{"id":620616,"date":"2020-03-01T17:50:09","date_gmt":"2020-02-21T13:45:40","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/?post_type=msr-project&#038;p=620616"},"modified":"2024-09-30T19:44:27","modified_gmt":"2024-10-01T02:44:27","slug":"post-quantum-crypto-tunnel-to-the-underwater-datacenter","status":"publish","type":"msr-project","link":"https:\/\/www.microsoft.com\/en-us\/research\/project\/post-quantum-crypto-tunnel-to-the-underwater-datacenter\/","title":{"rendered":"Post-Quantum Crypto Tunnel to the Underwater Datacenter"},"content":{"rendered":"<h2><\/h2>\n<p>&nbsp;<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RE4qOJr\" width=\"960\" height=\"540\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>Project Natick was a full-scale, fully operational datacenter module, installed underwater in the North Sea, off the Scottish coast. Powered by renewable energy, Project Natick was a test of the feasibility of underwater datacenters.\u00a0 In 2019, we took some of the traffic traveling between the Natick underwater datacenter and the Microsoft Research headquarters in Redmond, Washington, USA, and secured that traffic with an encrypted network tunnel protected with <em>post-quantum cryptography<\/em>.<\/p>\n<p>Project Natick was the perfect testbed for this work \u2013 while it was built to mimic a Microsoft datacenter, Natick was not handling any critical business or customer data. That we weren\u2019t able to physically access the servers and network infrastructure inside the Natick pressure vessel to setup and manage the PQ-protected tunnel made the experiment more accurately reflect the real-world, where it would be infeasible to hand-configure devices in massive datacenters worldwide.<\/p>\n<h1>Background<\/h1>\n<p>Quantum computers are coming. The exact timeline is uncertain, but a quantum computer powerful enough to break today\u2019s asymmetric cryptography may come online in 10 \u2013 15 years. That <em>cryptographically relevant<\/em> quantum computer will allow adversaries to break encryption and signing of today\u2019s internet communications. So, before that happens, the entire world needs to start using post-quantum cryptography \u2013 cryptography designed to be secure against quantum attackers.<\/p>\n<p><u>The migration will take time<\/u> &#8211; it\u2019s going to take time to update all the applications, services, and infrastructure to support the new algorithms, and issue new credentials where they\u2019re needed. \u00a0While that migration is underway, we can use encrypted network tunnels to protect the traffic from software and devices that are not yet fully protected.<\/p>\n<h2><img loading=\"lazy\" decoding=\"async\" class=\"alignright wp-image-627825\" src=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-300x169.png\" alt=\"Map showing the data connection between Redmond and Northern Scotland\" width=\"600\" height=\"338\" srcset=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-300x169.png 300w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-1024x576.png 1024w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-768x432.png 768w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-1066x600.png 1066w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-655x368.png 655w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-343x193.png 343w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-640x360.png 640w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-960x540.png 960w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788-1280x720.png 1280w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2019\/12\/PQ_Crypto_Tunnel_multi_12_2019_1400x788.png 1400w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/h2>\n<h1>The Experiment<\/h1>\n<p>Microsoft already operates encrypted tunnels between its datacenters to protect network traffic in transit outside a datacenter\u2019s physical boundaries. The great-circle distance between the underwater datacenter and Microsoft Research headquarters in Redmond is approximately 4,300 miles, and this allowed us to set up an experiment with similar real-world challenges as connections between production datacenters.<\/p>\n<p>The Natick pressure vessel contained several racks of servers all connected via a network inside the vessel. This network was then connected to the Microsoft global network via a set of underwater fiberoptic cables that connect to the facility on shore. Connections between sites on the Microsoft global network were secured with classical cryptography to protect the contents of the network traveling between sites.