Of the many different subsections of quantum computing, quantum cryptography is probably the most well-known. And for good reason, too. The advantages of quantum cryptography include unbreakable security, which means it has applications in virtually every industry. And as researchers come up with new algorithms and principles to apply to quantum cryptography, it will no doubt revolutionize the future of online security.
So what’s the difference between quantum cryptography and regular cryptography?
Cryptography is the process of mathematically scrambling data so that only the person with the right “key” can read it. This kind of cryptography is the reason you can privately send emails to your friends without having to worry if anyone else will be able to read them.
There are two types of key distribution in regular cryptography: symmetric key (which relies on a secret shared key that only the parties allowed to read the data possess) and asymmetric key (which uses mathematically-generated public/private key pairs). Even though the math used to generate these keys is very complicated, it’s possible to crack if you can factor a very large number (public key) into its two prime-number factors (private key).
The reason we trust this kind of encryption is that it would take an impractical amount of time for even the most powerful classical computers to perform the kind of computations required to find the correct two prime numbers. The problem with regular cryptography is that, however complicated and time-consuming the process may be, it is possible to at some point discover the prime-number private keys that protect our secrets. And for governments and businesses with valuable information, the rapid development of computers and their processing power poses a huge risk.
Quantum cryptography, however, is the use of quantum mechanics principles to encrypt and transmit data in a way that can never be hacked. The amazing thing about the particles in quantum computers is that they have certain properties that make quantum cryptography extremely secure (you can read more about the wonders of quantum computing here). There are four main principles that we’ll focus on in this article:
- All particles are uncertain. Quantum mechanics forbids the knowledge of certain properties of quantum particles without sacrificing knowledge of some other property. This has nothing to do with the measuring instrument or the competence of the observer, but rather with the nature of the system itself.
- Quantum particles can exist in more than one state or place. Photons can exist in two different quantum states: spin up and spin down. The line between the two is often blurred, so these states are used in quantum computing as the quantum counterpart of the ones and zeroes in classical binary bits.
- You can’t measure a quantum system without disturbing it or causing the system to collapse upon itself.
- You can clone some properties of a quantum particle, but not all of them.
These properties are each necessary for quantum cryptography to work, with key roles (no pun intended) in quantum key distribution (QKD) and actual encryption. Unlike classical cryptographic systems, quantum cryptographic systems are truly un-hackable.
What is Quantum Key Distribution?
When you hear about quantum cryptography in everyday conversation (assuming that you occupy circles sophisticated enough to discuss such a topic), it’s usually in reference to quantum key distribution, or QKD. Remember the classical “key” system from before? Quantum key distribution doesn’t encrypt the actual data, but rather allows users to securely distribute classical keys which can then be used for encrypted communication.
So how does QKD work? Let’s not deviate from sacred cryptology tradition here: imagine you’ve got a user named Alice who wants to securely tell Bob that she thinks Toby is the best character on The Office (this is an embarrassing secret that no one, absolutely no one, must know). Alice knows that her bully, Eve, is trying to eavesdrop on their conversation so she can expose Alice to the entire school. But Alice and Bob are smart: they decide to use QKD to secure their conversation. Alice uses a random sequence of filters to send Bob a series of polarized photons through a fiber-optic cable (Principle 2), which he must then read using two different types of filters.
There are four different types of photon spin: horizontal, vertical, forward-facing diagonal, and backward-facing diagonal. The vertical and backward-facing diagonal spins represent a bit that occupies the state of "1", while the horizontal and forward-facing diagonal spins represent a bit that occupies the state of "0". Horizontal and vertical spin can only be read by a rectilineal filter, and the forward- and backward-facing diagonal spin can only be read by a diagonal filter (as shown in the graphic above).
If Bob used the wrong filter for a particular photon, he would have gotten an incorrect measurement. This was a predicament that actually took researchers a long time to figure out because it made the message so secure that even the intended recipient wouldn't be able to read it.
Their solution was simple but ingenious: after the photon transaction occurs, Alice would call Bob and tell him which sequence of filters she used to create the original polarization. The photons for which Bob used the wrong filter are then discarded, and the remaining sequence of ones and zeroes become the key they use to encrypt their conversation.
The most mind-blowing part is that, even if Eve was listening in on their conversation, she wouldn’t be able to divulge the actual key because she only knows the filters Alice used, not the polarization states themselves. In order for her to correctly figure out the key, she would have to know which filters both Alice and Bob used before the photons had ever been sent (Principle 1).
