The future of data security could hinge on the transmission of information as encrypted light particles, with a new joint U.S.-Swiss research paving the way for quantum cryptographic devices to create a new cybersecurity scheme.
The eventual development of a fully-operational quantum computer has the potential to render current data security practices utterly ineffective. The U.S.-funded quantum technology research initiative aims to solve this problem by marrying both classical and quantum technology to further safeguard digital networks ahead of the advent of quantum computing.
Stemming from the recent U.S.-Swiss bilateral collaboration in quantum technology, a team of researchers in Switzerland is working specifically with device-independent quantum cryptography—a process that would allow the standard computers of today to transmit secure encryptions with a quantum-capable add-on.
Renato Renner, professor for theoretical physics and head of the research group for Quantum Information Theory at ETH Zürich, serves as one of the lead theorists within the U.S.-Swiss partnership. He explained to Nextgov that these devices look to arm the current familiar computing systems with quantum protections.
“We may hope to have better classical schemes, which are so good that even a quantum computer cannot attack them. That’s post-quantum cryptography,” he said in a recent interview. “But what we are doing [is] also using quantum technology—that is, device-independent quantum cryptography—[to] secure against attacks by quantum computers [using] quantum technology itself.”
As the race to develop quantum computing systems—and with them the capacity to crack modern encryption—poses a threat to the classical computing systems that secure the vast majority of today’s digital networks, the primary defensive tactic relies on quantum-resistant algorithms.
Renner notes that these algorithms, though oftentimes effective, never offer a guarantee for security since they still utilize classical computing schemes. One such proposed algorithm has already been cracked by a classical computer. The U.S.-Swiss partnership looks to close these outstanding security risks by employing quantum technology as part of its defense, and eradicate the potential for future attacks.
“For device-independent quantum cryptography, you can still use mostly classical devices, but you need to be able to encode information into light particles,” he said. “So what you need is some quantum equipment, but it doesn’t go as far as building a quantum computer.”
Encrypting transmitted data into light particles, or photons, in lieu of classical algorithms that contain numerical solutions is meant to thwart potential hackers and cyberthreats from accessing sensitive information, even if they have an operational quantum computer at their disposal.
Critical to security is that the encoded photons are strung in superposition—in which their true state is undefined—as they transmit from one location to another. As a foundation to the basic no-cloning principles of quantum mechanics, observing an encoded photon in superposition will alter the value of that particle’s stored data. The change noted in the photon’s superposition will ideally alert the recipient if there was a security breach.
“No one can look at the photon without changing it if it’s in a superposition,” Renner said. “And that’s what we exploit.”
The scheme is further designed to send an empty test photon prior to the encrypted particle to test the connection and prevent the capture of the actual message. Any signs of cyberattacks on these encrypted photons would signal to network operators to pause further transmission before an attacker has the opportunity to intercept data of value.
“Hence, once we have device-independent quantum cryptography available for us to communicate, there is no room left for an attack on the scheme,” Renner said. “There is of course still the ‘human’ aspect: an attacker may coerce the users of the scheme to reveal their secrets, for instance. But this is not a problem cryptography can solve.”
Renner noted the irony of quantum technology’s role as both offense and defense.
“Quantum computing is really a threat to cryptography,” he said. “But quantum technology also helps us protect data better, and that’s what quantum cryptography does.”
While utilizing quantum technology in these cryptographic efforts stands to improve security against potential adversarial quantum computing systems, Renner said that there are still unresolved issues obstructing the path to full-scale implementation. One such issue is the need for special purpose fiber optic cables or expensive satellites to transmit photons carrying data.
The need for a large set of special optical fibers to employ the kind of security Renner and his team are developing renders the immediate use cases limited to primarily high-security applications between a few distinct locations. Renner said that widespread availability depends on deeper investments, as well as the growth of competing products.
In addition, the system proposed by Renner’s team requires high precision in the data’s encryption as photons.
“You need to encode the information into photons, into light particles, and these encoding devices need to work exactly according to the specification,” he said. Renner described a scenario where some of the current working quantum cryptography devices incorrectly encrypt particles, leading to misreadings.
“Generally, the problem is that, with the technology we have today, we can just not guarantee that the device is at the end precisely doing what we want it to do … just too many things that can go wrong,” he said. “If the device doesn’t precisely do what it’s supposed to do, then it’s no longer secure.”
However, he added that the benefits of applied quantum mechanics in modern cybersecurity efforts—namely everlasting, unbreakable security—can also help maintain the current hype around quantum computing research efforts.
“In conventional classical cryptography, the security is really based on what people call hard problems, like factoring numbers. And once someone invents an algorithm to solve these hard problems, the cryptographic scheme is insecure,” he said. “In quantum cryptography, we don’t rely on hard problems at all, what we rely on are just the laws of physics.”
“And the laws of physics are, of course, something no one can change.”