the Internet's current security model would be vulnerable. Magiq's device is designed to solve that theoretical problem by tapping into the weird and counterintuitive laws of quantum physics, which say that it is impossible to eavesdrop on a transmission without disturbing it.

There are limits to quantum cryptography: It's slow and, because it's based on the physical properties of photons, works only over relatively short distances. Magiq's boxes can be separated by a distance of up to about 75 miles and use the secure quantum link only to exchange a cryptographic key, which a different type of conventional encryption--one that does not suffer from the theoretical factoring vulnerability--uses to set up the VPN.

Magiq's Gelfond said he's offering "two flavors" of quantum encryption products. "Navajo is the commercial device, really meant for enterprise customers, which depending on the features, is $50,000 to $100,000 a box," Gelfond said. "Qbox is just a research device, a lab device, an open system that's completely configurable and does not do any encryption." Selling for $40,000 to $50,000, a Qbox uses a quantum link only for key distribution, and customers may add their own encryption.

Quantum theory began at the turn of the last century with scientists who were puzzling over some strange inconsistencies in the real world that classical physics could not explain. Their work in establishing quantum mechanics led to the development of nuclear power, semiconductors, lasers and magnetic resonance imaging. A Scientific American article published in 2000 estimates that almost one-third of the U.S. GDP is "based on inventions made possible by quantum mechanics."

Charles Bennett of IBM Research and Gilles Brassard of the University of Montreal demonstrated a laboratory "entanglement" of electrons about a decade ago, and since then there's been a concerted effort to take quantum cryptography out of the lab and build it into products. Geneva-based id Quantique is shipping a quantum key distribution system, but Magiq claims to have the first turnkey VPN box.

Investors in Magiq, which has 22 employees, include Amazon.com CEO Jeff Bezos.