Christopher Wood is a fourth year student at the Rochester Institute of Technology studying Computer Science, Software Engineering, and Mathematics. This piece is an exploration of quantum cryptography, one of the fastest growing areas of multi-disciplinary research that encompasses scientists and engineers from a variety of fields. It was written to be published at the DailyTech, a popular online science and technology venue, in order to reach out to aspiring computer security professionals, security practitioners, and most importantly, any individuals or businesses who want to invest their time and money into the future of cryptography.
As society progresses into the information age, the need for secure communication mechanisms across public networks becomes increasingly important. Personal and private data such as bank accounts, social security numbers, and credit card information are being transferred across open communication channels on a regular basis. As such, it is absolutely vital that this information remain secret, which is where cryptography comes into play. Cryptography, or the science of making and breaking secret codes, is used in practically every setting where information needs to be kept secret as it is transferred between two parties. Consequently, the integrity of this information is directly tied to both the mathematical strength and implementation quality of these cryptographic solutions. And unfortunately, due to a variety of reasons, neither of these factors can be guaranteed all of the time.
Despite the best efforts of researchers and scientists across the world, there are still flaws that exist in the cryptographic solutions that are used to support the need for secure digital communication. Unfortunately, these flaws are quite often exploited by malicious users for personal or financial gain. Clearly, the presence of a 100% cryptographically secure communication channel that could be used by two parties would be a significant achievement scientifically and a large step towards increasing user trust in digital communication services. This is where quantum computing and quantum-based cryptography step onto the scene. Based on the provable physical properties of quantum mechanics, rather than the difficulty of certain mathematical problems and integrity of implementation options, quantum-based solutions for cryptography offer incredibly secure (if not perfectly secure from a theoretical standpoint) communication techniques for businesses, organizations, and individual users looking to improve the safety and integrity of their online presence. For that reason, quantum-based cryptography is a topic that every aspiring security engineer and practitioner should be aware of in the event that it becomes a mainstream technology for digital communications in the future.
The field of quantum computing was first introduced in 1981 by Richard Feynman, a successful American physicist who specialized in quantum mechanics and particle physics. The idea behind this model of computation is simple. In contrast to traditional computing where data is represented as sequences of binary data and operations on such data take the role of simple Boolean algebra expressions (ultimately resulting in either a true or false outcome), quantum computation operates on pieces of data called quantum bits, or simply qubits, which have the potential to represent many different states at once (meaning they are able to hold more data than a simple true or false expression at a single moment in time). This property is referred to as the superposition principle of quantum mechanics, which simply says that a particle can be in all possible quantum states simultaneously, but when measured it is only seen as being in a single state. Also, it is important to note that measuring the quantum state of a qubit effectively changes its state. The implications of this are that certain mathematical algorithms (which are essentially defined as a finite series of steps to solve a problem) and scientific processes can make use of bit-level parallelism to perform a single operation on many different states or sets of data (on the order of 2^500) at once, which wasn’t typically possible given traditional computing models. This means that, at some point, the computing power of quantum-based machines will surpass traditional computers by a very large factor and likely result in a shift in the computing paradigm.
In order to understand the significance of this new computing paradigm and its potential applications on quantum-based cryptography, consider traditional cryptographic techniques that are used to ensure secure communication between two parties. Since all of the data involved in a communication is sent across a public channel it is absolutely necessary to encrypt it for transfer, which essentially means scrambling the data in its original form and making it unreadable to unauthorized users. If one wants to read such data, it must be decrypted, or unscrambled. This is done with the use of cryptographic keys, which are analogous to keys to a padlock. Consider a vault that is locked with a padlock. Clearly, if one wants to open the vault, they must unlock the padlock with the right key. This vault can be used to transfer secret information between two users who share the same key to open the padlock simply by having the transmitter open the vault, insert their data, and then close and lock it before sending it to the receiver. Upon receiving the vault, the receiver can then use their key to open up the padlock and gain access to the information within. If someone was to find the vault while it was being moved from the transmitter or the receiver they would most likely be unable to open it up because they don’t possess the correct key. At this point, the malicious person could attempt to make a copy of every possible key in the world to try and open the vault, which would be very time consuming, but might ultimately work. This approach is referred to as a brute force attack on the data inside the vault, and is usually not practical for sophisticated key designs. As such, the security of the data within the vault lies in key ownership and design strength.
Key distribution protocols are the standard procedures followed to transport keys securely between two parties. These are required because there must be some agreed upon approach to distribute these secret keys between two parties in order to communicate securely. Otherwise, it would be easy for an unauthorized user to simply masquerade as a legitimate user and gain access to private information.
