Stolen banking and credit card information, compromised medical and financial records, tapping into cell phone conversations…
A team of researchers from the University of Calgary are hoping to put an end to these daily threats by using the theory of quantum physics to develop a spy-proof code.
Their initiative is based on the fact that information delivered via quantum cryptography presents a formidable challenge to hackers.
Should an unauthorized person try to intercept a quantum coded message, the data – much like a booby-trapped suitcase in a James Bond movie – blows up…figuratively, of course.
Any attempt to intercept the data alters its configuration and scrambles the message, says Wolfgang Tittel, physicist and principal researcher at the university’s Centre for Information Security and Cryptography.
“Communication security is so important that we want it to be infinitely secure,” says Tittel, an internationally renowned physicist recruited from the University of Geneva to head the research.
He says, currently, coded data relies on mathematical algorithms. Corporate and defense IT systems also use sophisticated encryption technology such as devices that generate long, randomly selected numbers to gain access to a network.
These systems are relatively safe unless the device that generates the key is lost or stolen or a global registry of keys becomes compromised.
Quantum cryptography encodes data into individual light photon particles. The data is highly secure because light cannot be intercepted and read without altering its state.
Only authorized participants in the transmission have appropriate keys to unlock the code.
This effectively foils the so-called man-in-the-middle ploy, in which a thief takes on the digital identity of both sender and receiver to intercept data being transmitted between the two. Any attempt to break the code will leave telltale signs of eavesdropping.
The technology also allows a higher degree of randomness over traditional systems since key exchanges can be done several times a second without slowing down data transmission.
The work being done at the U of C is sponsored by Alberta’s Informatics Circle of Research Excellence (iCORE) and defense company General Dynamics Canada. The system Tittel is working, however, involves transmitting only the code key via light photons and sending the rest of the message using standard encryption methods.
In this scenario, a sender will first transmit the code key to a receiver. Since light photons are altered when intercepted, the sender will be aware of an attempted breach.
Tittel said senders can then choose to send the message after the lines are secured.
Though scientists have been studying quantum cryptography since the 1970, only a handful of groups are involved in the research, said Tittel. “There are probably only eight or 10 people around the world doing research on quantum theory and fibre optics.”
He said there are currently two companies offering quantum cryptography products but their systems are limited to transmission rates of 1,000 bits/sec over a distance of 10 kilometres.
“We are proposing to raise these numbers to one million bits/sec over 100 kilometres,” said Tittel.
One Canadian analyst, however, notes that quantum cryptography itself is not fool proof.
The technology is “not perfect, it can be broken,” said James Quinn, senior research analyst at Info-Tech Research Group Inc. in London, Ont. However, he added that attempts to do so can detected.
Quinn also cited at least three short comings of the encryption method:
• Light particles have to travel through fibre optic cable. It would be very expensive to deploy the cable up through the desktop over long distances.
• Photons suffer from degradation when traveling over long distances.
• In the event quantum computing catches up with quantum cryptography, code breakers will theoretically have the means to get around the technology.
Tittel, however, said in most cases, there will be no need to lay out new fibre backbone since his system can operate over existing optic fibre network. He said companies can also save on cost by limiting straight-to-desk optic fibre connections to key personnel.
The U of C academic noted that his research also involves work on methods of mitigating photon degradation.
On the issue of quantum computers, Tittel said, these devices will not change the fact that photons leave indicators of attempted security breaches.
These limitations are also “likely to fade in time,” according to a report published by Roland Hengerer, Martin Illsley and David Black of the Technology Labs of the global management and technology consultancy firm Accenture.
The report identified two companies as leaders in developing quantum cryptography; id Quantique SA in Geneva and MagiQ Technologies Inc. in New York.
Both companies’ systems combine quantum key distribution with data communications hardware for use with existing fibre optic connections. The plug-and-play systems sell for around US$50,000 to US$100,000 per unit.
“Quantum key distribution, combined with one-time pad encryption that is used to authenticate communication partners today, promises an unconditionally secure communication system,” the report said.
It conceded, however, that “for many companies, quantum cryptography will remain a futuristic solution for some time.” Quinn agrees with this view. “We are years away from widespread use. The technology will probably not be commercially viable until 10 years from now.”
Tittel as well, estimates that it will take 10 years to develop a commercially viable product.
Quantum cryptography is a “great theoretical model that will have great use but the hurdles are just too significant,” said Quinn.
He likened the situation to the automotive industry’s continued use of fossil fuels because alternative fuels are not yet commercially viable. “The industry ends up doing a better job with what is has until a better tool is developed.”