Quantum Cryptography
Featured Article
Understanding quantum cryptography
Quantum computing—and quantum technology more generally—exists at the cutting edge of technological developments today. As quantum computing has been developing in recent decades, innovators have been applying quantum mechanics to other fields. One result is quantum cryptography. “What is quantum cryptography?” you might ask. Simply put, it is the use of quantum mechanics to securely transmit data.
In the last few decades, advances in quantum computing have raised concerns about the security of existing encryption methods. But the application of quantum mechanics to the field of cryptography has also made quantum cryptography possible. While not all are convinced about the practicality of this new method of encryption, quantum cryptography offers a potential solution to security concerns in the age of quantum computing.
In this article you will learn how to use the principle of quantum cryptography to encrypt and transmit data. You will also learn about the effectiveness and best applications of this cutting-edge science.
What is quantum cryptography?
To fully understand quantum cryptography, it is helpful to have at least a basic understanding of quantum mechanics and quantum computers. Without the principles of quantum mechanics and developments in quantum computing, quantum cryptography would not be possible.
What are the basic principles of quantum mechanics?
Quantum mechanics, also known as quantum physics, is a branch of physics that deals with the movement and interactions of subatomic particles, such as photons (particles of light). The theory of quantum mechanics emerged in response to observations that scientists could not reconcile with classic physics.
The Heisenberg uncertainty principle is an important grounding rule in quantum mechanics and one that directly impacts quantum cryptography. It holds that we can never simultaneously know the exact position and the exact speed of an object. The uncertainty principle exists because everything in the universe acts like both a particle and a wave simultaneously.
This ties into quantum superposition, another basic principle of quantum mechanics. According to this principle, particles can exist in a combination of two or more states that are “superposed” in another valid state.
Superposition is key to quantum computing. Classic computers deal in bits, which are binary. They exist in one of two states: 0 or 1, on or off. In contrast, quantum computers use qubits, which can exist in the superposition of both 1 and 0. This allows quantum computers to process information in a new and faster way than classic computers. The computing power of this new technology exceeds that of the old—especially for certain applications. Most notably, quantum computers are really good at computing prime factors.
While superposition is key to quantum computing, the observer effect is key to quantum cryptography. The observer effect refers to the fact that, in quantum physics, measurement affects outcome. The mere act of observing a phenomenon necessarily changes it. This aspect of quantum physics is central to quantum cryptography’s security. If a third party observes (tries to read) a quantum-encrypted message, the intended recipient will know that someone tampered with the message. We discuss this in more depth below.
What is quantum entanglement?
The ability of an object to exist in two states at once can seem somewhat counterintuitive. Another counterintuitive phenomenon in quantum mechanics is entanglement. Quantum entanglement occurs when two particles, such as photons, interact and remain connected despite being separated.
Although they still don’t fully understand the mechanism that couples entangled particles together, researchers have confirmed quantum entanglement through experiments. They have demonstrated that when two particles are entangled, changing the properties of one particle automatically causes the corresponding properties of the other particle to change.
You can imagine entangled particles as being like a pair of magnets, where one magnet has its north end pointing up and the other has its south end pointing up. As a result of entanglement, if you flip one magnet over, the other will also rotate—regardless of how far apart the magnets are. So you could be standing in New York, flipping one magnet so that the south end is pointing up, and in Los Angeles, the other magnet would rotate so that the north end is pointing up.
Quantum entanglement is key to quantum computing. Quantum computing harnesses the power of entangled qubits to process a vast amount of calculations simultaneously.
When was quantum mechanics first applied to cryptography?
The field of quantum mechanics has a relatively long history. Physicists including Erwin Schrödinger, Werner Heisenberg, and Max Born made important contributions to the field in the early twentieth century. The application of quantum mechanics to cryptography is much more recent, however.
Physicist Stephen Wiesner first devised the idea of using the principle of uncertainty in cryptography in the late 1960s. Working from Wiesner’s initial ideas, two other pioneers in the field, Charles H. Bennet and Gilles Brassard, developed the first quantum cryptography protocol, BB84, in the mid-1980s. The first trials of quantum cryptography took place shortly after.
Quantum cryptography has made great strides in recent decades and has proven effectiveness for certain applications, which we discuss below. However, the practicality of this method of encryption is limited, at least according to some. Although many had high hopes for the possibilities of quantum cryptography in the 1980s and 1990s, this method of encryption might not live up to initial expectations.
How the principles of quantum mechanics can be used to encrypt and transmit data
Before delving into the controversies surrounding the practicality of the cryptographic applications of quantum mechanics, we should first take a deeper look at how quantum cryptography actually works. To do so, we need to look at quantum communication and how you can use the science of quantum mechanics to communicate securely and protect data.
How is quantum mechanics applied to data encryption?