Perhaps the most common key distribution protocol is Diffie Hellman’s key exchange protocol. This procedure can be thought of as a way to re-build a key from two distinct pieces. It requires that the key being agreed upon is broken up into exactly two pieces, where one piece is held by only one party. In order to form the entire key to unlock the vault the two parties must exchange copies of their halves so that the other can use it to construct the final key. The security of this approach is that, given our current knowledge of mathematics and number theory, we don’t know how to solve for the entire key when given just a single piece. If someone was to find a viable and practical solution to this problem, then many cryptography-based security implementations, including those key exchange protocols built around the Diffie Hellman key exchange protocol, would crumble. However, according to Dr. Stanislaw Radziszowski, a professor in the Department of Computer Science at the Rochester Institute of Technology (RIT), such solutions aren’t likely to come anytime soon. These problems have been open to the public for many, many years now, and despite the efforts of the top researchers in the fields of both mathematics and computer science, no one has been able to reduce the general difficulty of these problems to something that can be easily implemented and solved in an appropriate amount of time. In most cases, brute force attacks (which are essentially random guess-check solutions that try to break a cryptographic primitive by guessing the right series of numbers) are the only possible options, and given the extremely large number of possibilities for these numbers, such attacks aren’t likely to succeed in our lifetime. However, that is not to say that existing techniques are a reliable solution for secure key distribution. Given the pace at which both technology and mathematical research advances, there will surely be weaknesses in these existing implementations that can reduce the time required to “break” them to something much more reasonable.
Given the simple assurance that the measurement of a single qubit of data effectively changes its state, it is clear that key distribution protocols based upon quantum mechanics offer perfectly secure means to support reliable communication without the possibility of a malicious user “breaking” the system. This is because it is impossible for a malicious user to attempt to read the secret key without effectively changing its value and alerting the two parties engaged in communication. This feature stems from the properties of quantum mechanics upon which they are built, and is usually referred to as the process of entanglement in the physics realm. In laymen terms, this means that qubits of data can be linked together (and therefore, keys can be linked between two parties), and if anyone other than the owners of these pieces of data attempt to read it then the state of the qubit will change, thus effectively alerting the owners of suspicious activity.
It would be difficult to argue that key distribution implementations based off of the uncertainty, or rather the lack of a known solution, in a select set of mathematical problems are more reliable than physically provable ones, which therefore indicates that these solutions are, from a theoretical perspective, superior. Dr. Eric West, an associate professor in the Department of Physics at RIT, has strong faith in the future of quantum computing and any derivative applications that may follow. He feels that the physical properties of quantum mechanics and particle physics are becoming clearer every day in the physics realm, and as technology advances society should be able to support the construction of devices that both emulate and replicate these quantum behaviors. It’s only a matter of time before quantum computers become a ubiquitous reality.
Dr. West’s perspective on the field clearly outlines problem that quantum-based cryptography faces. That is, the field itself is still in its infancy, and large enough computers based on quantum mechanics are few and far between. There are several companies that have invested both time and money into quantum computing research, including technological giants IBM, Toshiba, and Google, which will certainly help improve the status of the field. However, existing implementations are quite limited to small prototypes that can perform operations with only a small number of qubits (on the order of about 10). Even though a qubit can represent many different states at a single point in time, quantum algorithms still require many qubits in order to perform any practical application. This means that in order to have practical applications of quantum computing, we need to increase the number of qubits in quantum computers. Given enough time, it is almost certain that scientists and researchers will make ample headway in the field that will enable such computers with larger qubit capacities to be sold to and utilized by large markets.
The National Institute of Standards and Technology (NIST) is also in support of this effort, with a particular emphasis on quantum key distribution protocols. In 2006, NIST developed a high-speed quantum key distribution test bed that can be utilized to evaluate the performance of different protocols that make use of this technology. This system incorporates both two new types of systems that allowed existing protocols to be run at a rate much higher than previous systems (on the order of about two magnitudes higher), which brought us one step closer towards practical implementations of these systems. Although this specific test bed was geared towards the encryption of video data in real-time, the technology can be applied to any data stream that is to be sent over a public channel. Also, since the release of this system, NIST has been working towards integration it into larger quantum networks, which would be a large step towards the realization of large-scale quantum key distribution systems.
As we progress forward into the information age, the state of quantum computing and scale of actual implementations is bound to improve. If Moore’s Law has taught us anything, it is that technology advances at a very rapid rate, so it is only a matter of time before we have the tools necessary to build large-scale quantum computers. Even with its limited applications right now, it is still a topic that is unarguably worth the time, money, and effort to invest in with prospects of future uses. With a solid base in quantum computing, the potential benefits are seemingly limitless in the cryptography realm. Furthermore, with this new sense of digital security society is likely to experience the beginning of the next information age in which everything is transferred between parties on public channels. Only this time, we can do this communication with confidence.
No comments:
Post a Comment