Quantum computers could see internet encryption become obsolete. But a team of researchers has used quantum mechanics to make cybersecurity fit for the quantum age.
Quantum computers could solve some of the world’s biggest problems, but in the hands of hackers they could also completely disrupt cybersecurity as we know it.
To preempt this move for as long as possible, a team including physicists, and electrical and computer engineers from Duke University, Ohio State University and Oak Ridge National Laboratory in the US has successfully tested a high-speed quantum encryption system by wielding the same technology that makes quantum computers possible in the first place.
“We are now likely to have a functioning quantum computer that might be able to start breaking the existing cryptographic codes in the near future,” said Ohio State University Professor of Physics Daniel Gauthier.
“We really need to be thinking hard now of different techniques that we could use for trying to secure the internet.”
Quantum key distribution (QKD), a system first theorised in the mid 1980s, are starting to come online, most notably in Europe and China, the latter of which used a satellite to send a quantum key to two land-based stations 1200 km apart in late 2016.
However, these existing systems have a problem: they can only transmit keys at relatively low rates – between tens and hundreds of kilobits per second. That’s too slow for practical use on the modern internet, said Nurul Taimur Islam from Duke University.
“At these rates, quantum-secure encryption systems cannot support some basic daily tasks such as hosting an encrypted telephone call or video streaming,” he said.
The solution is a two-part system. The first step is to pack more information onto a single photon of light used in the QKD by encoding two bits of information per photon instead of the usual one.
High-speed detectors, developed by electrical and computer engineers Clinton Cahall and Jungsang Kim from Duke University, create and distribute encryption codes at megabit-per-second rates – five to 10 times faster than existing methods, and on par with current internet speeds.
Of course, no system is perfect. Real-world implementations of QKD use imperfect equipment, which can open leaks for hackers to exploit. To counteract this, the team characterised the limitations of the each piece of equipment used. Professor of electrical and computer engineering at the National University of Singapore Charles Lim then incorporated these flaws into the theory.
As a result, they were also able to demonstrate their system was secure from common attacks, even when weakened with equipment flaws that could cause leaks.
“All of this equipment, apart from the single-photon detectors, exists in the telecommunications industry. With some engineering we could probably fit the entire transmitter and receiver in a box as big as a computer CPU,” Islam said.
Because a functioning quantum computer is still in the works, it’s uncertain how quantum key distribution will fare when put to the ultimate test. However, it’s one of our best attempts to date to boost cybersecurity in general, and troubleshoot quantum computing issues in advance.