Everyone worldwide is becoming increasingly reliant on the security of information and communications, in all aspects of our daily lives. The trouble is that current methods used for security are becoming ever more vulnerable. We know that encryption techniques widely used today can be broken by a large and powerful quantum computer, when this gets built in the future. For information that is only required to be secure for a short time now, this threat is clearly just looming. However, for sensitive information that requires a long security “shelf-life”, the threat is already here. Encrypted communications can be stored now and broken in the future, when the tools exist. Clearly new approaches to security are required.
Quantum Key Distribution
Encryption and decryption methods are needed that are not vulnerable to quantum computer attack. One approach is to utilise shared keys – for encryption and decryption – and cryptographic techniques immune to such attack. Then the security is determined by the security of the key distribution mechanism. This is where the quantum technology comes in – it provides a secure method of quantum key distribution (QKD).
To share a key, the basic idea is that the transmitter – usually called Alice – sends a long sequence of quantum light pulses to the receiver – usually called Bob. These may be sent down an optical fibre or through free space, whichever technology provides the best solution, but either way any adversary – usually called Eve – can only gain information on the transmitted light signals by measuring them in some way. Quantum physics dictates that Eve cannot avoid introducing disturbance to some of these signals through her measurements, so she cannot avoid exposing her eavesdropping . Clearly Bob also has to measure the quantum light signals that he receives in order to establish a key shared with Alice. Nevertheless, the really clever thing with QKD is that Alice and Bob can afterwards identify a subset of shared data to keep. Without exposing the actual data values, they can identify the specific light signals that Bob should not have disturbed by his measurements. They can locate and correct errors in the data that they keep, and then mathematically compress it down to a final shared secret key. What’s more, all these subsequent communications do not have to be encrypted (although they could be) – the security of the final key is not compromised even if Eve overhears all this discussion.
Once Alice and Bob have secret shared key data, they can use this in a range of approaches. For secure communications the ultimate (information theoretically secure) would be one-time-pad encryption. A much more economical (with key) approach would be to use quantum keys to drive a system using the Advanced Encryption Standard (AES) – this approach is compatible with current high-speed telecommunications infrastructure. Other quantum key applications include single-use PINs, or passwords, or entry codes. Two important things to note are: (i) that almost certainly the key use will be once only to maintain security (and so afterwards used keys should be irreversibly deleted); (ii) the use of the keys is conventional, requiring no quantum technology. It is the distribution, or replenishment, of the keys that is quantum.
Although proven to work, currently QKD systems are bulky, costly to manufacture and have some limitations. We are working towards overcoming these, enabling widespread use and adoption.
In parallel to the development of quantum communications, within our Hub we are pursuing other forms of “quantum-safe” communications – secure against eavesdroppers or adversaries armed with arbitrarily powerful quantum computers or sensors working at the absolute quantum limit. One such direction is with new mathematical approaches, called post-quantum cryptography (PQC), which are known to be immune to current quantum computer algorithms and thought to be immune to any that might be developed in the future. It may well be that the most flexible and secure security in the future will incorporate both QKD and PQC. One example would be with authentication, in a dynamic and changing network scenario. For example, if a particular Alice wishes to correspond with a Bob she’s never met before, they will have no previously shared key to support a QKD session. So PQC could provide this, with the security “shelf-life” of the PQC exchange only being needed until new key from QKD is generated.