In any cryptographic system, you use a cryptographic key to convert a plaintext message into a ciphertext. While the plaintext message is easily understandable, the ciphertext is an encrypted or encoded form of the plaintext message. It is impossible to understand without the key.
With quantum cryptography, you use the principles of quantum mechanics to encrypt information. Stated simply, with quantum computers, you can use photons and photon polarization to encode messages so that only the intended recipient can read them. Quantum key distribution (QKD) is the best-known example of quantum cryptography. In this secure communication method, you use a quantum key to encrypt and decrypt messages.
QKD comes with the advantage of added security. You cannot copy data that is encoded in a quantum state. Someone attempting to read the data will inadvertently change its quantum state. This allows you to detect eavesdropping in quantum communication.
How many parties can use a quantum key?
Two parties use a quantum key to securely communicate. Most cryptographic literature uses three fictional characters named Alice, Bob, and Eve to describe how parties interact in a cryptographic system involving keys.
In ordinary cryptography, we can talk about Alice sending Bob a secret message by converting the message to binary numbers and scrambling it mathematically with another set of numbers. This second set of numbers serves as the key. By sharing this key with Bob, Alice allows Bob to decode and read the message. In this example, a third party, Eve, might intercept the key when Alice is passing it to Bob. This renders the communication insecure.
With QKD, Alice encodes the key in polarized photons. If Eve tries to intercept the key, she will disturb the photons—exposing her eavesdropping to Bob and Alice. This is what allows for more secure communication between Bob and Alice.
What are the benefits of using a randomly generated key?
In general, using a randomly generated key makes it much harder for an eavesdropper, like Eve, to intercept a message between two parties, like Bob and Alice. In line with the probabilistic principles underpinning quantum mechanics, random numbers are entirely unpredictable.
In our everyday world a die represents unpredictability in a physical object. It is therefore an example of a “true” random number generator. Most often, however, encryption relies on “pseudorandom” number generators. These are algorithms that use mathematical formulas to generate a sequence of numbers approximate to random numbers.
With true random number generators, like dice, the creation of one number has no bearing on the creation of the next. One roll of a die will not affect the outcome of the next roll. Patterns and order, however, define the discipline of mathematics. Because of this, algorithms cannot generate numbers that are truly random. Nevertheless, pseudorandom number generating algorithms still play an important role in cryptography.
With such pseudorandom number generators, Alice and Bob do not have to share their secret key in advance. Instead, they can mutually agree on a pseudorandom number generator and derive a shared key from what is known as a short random “seed.”
Seeds are dependent on prime numbers. In comparison to composite numbers, prime numbers are more distinct. The distinction of the seed number has a bearing on how secure the randomly generated key is. The more distinct a key is, the harder it is for an eavesdropper to calculate the variables that comprise it.
To better understand this, consider two possible seeds: thirteen (a prime number) and fifteen (a composite number). The prime number thirteen is more distinct because you can only divide it by itself and the number one. In contrast, composite numbers, like fifteen, have more factors. You can divide fifteen by fifteen, five, three, and one.
If thirteen is your seed and we know that seeds are numbers one through one hundred, someone’s odds of guessing your seed correctly would be one in one hundred. The person would have to guess thirteen exactly to gain useful information about your encryption key. In contrast, if you chose fifteen as your seed, someone guessing three and five as well as fifteen might get useful results. The person’s odds of guessing useful information is three times greater.
This is where the computing power of quantum computers comes into play as a threat to much of our existing cryptography. Their ability to calculate prime numbers gives quantum computers the potential to crack any encryption system based on prime numbers.
Effectiveness of quantum cryptography
As we have discussed above, quantum cryptography, and specifically QKD, offers additional security in comparison to classical cryptography. In what follows, we delve further into the effectiveness of quantum methods of encryption in comparison to more traditional methods.
Why is quantum cryptography effective?
In classical cryptography we have two types of encryption. These are symmetric encryption, also known as secret-key encryption, and asymmetric encryption, also known as public-key encryption.
In symmetric cryptography, you use the same key for both encrypting and decrypting. This makes the process of encoding and decoding information easy. However, it comes at the expense of security. To create more security in symmetric encryption, cryptography experts have developed hybrid cryptography. In this form of cryptography, you encrypt a message with the secret key and then also encrypt the key.
In public-key cryptography, the asymmetric alternative, you use one key to encrypt and a separate key to decrypt. The first key is a public key. Someone, such as Bob, who wants to receive secure information can make the key widely available. This allows anyone to send an encrypted message to Bob. The key to decrypt the message, however, is a secret key. For this type of encryption to be secure, only Bob can know the secret key and use it to decrypt the messages.
In both types of key cryptography, the security of the encryption depends on the security of the keys. If someone acquires a secret key, the encryption is no longer secure. Quantum cryptography has an edge over its classical counterpart since it improves security.