<\/p>\n<p>One of the servers ran <a href=\"https:\/\/www.microsoft.com\/en-us\/research\/project\/post-quantum-crypto-vpn\/\">our modified version of OpenVPN.<\/a> We call this our \u201crouter node.\u201d The router node connected to another server in Redmond to establish a post-quantum cryptography encrypted tunnel between the two sites. This server was connected to both the main network in the vessel, and a second virtual local area network (VLAN) which we called the \u201cpost-quantum VLAN.\u201d We then configured the networking hardware in the vessel to place several of the other servers on this VLAN, and we could remotely change the number of servers on the post-quantum VLAN. All traffic from these servers was routed by the router node across the tunnel to Redmond, where it continued to its final destination, and outside traffic headed back to these nodes was similarly routed to the router node in Redmond back across the tunnel and into the vessel.<\/p>\n<p>The main network in the vessel was connected normally to the Microsoft global network. In fact, the tunnel uses the regular network connection to route encrypted traffic between Redmond and Scotland. The typical round-trip time on this connection is approximately 180 milliseconds.<\/p>\n<p>The post-quantum tunnel experiment concluded on July 9th, 2020, when the Natick underwater pressure vessel was decommissioned and retrieved from the sea floor. You can learn more about Natick&#8217;s ongoing progress and what they&#8217;ve learned at\u00a0<a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" rel=\"noopener noreferrer\" target=\"_blank\" href=\"http:\/\/natick.research.microsoft.com\/\">their project site<span class=\"sr-only\"> (opens in new tab)<\/span><\/a>.<\/p>\n<h1>Technical Details<\/h1>\n<p>Each router node rans our modified version of OpenVPN in a virtual machine. The session key for the data encryption was negotiated using a <em>hybrid<\/em> key exchange which combines a post-quantum key exchange algorithm with a classical key exchange algorithm. This combined the time-tested security of the classical algorithm against conventional attackers with the quantum security of the post-quantum algorithm. In our first deployment, we combined the post-quantum <a href=\"https:\/\/www.microsoft.com\/en-us\/research\/project\/sike\/\">Supersingular Isogeny Diffie-Hellman (SIDH),<\/a> as it existed in March 2018, with the classical Elliptic Curve Diffie-Hellman (ECDH) (using the NIST P-256 curve) to arrive at the symmetric session key used to encrypt data traffic with AES-256. As of 27th March 2020 we updated to the then latest versions of the algorithms and OpenVPN 2.4.8, and combined <a href=\"https:\/\/www.microsoft.com\/en-us\/research\/project\/sike\/\">Supersingular Isogeny Key Encipherment (SIKE)<\/a> (using the SIKEp434 parameter set) with classical Elliptic Curve Diffie-Hellman (still using the NIST P-256 curve) to arrive at the symmetric session key to encrypt data traffic with AES-256. With a configuration change, we could use <a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" rel=\"noopener noreferrer\" target=\"_blank\" href=\"https:\/\/github.com\/open-quantum-safe\/openssl#supported-algorithms\">any of the key exchange algorithms supported by OQS&#8217;s OpenSSL<span class=\"sr-only\"> (opens in new tab)<\/span><\/a>.<\/p>\n<p>As is customary best practice, session keys are regularly regenerated while the tunnel is running. We scheduled a new key exchange to be run once an hour. This happens while data continued to flow, and so there is no interruption to data traffic while the key exchange rans; data continued to pass using the previous session key until the key exchange completed, whereupon the router nodes began using the new session key. Re-keying therefore did not cause any of the latency observed in initial tunnel setup.<\/p>\n<p>The post-quantum VLAN was assigned its own IP addresses, and the Microsoft network was configured to deliver traffic destined for those addresses to the router node in Redmond. The router node encrypts the traffic, sent it across the global network inside the tunnel to the Natick vessel in Scotland, where the router node there decrypted the traffic and put it on the VLAN. Returning traffic was similarly encrypted by that router node, sent back across the global network inside the tunnel to the router node in Redmond, where the router node there decrypted the traffic and forwards it onwards normally.