Additionally, to measure the spin of the photons that Alice sent along the cable, Eve would have to pass it through her own filter sequence. If she uses the wrong filter for any given photon, its respective spin would change. So once Alice tells Bob which sequence of filters she used, both she and Bob would immediately know that their key is compromised because their bit sequence wouldn’t match up (Principle 3). Alice would then send a new, uncompromised key to Bob, which he could subsequently use to read her secret.
Now you may be asking: if QKD is so secure, then why isn’t it in widespread use? The main answer to this question is that the process itself is very expensive. So it's used for crucial transactions like inter-bank communication and election result transmission (where the high cost makes sense), but it won't protect the privacy of your text messages because let's face it: your STONKS memes aren't worth the price tag.
Another problem with QKD is the difficulty of conveying data between vendors with different systems, but this is something that researchers at various prestigious institutions are beginning to change. Regardless of the hurdles, one thing is clear: QKD is the near future of cryptography.
What is Quantum Encryption?
Unlike QKD, quantum encryption is the process of using quantum mechanics to encrypt the data itself, not just the key used to read it. This task is much more difficult than QKD, but it is nonetheless an eventual possibility. Currently, the most popular approach to quantum encryption is the Kak protocol: a quantum version of the regular double-lock algorithm, which is a four-step process that allows users to communicate data without sharing any keys.
Let’s assume the same Bob-Alice-Eve scenario from before, where Alice doesn’t want Eve to read the secret she sends to Bob. Alice locks her message in a digital case using a secret encrypted key and sends it to Bob. Bob then puts his own lock on the case and sends it back to Alice, who removes her own lock. Once the case is sent back to Bob, he can unlock it and read the message inside. This whole exchange happened without Alice or Bob having to share any keys, which makes it relatively secure (at least with physical locks and keys).
The transfer becomes a bit more complicated when we involve digital encryption, for several reasons. First, the case must be exchanged in a specific chronological sequence in order to work: Alice must put her lock on the case before Bob does, and then she must be able to remove it before Bob removes his. Additionally, since common encryption involves multiplying by a large number, Eve could hypothetically deduce Alice and Bob’s respective secret keys by measuring the data multiplied by Alice’s key, the data multiplied by both keys, and the data multiplied by Bob’s key as the package goes back and forth.
To solve this problem, computer scientist Subhash Kak proposed using certain quantum rotations as locks instead of large multiplied numbers. These rotations to be applied in any order because quantum systems can occupy multiple states at once (Principle 2), which solves the previous problem of “locks” having to be applied commutatively.
Since measuring quantum systems causes them to collapse (Principle 3) and it’s impossible to clone all quantum-mechanical properties of a quantum system (Principle 4), any attempt by Eve to measure intermediate data would cause the message to be corrupted. And thus there is no possible way for Eve to read Alice's secret.
Researchers besides Kak have continued to develop the protocol and make it more tamper-resistant, but unfortunately, we have not yet seen any commercial implementations of quantum encryption. Though true quantum-based encryption will require much more powerful computers, researchers are getting closer to making it a reality.
Why Quantum Cryptography is Important
Currently, governments and large corporations are in an “arms race” of sorts to create the world’s leading usable quantum computer. As quantum computers advance, so will the need for cross-continental, unhackable communication systems that can effectively transmit sensitive data without the risk of intermediary intrusion.
“I’m certainly scared of what can be the result of quantum computing,” says Michael Morris, the CEO of Topcoder, a global network working on finding solutions to quantum computing programming challenges. “Instead of solving one problem at a time, with quantum computing we can solve thousands of problems at the same processing speed, with the same processing power,” he says. “Things that would take hundreds of days today could take just hours on a quantum computer.”
The thing is, in this arms race, no government really knows where the other parties stand in terms of development stages. “My fear is that we won’t know that the quantum computer capable of doing this even exists until it’s done,” says Morris. “My fear is that it happens before we know it’s there.”
You can get a head start in quantum computing to help combat this problem by following our four-step guide. But let's be clear: the laws of quantum mechanics make quantum computing so complicated that we probably won't be anywhere near an actual cryptographic breakthrough in the next decade, speaking optimistically. That being said, we must be prepared for the capabilities of quantum computers once they arrive, because once they do, they will have the ability to wreak unprecedented havoc on what we currently consider to be "secure" systems. Fortunately, QKD and quantum encryption provide the solutions needed to protect our information well into the future. Because although mathematics can be cracked, the laws of quantum mechanics ensure that quantum systems can never be corrupted.
Read this paper for a more in-depth, science-y explanation of quantum cryptography.