Quantum Cryptography — Is Our Data Still Secure Tomorrow?
The development of powerful quantum computers has an impact on encryption methods which are still considered secure in today’s world. For example, quantum computer scientist and co-founder of the Institute for Quantum Computing at the University of Waterloo, Michele Mosca, estimates that there is a 1 in 2 chance that a quantum computer will be developed by 2031 that can break today’s cryptographic methods, such as the asymmetric encryption method RSA. (Source: ComputerWorld)
Though, do these advances only have negative effects, or can this new type of computer equally be used to develop new encryption methods that will also be secure in the future? Because one thing is certain, private and sensitive data must be protected even in a future where the use of quantum computers becomes commonplace.
This is precisely the topic that so-called quantum cryptography is concerned with. Here, an attempt is made to develop an encryption system that cannot be cracked without the sender or recipient of a message noticing.
Quantum Cryptography: The “Quantum Key Exchange” Method
A first procedure that was developed and which is based on this principle is the so-called quantum key exchange. The procedure here is that single photons are used for the exchange of the key, which is responsible for the encryption and decryption of data. These photons can be polarized in different ways, horizontally or vertically, but also right diagonally or left diagonally. For these photons there are so-called polarizers, which can be seen simplified as a kind of filter, which lets photons with the same polarization pass but blocks them with the wrong polarization.
So, if you try to measure a horizontally polarized photon using a vertical polarizer, it will be blocked. There is no separate filter for the detection of diagonally polarized photons, in this case, the respective filter must be rotated by 45°. The key, which a transmitter sends to a receiver, is thus accordingly a stream of photons, which are randomly polarized.
The receiver now selects one of the 4 random polarizers for each photon, which means, sometimes it detects a particle correctly and sometimes it does not. Ideally all polarization states are used with equal probability both when creating the photon stream and when filtering the receiver.
When the receiver has filtered all particles, both parties agree on when they had exactly the same basis, i.e., when they had a diagonal and when a vertical/horizontal filter. All photons for which this was not the case are discarded and thus a so-called one-time-pad is created, which has approximately half the original length. Safety is provided here by the quantum mechanical phenomena:
A measurement would change the state of a particle, which means, the sender and the receiver would notice immediately, if somebody eavesdrops their communication.
Furthermore, the attacker does not know which polarizers the receiver used, and thus the result is not the same key used by the other two parties. In this way, tap-proof online communication could be implemented.
As can already be guessed from such methods, there are also secure methods which result from the development of quantum computers and consequently may guarantee even higher security in the future than the methods used so far.
Post-Quantum Cryptography: NIST’s Standardization Competition
Currently also an important area of research is post-quantum cryptography.
Post-quantum encryption algorithms, unlike quantum cryptography, do not necessarily have to be implemented by a quantum computer, but can also be based on methods using classical hardware.
To ensure that data will be adequately protected in the future, the National Institute of Standards and Technology (NIST) launched the “Post-Quantum Cryptography project” back in 2016. The public competition is intended to produce various methods and evaluate their security in order to find a way to encrypt data in a way that it cannot be cracked by either a classical computer or a sophisticated quantum computer. Several rounds are held to discuss the submitted methods. If necessary, improvements are made, methods are combined, or the method is discarded.
On July 22, 2020, the competition started its third round. A total of 15 algorithms now remains from the original 69, seven of which are considered finalists because they are the most promising candidates for standardization to date. More information on NIST's Post-Quantum Cryptography Program Enters 'Selection Round', July 2020. It is particularly striking that five of these candidates are based on so-called mathematical lattices, which is accordingly also penalized as the most promising basis.
After a period of about 18 months, NIST is expected to publish the first standard for quantum-resistant cryptography in 2022.
At the present time, neither quantum computing nor post-quantum cryptography is at a stage where it can be practically applied. So far, a powerful use of a quantum computer to decrypt or encrypt data works only in theory. External factors such as temperature, which may only be just above absolute zero, still have a very high influence on the result in current tests and experiments.