In May last year, Denmark faced its biggest cyberattack ever, targeting 22 key energy companies. This incident highlights the increasing cyber threat to the Danish energy system.
However, the arrival of quantum computers may pose an even greater threat, which can become a reality within a foreseeable number of years. Quantum computers can potentially be used to penetrate our current IT security systems and are used to gain control of the critical infrastructure behind our supply of electricity, gas, and water, and which operates sectors such as transport, finance, health, and defence.
Together with researchers from DTU, Energinet—the Danish state-owned company operating the overall electricity and gas system—has demonstrated how so-called quantum key encryption (see fact box) can protect our society from this threat.
"Quantum key encryption offers physically unbreakable security based on the laws of quantum physics. In this way, quantum key encryption can provide a secure safeguard against the cybersecurity threat posed by quantum computers," says Associate Professor Tobias Gehring from DTU, who headed up the pilot project.
Quantum-secured operation of critical infrastructure
DTU's quantum key distribution units were installed in a telecommunications room at the Fraugde converter and substation on Funen—one of the largest high-voltage stations in Denmark which directs energy between Funen and Zealand. Using optical fibres installed on electricity masts and in the ground, the quantum keys were transmitted to a substation in the eastern part of Odense, 10 km from Fraugde and back again.
In addition to operating the energy 'highways' and the electricity and gas connections between Denmark and our neighbouring countries, Energinet has the overall responsibility for ensuring that Danes always have power in the sockets and gas in the taps. According to Nicolaj Nørgaard Peulicke, Group Vice President and Chief Digital Officer at Energinet, the successful demonstration marks an important step towards being able to handle future cyber threats to our energy infrastructure.
"The security of our energy grid is vital to Denmark, and we must protect it from from malicious parties by all means. We need to be prepared for when the quantum computer will be able to break today's cybersecurity, so we need to help investigate how we can protect ourselves in the future," says Nicolaj Nørgaard Peulicke from Energinet.
The experiment at Energinet is part of the Grand Solutions project CryptQ, which is funded by Innovation Fund Denmark. In the demonstration, the researchers used quantum technology which they have developed in connection with the project and which has previously been tested on a smaller scale at Danske Bank.
Works on existing communication systems
The technology means that quantum states of light are generated by a laser, transmitted through an optical fibre, and measured by detectors. The quantum properties of light ensure that eavesdropping will always be detected and that hackers can never access the encryption keys. Equally important, it works in commercially available telecommunications systems and is distributed through the optical cables on which we already base our Internet-based communications.
"It's crucial that the implementation does not generate a new need for expensive dedicated fibres, but instead can be a cost-effective way to facilitate widespread use of quantum key distribution. This paves the way for improved and economically viable secure communication systems of the future," explains Tobias Gehring.
Will strengthen critical Danish infrastructure
In the next step, a consortium led by Associate Professor Tobias Gehring from DTU and partners from authorities, universities, and industry will continue to implement quantum key distribution by building a fully operational quantum key distribution network in the Copenhagen area, and a connection between Copenhagen and Odense.
This is done in the QCI.DK project, which is funded by the EU and the Danish government. QCI.dk aims to demonstrate how quantum key distribution can help secure government communication, financial transactions, and our telecommunications infrastructure.
Professor Ulrik L. Andersen from DTU Physics elaborates on the broader implications of DTU's work to disseminate quantum encryption.
"These efforts will strengthen Denmark's critical infrastructure against new cyber threats. It's crucial that we—as one of the world's most digitalized societies—build strong security into our critical national infrastructure. Our collaboration with authorities such as Energinet also ensures that Denmark can continue to be at the forefront of global innovation in quantum technologies."