<\/p>\n<p>We measured a maximum of 250 Mbits\/sec of bandwidth over the tunnel. This is below the measured capacity of the underlying link which is capable of 2-3 Gbits\/sec. These results are consistent with running an unmodified version of OpenVPN over the same link using only classical cryptography and appears to be a known limitation of tunnels running entirely in software on commodity hardware and is not a consequence of the addition of the post-quantum key exchange.<\/p>\n<p>During tunnel operation, latency over the tunnel was comparable to the latency of the underlying connection, when the underlying connection is operating normally. Variance between round-trip ping times was consistently less than 1 millisecond over a link with a typical round-trip ping time of 180 milliseconds.<\/p>\n<p>We used the tunnel to run volunteer computing workloads on five nodes allocated to the PQ VLAN from <a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" rel=\"noopener noreferrer\" target=\"_blank\" href=\"https:\/\/boinc.berkeley.edu\/\">BOINC<span class=\"sr-only\"> (opens in new tab)<\/span><\/a>, the Berkeley Open Infrastructure for Network Computing. Input data for volunteer jobs were downloaded over the tunnel, processed, and results were then uploaded back via the tunnel. Typical daily transfer over the tunnel was between 300 and 600 megabytes of data, not counting spikes due to operating system updates. As these were computation-heavy workloads rather than communication-heavy workloads, we would not expect them to strain our bandwidth capacity.<\/p>\n<h1>Resources<\/h1>\n<p>We released <a href=\"https:\/\/www.microsoft.com\/en-us\/research\/project\/post-quantum-crypto-vpn\/\">a post-quantum cryptography-enabled Virtual Private Network (VPN) application<\/a> based on OpenVPN, intended for use to protect the connections between remote workers back to the home office as traffic transits the internet. But encrypted tunnels like these are also used to protect the links between datacenters, as data transits between them.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We&#8217;ve taken some of the traffic traveling between the Natick underwater datacenter located off the coast of Scotland and Microsoft Research headquarters in Redmond, Washington, USA, and secured that traffic with an encrypted network tunnel protected with post-quantum cryptography.<\/p>\n","protected":false},"featured_media":627843,"template":"","meta":{"msr-url-field":"","msr-podcast-episode":"","msrModifiedDate":"","msrModifiedDateEnabled":false,"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"research-area":[13558],"msr-locale":[268875],"msr-impact-theme":[],"msr-pillar":[],"class_list":["post-620616","msr-project","type-msr-project","status-publish","has-post-thumbnail","hentry","msr-research-area-security-privacy-cryptography","msr-locale-en_us","msr-archive-status-active"],"msr_project_start":"","related-publications":[],"related-downloads":[],"related-videos":[],"related-groups":[],"related-events":[],"related-opportunities":[],"related-posts":[],"related-articles":[],"tab-content":[],"slides":[],"related-researchers":[{"type":"user_nicename","display_name":"Karen Easterbrook","user_id":32510,"people_section":"Section name 0","alias":"keaster"},{"type":"user_nicename","display_name":"Kevin Kane","user_id":32554,"people_section":"Section name 0","alias":"kkane"},{"type":"user_nicename","display_name":"Mike Shepperd","user_id":32920,"people_section":"Section name 0","alias":"mikeshep"},{"type":"user_nicename","display_name":"Dan Shumow","user_id":31538,"people_section":"Section name 0","alias":"danshu"},{"type":"user_nicename","display_name":"Greg Zaverucha","user_id":31912,"people_section":"Section name 0","alias":"gregz"}],"msr_research_lab":[],"msr_impact_theme":[],"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/620616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/types\/msr-project"}],"version-history":[{"count":37,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/620616\/revisions"}],"predecessor-version":[{"id":1089216,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/620616\/revisions\/1089216"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media\/627843"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media?parent=620616"}],"wp:term":[{"taxonomy":"msr-research-area","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/research-area?post=620616"},{"taxonomy":"msr-locale","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-locale?post=620616"},{"taxonomy":"msr-impact-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-impact-theme?post=620616"},{"taxonomy":"msr-pillar","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-pillar?post=620616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}