In today’s evermore networked society, data protection is a serious business. Security breaches lead to unwanted headlines and a loss of trust in enterprise organizations (such as banks or healthcare providers). Data security and keeping ahead of potential attackers, is a rapidly evolving field of development. Potential areas may involve safeguarding modern cloud computing environments or protecting commercial activities over the web.
All web browsers use cryptography to protect online commerce and to transmit sensitive data. Cryptographic keys are employed, just like actual keys, to encrypt and decrypt the data. Each party creates two keys: a random private key and a public key, created from the private key. The public key is transmitted over the link and then both parties generate the shared key from their own private key and the received public key. So long as a hacker cannot work out the private key from the public ones (the only ones available to the hacker) then the transmission is secure.
This system is called public key cryptography and it is the most widely used algorithm for distributing secret keys. Large numbers are used as the public keys whose prime factors are used as the private keys. Even with the use of supercomputers, the method is secure, as it is such an enormous mathematical challenge to determine prime factors of a large number.
To keep ahead of hackers, one promising option is quantum key distribution (QKD). This method distributes the private keys in a manner that cannot be effectively intercepted as their integrity is always tested. Moreover, this method renders it unbreakable by any future advances in computing (even quantum computing).
Based upon fundamental principles of quantum physics, it depends on a quantum particle, such as a photon, being able to exist in an ambiguous position of two dissimilar states at the same time. This is called superposition.
Superposition |
| A quantum particle can be in two states at any one time. When its state is measured it takes on one of the states and its ambiguous position is lost. For example, a photon of light could have vertical polarization and horizontal polarization simultaneously. When its polarization is measured, it will either be vertical or horizontal, never both. Therefore by the act of observation the state of the photon has been changed. The likelihood that it be measured in the vertical or horizontal state is one half, a remnant of its original ambiguous position. |
QKD has some limitations. For instance, it can only be used over a single span of optical fiber or along line-of-sight free-space optics. The range of QKD is 100km over optical fiber. The quantum signal cannot be amplified as the amplifier would act as an observer. This distance can be extended through “trusted nodes”, where keys are effectively recreated in physically secure rooms or racks. In the future, networks with full quantum security will be possible with monogamous quantum entanglement.
Entanglement |
| When two quantum particles are entangled, their state can only be described as a whole, not as two separate states. For example, two entangled photons will be polarized. When the polarization of one photon is measured then the polarization of the other photon becomes known as well without measuring it. This is true even if the photons are very far apart. |
QKD has been integrated into an optical communications system and used to secure the transmitted data. This could then be used to secure traffic between a bank or hospital to a remote data centre where the confidentially of the data is paramount. QKD can also be used in transmitting keys to a satellite through free-space optics where these keys could be distributed over a much wider area. In addition, short range free-space QKD allows secure communication, for instance, between a mobile phone and an automatic teller.
How QKD Works |
|
Quantum cryptography is integrated into an optical communication system by adding a quantum channel of repetitive pulses of light, each containing one photon in parallel to the data traffic. These photons are encoded into quantum states. If a hacker taps the quantum channel, photons will be lost (in fact the whole light pulse) and they will not arrive at the receiver, so no key can be created. The hacker could try to replicate the photons in the states measured and send these copies to the receiver. However, in making the measurement, the hacker will change the state of the photon, leading to increasing errors at the receiver, and therefore indicating that the transmitted data is no longer secure. |
|
Quantum communication between QKD units creates the private keys used to encrypt the data, with the encrypted data carried on the same fibre as the quantum signal |
| Once a key is established at both ends, it can be used in the same manner as in public key cryptography to encrypt and decrypt the transmitted data. Therefore QKD provides a secure method for distributing keys and can generate these keys at a high rate. This speeds up the changing of the keys and secures the data even further. |
QKD is therefore a potentially highly secure encryption technique of the future as is it not based on advances in mathematics but the physical laws of nature. The current distance limitation, which restricts its applicability, can be overcome by the use of “trusted nodes”, making QKD more applicable to larger networks. Many academic institutions around the world are actively researching QKD, which is only one part of what quantum-based technologies can offer: there are major research efforts in timing, measurement, imaging and computing as well.