As we touched on briefly above, QKD uses the principles of quantum mechanics to generate and transmit more secure keys. In quantum encryption, Alice can use photons to transmit a message to Bob—and know if someone tries to eavesdrop on their communication.
How does quantum cryptography allow the involved parties to detect an eavesdropping attempt?
To successfully eavesdrop on a message that Alice is transmitting through photons, a third party would have to know the spin of the photons that she is transmitting. The only way to measure the spin of a photon is by passing it through a filter. If our hypothetical eavesdropper, Eve, uses a diagonal filter to measure a vertical photon, the photon changes its spin upon passing through the filter. This means the digit encrypted in the photon also changes. So a 0 would change to a 1, and vice versa.
Chances are the eavesdropper will use the wrong orientation of a filter at least half of the time. But what about Bob? Like the eavesdropper, Bob is also unsure of which filter to use when receiving the photon transmission.
If both parties choose the right filter for a particular photon, they both keep the digit. Conversely, if Bob chooses the wrong filter for a photon, they both discard it. This process continues across all the digits. The probabilistic nature of quantum mechanics tells us that Bob will get around half of the numbers right. Alice and Bob keep the ones he got right, forming the key.
Chances are that Eve will correctly measure some of the photons that Alice sent. However, by measuring a photon, she changes its spin. This means that it is unlikely Bob will read Alice’s original signal correctly. So they discard the digits that Eve eavesdropped, and their communication remains secure.
What are the limitations of quantum cryptography?
As you can see from the above example, quantum cryptography has security benefits. However, it also has limitations. And according to some, these limitations generally outweigh the benefits.
One of the key limitations of quantum cryptography relates to the transmission of a photon over a long distance. Currently, most QKD depends on optical fiber cables for photon transmission. Unfortunately, these optical fiber cables only allow you to transmit a photon for a relatively short distance, in the range of a few hundred kilometers. This is one of the reasons why some people call the practicality of quantum cryptography into question.
Over the last few decades, pioneers within the field have made a lot of progress in terms of research and applications of quantum cryptography. However, no one has proven able to develop a real road map for the widespread use of quantum cryptography to secure real-world data and communications—at least not yet. As a result, QKD remains physically elaborate and costly rather than accessible to the masses.
Best uses for quantum cryptography
Despite its limitations, quantum cryptography still has valuable commercial applications. Below we outline some of these applications as well as potential advantages and disadvantages of more widespread application of quantum cryptography in the future.
Which industries make use of quantum cryptography?
As more and more people are using computers and the internet to communicate and conduct business, the importance of data security has grown. The growing need to secure data and reduce cybersecurity threats has helped spur the growth of the market for quantum cryptography.
Currently, pioneers in information technology and communication industries are leading the way in quantum cryptography research and applications. Toshiba, for example, has led the way in achieving unprecedented QKD speeds over optical fiber lines. Between 2016 and 2018, for example, Toshiba increased key distribution speeds by a factor of five.
Outside of the information technology and communications industries, governments, defense organizations, and banks are also taking advantage of quantum cryptography for increased security. As early as 2007, for example, the Swiss government started using quantum cryptography technology to help secure voting ballots that its citizens cast during parliamentary elections. This was one of the first major real-world uses of quantum cryptography.
What are the potential advantages of a widespread application of quantum cryptography?
In 2018, Chinese and Australian researchers made the first-ever quantum encrypted video call. This signals the possibility of greater security for video conferencing. This is particularly important as the use of video conferencing is skyrocketing.
In general, quantum encryption—as a more secure form of encryption—has the potential to greatly increase data security. And the need for data security is only growing alongside developing technology.
What are the arguments against the common usage of quantum cryptography?
As we have discussed previously, there are enduring questions about the feasibility and practicality of quantum cryptography. These questions have endured in spite of all the research and progress that pioneers in the field have made over the last few decades. Ultimately, concerns about feasibility are at the core of arguments against the common use of quantum cryptography going forward.
Quantum systems have to operate at extremely low temperatures and in very isolated surroundings. They require expensive, bulky, and complicated cooling equipment and other support systems. As a result, many experts in the field just don’t see their widespread use as practical.
That said, the underlying principles of quantum mechanics are still likely going to play a role in data security going forward. The growth of quantum computers still poses a threat to classical encryption methods. In the face of this threat, the field of post–quantum cryptography has emerged.
Despite its name, post–quantum cryptography is not closely tied to quantum cryptography. Instead, this type of cryptography centers on developing conventional, mathematical cryptography that quantum computers cannot easily solve. This emerging field—rather than quantum cryptography—might be the true game changer in the future of data security.
Interested in becoming an IEEE member? Joining this community of over 420,000 technology and engineering professionals will give you access to the resources and opportunities you need to keep on top of changes in technology, as well as help you get involved in standards development, network with other professionals in your local area or within a specific technical interest, mentor the next generation of engineers and technologists, and so much more.