Quantum cryptography is not infallible. But before getting to how it can be compromised, Michael Kassner calls on some experts to explain how Quantum Key Distribution works.
My editor, Selena Frye called, asking what I knew about quantum cryptography. I remember muttering something about qubits. "Good," she said. "This Phys.org article discusses a problem that has been fixed, I'd like you to write about it?"
"Sure, I'll get right on it.
I didn't even know quantum cryptography was broken. And, they already have a fix.
The article didn't go into detail as to what's broken, but mentioned that Dr. Hoi-Kwong Lo (at right) and Dr. Vadim Makarov (pictured below) had independently developed ways to compromise quantum encryption systems. That's where I'll start.
I contacted both gentlemen, asking for help. Their enthusiasm caught me off-guard, as did the ten papers they sent on quantum cryptography weaknesses and how to fix them.
I didn't get very far reading the papers. "This is complicated stuff," I thought, "I better start at the beginning." I asked Dr. Makarov if he had anything that would bring me up to speed.
He suggested: Chapter 5. Quantum Cryptography from the book Multidisciplinary Introduction to Information Security. It turned out to be just what I needed. Dr. Makarov also offered the following advice: "Reading original-research articles on quantum cryptography can indeed be hard. I hope you don't want to become a scientist on this topic."
Who says quantum cryptographers don't have a sense of humor?
Why quantum cryptography?
My first question is: "Why quantum cryptography?" Why is it better than what we currently have? Dr Makarov had this to say:
Quantum cryptography is the only known method for transmitting a secret key over distance that is secure in principle and based on the laws of physics. Current methods for communicating secret keys are all based on unproven mathematical assumptions.Dr. Makarov is referring to Quantum Key Distribution (QKD) -- the subset of quantum cryptography developed to transfer symmetric encryption keys between two locations:
These same methods also are at risk of becoming cracked in the future, compromising today's encrypted transmissions retroactively. This matters very much if you care about long-term security.
Quantum Key Distribution uses quantum mechanics to guarantee secure communication. It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages.
QKD and qubits
Remember my mentioning qubits while talking to my editor? Well, qubits are why QKD works:
In quantum computing, a qubit or quantum bit is a unit of quantum information -- the quantum analogue of the classical bit. Unlike a classical bit which can take only the value of either 0 or 1, the state of a qubit can be in a ‘superposition' of 0 and 1 simultaneously.
It's those quantum properties we are going to look at next.
Digital systems use the familiar binary states: One/Zero, Yes/No, or On/Off. I'm afraid that's not the case with quantum mechanics, "maybe one or the other" or "both" is more the norm. To help explain, consider a qubit to be a single photon and watch how it can be manipulated in the diagram below (courtesy of Chapter Five).
(a): A single photon is emitted from a light source and passes through a linear polarizer, in this case -- horizontal. That process creates a qubit with horizontal polarization.
(b): When the horizontally-polarized photon passes through a horizontally/vertically-oriented polarizing beamsplitter, it always retains its horizontal polarization.
(c): If that horizontally-polarized photon passes through a diagonally-oriented polarizing beamsplitter:
- There is a 50% probability of finding the photon at one of the exits.
- The photon will only be detected at one of the exits.
- The polarization of the photon will have changed to the corresponding diagonal polarization.
I don't know about you, but I was expecting the photon to be blocked at step (c), not pass through and change polarization. Another interesting thing to note -- polarized photons are able to convey digital information. The next diagram shows how it's done (courtesy of Chapter Five).
You may have heard the term BB84 Protocol and wondered how it worked. Here's how:
- Alice uses a light source to create a photon.
- The photon is sent through a polarizer and randomly given one of four possible polarization and bit designations -- Vertical (One bit), Horizontal (Zero bit), 45 degree right (One bit), or 45 degree left (Zero bit).
- The photon travels to Bob's location.
- Bob has two beamsplitters -- a diagonal and vertical/horizontal - and two photon detectors.
- Bob randomly chooses one of the two beamsplitters and checks the photon detectors.
- The process is repeated until the entire key has been transmitted to Bob.
- Bob then tells Alice in sequence which beamsplitter he used.
- Alice compares this information with the sequence of polarizers she used to send the key.
- Alice tells Bob where in the sequence of sent photons he used the right beamsplitter.
- Now both Alice and Bob have a sequence of bits (sifted key) they both know.
All in all, a pretty cool way of securely transferring an encryption key between two different locations.
I debated whether to include this primer or not. I quickly realized I needed it, especially when you the TR members start asking those tough questions. Now, that we understand how it is supposed to work, we will see how it can be broken -- and fixed.
Hopefully, I can get Dr. Lo and Dr. Makarov to tell me about their secret attacks. We'll also look at the Heisenberg Uncertainty Principle and how it allows Alice and Bob to know if an eavesdropper (Eve) has deployed a Man in the Middle attack, hoping to steal their encryption key.