Quantum Crypto is coming of age

China accomplished a technological milestone with the launch of a quantum cryptographic satellite network last August that would enable it to teleport digital data from the earth to geo-stationary satellites in orbit. This ensures secure transmission of digital data from satellites through quantum encryption keys to a ground station at Xinglong, near Beijing.

Quantum Cryptography (QC) has multiple applications, from electronic voting machines (EVMs) and mobile calls, messaging and video chats to mobile banking. For instance, it will make online shopping truly secure. A third party or an intermediary automatically generates public-private key for merchants and shoppers, which can be hacked by cyber-criminals to steal payment information.

A quantum computer is a theoretical concept right now and will utilise atoms and molecules to perform computing at very high speeds. It will use photons to generate a cryptographic key and transmit it to a receiver through a suitable communication channel. A cryptographic key plays the most important role in cryptography; it is used to encrypt/decrypt data and will eliminate the need for public key encryption, which is based on algorithms.

Today, most keys used for public key cryptography (PKC) are at least 128-bit long, which are considered to be very strong. However, a cyber-criminal can easily obtain the public key because the user shares it with the servers. This makes public keys vulnerable to hackers. Therefore, to ensure against such a possibility, the concept of a private key which is not in the public domain has to be developed.

To develop a private key to substitute that public key involves massive calculations with permutations and combinations. At present, a supercomputer is necessary to crack public key cryptography and many years to complete it. But when quantum computers become available, the task can be done with ease.

Today, the challenge that confronts cryptography -- the science of protecting data -- has to do with the rapidly changing pace of technology. Moore's Law, which stated that compute power would double every 18 months has held for over five decades and, with the advent of super computers, is expected to peak over the next five years. However, the new era that quantum computing, which has exponentially more power than today's fastest supercomputers, will herald will trigger a new wave of innovation across industries. As of now, the Intel i9 processor integrated circuit equals billions of transistors. In the coming decade, quantum computers will revolutionise computing in terms of power and speed.

Quantum computers are different from the digital computing that drives today's data centres, cloud environments, PCs and other devices. Digital computation requires data to be encoded into binary digits (bits), each of which is always in one of two definite states (0 or 1). However, quantum computation uses quantum bits (qubits), which can be in multiple states simultaneously. As a result, operations on qubits can amount to a large number of calculations in parallel. Atoms, photons or electrons can all act as qubits.

In EVMs, QC will eliminate "man-in-the-middle" attacks and ensure fool-proof online voting booths. In mobile banking, hackers will have a hard time impersonating their victim once QC encryption allows impenetrable banking between the customer and their bank.

Encryption technology has scope to be strengthened further because it suffers from problems like 'brute force' attacks, which involve a trial-and-error method used to get information such as pin numbers and passwords. Hackers use these attacks to decrypt data and are usually based on compute-power and the number of combinations tried, rather than an algorithm.

Another form of attack is 'cold boot' attack which is particularly designed to extract information when the content is stored on a disk in encrypted form as most encryption systems store the encryption key in the random access memory for quick use. These attacks can defeat disk encryption on many computers and smartphones with encrypted data.

Distributed Denial of Service attacks are a type of attack where multiple compromised systems, which are often infected with a trojan, are used to target a single system, which essentially shuts down a system or website. China is the top country in generating DDOS attacks.

Backdoors and privacy issues pertain to a government's "exceptional access" to encrypted communications which would compromise confidential data and critical infrastructure like power grids and banking systems. Yet, the British and US governments want access to encrypted data. In January 2014, former CIA contractor Edward Snowden provided documents that revealed that the US National Security Agency plans to build a quantum computer that could crack most types of encryption. QC secures transmission of digital data without scope for interception or alteration. This technology is in an embryonic stage and selectively implemented in high technology organisations, scientific research and a few reputed IT majors.

(The writer is a Bengaluru-based cybersecurity professional and ethical hacker)

Liked the story?

  • 0

  • 0

  • 0

  • 0

  • 0