Encryption for a cloudy day
How new quantum technology will ensure absolute data security – anywhere, anytime
When you log onto your bank’s website, the data you send and receive is protected by encryption. To achieve this there are two key steps that need to be taken. Firstly a protected session key is created during link establishment. Secondly a password is used for user authentication. Essentially, the session key is combined with the data you enter to create a string of what looks like gobbledygook. At the other end the bank, knowing the key can divide the data by this to make sense of the transmission.
The problem with this system is that the security is based on mathematical factorisation tasks that are tedious but not particularly complex. If an eavesdropper intercepts the transmission he or she can, given enough patience and computer power, unscramble the signal and worse still, steal your password and use it.
With today’s technology this is not a huge threat because the computer power necessary to crack current codes is not commonly available to individuals. But clearly it’s only a matter of time before it is. One could combat a brute force attack by increasing the length of the encryption key but that’s just buying time, not fixing the fundamental flaw in the system. By using a larger key you also affect performance as this increases delays for legitimate users when establishing a secure session.
Quantum data transmission security is fundamentally different. It’s physically impossible to make a measurement on a quantum state without disturbing it. So for example if someone sends a single photon along an optical fibre and an eavesdropper measures its properties, the correctly equipped intended recipient would know that the data channel was compromised. The system is fool proof in that its security is hard-wired into the laws of physics. However single photon emission, detection and processing is hugely expensive and very slow so the technique doesn’t really integrate well into the existing world of communications.
QuintessenceLabs is a new advanced technology company attached to the ANU developing second generation quantum communications systems. “When you get right down to it, secure communications underpins our economic prosperity,’ says Chris O’Neil, the chief marketing officer of QuintessenceLabs. “If your business competitors can access your product secrets, you’re set to lose millions. But it’s not just data in transit that’s at risk. Data stored on company and government computer systems is a favourite target for hackers of all kinds and such attacks can and frequently do occur.”
So how do you protect your data when it’s sitting on a hard drive or worse still, stored in a distributed cloud environment where you have no idea where the actual hardware is or who has access to it?
The answer comes from physics and the concept of Quantum Key Distribution, QKD. If each parcel of data is encrypted by a unique key and that key changes constantly, no amount of number crunching can retrieve the data. Brute force attacks based on looking for a common factor in the data stream no longer work because there isn’t one. What you have is mathematically indistinguishable from random noise. But to make this work, you need two additional components.
Firstly the key sequence needs to be truly random. If for example your key simply increments by one each time the eavesdropper can look for that pattern. Pseudo random electronic number generators are better, but they still have underlying patterns. So the best possible security comes from truly random key sequences and that’s what QuintessenceLabs systems use. Their key sequences are generated by the interaction of a laser with quantum vacuum noise and as such are entirely unpredictable.
The second component to make this all work is a secure method of transmitting the key. This has to be in the form of quantum entangled carrier particles, in this case photons in an optical fibre. But rather than the slow and expensive single photons, QuintessenceLabs have developed a bright laser variation that can be transmitted through normal fibre optic communications channels. Using a clever combination of quantum analysis and post processing of the signal they can detect how much of the signal has been lost and possibly eavesdropped. So long as the loss is not above a critical point, it’s impossible for anyone listening in to reconstruct the key. And of course even if the loss exceeds that point, the system dynamically adjusts until the transmission completely ceases.
Now imagine you’re a stockbroker with a lead on tomorrow’s hot shares or an aerospace manufacturer with a design for a revolutionary new jet engine. Or even a government with details on the world’s top 100 terrorists. You can quantum encrypt that data, send it to your partners on the other side of the world, even store it on a low cost cloud server in Africa and know that it’s fundamentally 100% secure, today and into the future regardless of what technology does.
“Essentially that’s our business model,” Chris says, “to use advanced physics and mathematics to provide a cost effective and inherently secure service to our clients. And to do so in a way that integrates seamlessly into the existing framework of computing and telecommunications.”