keys

Quantum ‘keys’ keep secrets safe from code breakers

Just outside Washington, DC, a heavily armored truck, protected by armed guards, rumbles toward the Pentagon. Its cargo is critical to keeping the most sensitive government communications secret. But it’s not what you might expect. That precious cargo is nothing but numbers.

Though the details are a government secret, according to Alexander Sergienko, a Boston University College of Engineering professor of electrical and computer engineering, trucks like this are one likely way that the United States government might transport the numbers that are at the heart of the only unbreakable encryption technique in the world: the one-time pad.

The one-time pad is a string of random numbers, also called a key, which a sender uses to encrypt her message.

How to transport the key

But the one-time pad has one big weakness: the random numbers that are the key to coding and decoding it have to be physically transported from one place to another. Sending them over the internet, encrypted by traditional security measures, would be like locking the keys to Fort Knox inside a child’s piggy bank. If the numbers are intercepted, the code is worthless.

Alexander Sergienko
Alexander Sergienko (Credit: Cydney Scott)

Sergienko is confident that secure quantum key distribution networks are live today somewhere in the United States.

So, how can you get random numbers from place to place with absolute security? The answer isn’t more armed guards and armored trucks, says Sergienko, who also has an appointment as a professor of physics. It’s quantum mechanics, the bizarre set of rules that governs the subatomic world, where the everyday norms we take for granted—that an object should have a well-defined location and speed, for instance, and that it can only be in one place at a time—go out the window.

The one-time pad encryption method dates back to before World War II, and was used to secure diplomatic communiqués and wartime dispatches. The sender encrypts her message by taking each letter, or bit, of the original message and combining it mathematically with successive random numbers from the key, transforming it into a sequence of totally random numbers. (The longer the message, the longer the key must be: a message that’s 100 letters long requires a key of at least 100 digits.)

The encrypted message is now absolutely secure: the sender can broadcast it over a radio or even scream it from the rooftops, if she wants. Only someone with an identical copy of the key can crack the code, by subtracting a matching set of numbers from the broadcast to unlock it.

But the key is unbreakable only if it is used just once; if used a second time, code breakers can begin to reverse-engineer the random-number list. With every additional use, the code gets weaker and weaker, so the bank of random numbers must be constantly refilled to keep secure government communication going. That means more numbers, more armored trucks—and more effort and expense.

Quantum keys: How they work

Sergienko is one of a group of physicists and computer scientists working to solve this problem with an encryption technique called secure quantum key distribution. They are harnessing cutting-edge technology to implement basic protocols that are some 30 years old. Quantum key distribution exploits the strange laws of quantum mechanics to create a truly random key that is totally secure from eavesdroppers.

Here’s how it works. Each “bit” of the key is encoded in the polarization of a single photon—essentially, the direction in which the light particle is “waving.” It can be up, down, or anything in between. In this case, though, each photon is prepared set in only one of two “bases”—horizontal/vertical, where horizontal might represent a one and vertical a zero; or tilted at an angle, with 45 degrees up representing one and 45 degrees down representing zero.

Sergienko maps out how it works using three characters well known to physics students: Alice, who’s sending the message; Bob, who is receiving it; and Eve, an eavesdropper out to covertly intercept it. To read out the state of each incoming photon, Bob has to pick the correct base. Alice can’t tell him the bases in advance, so he guesses randomly. Later, Alice reports the bases she used for each photon, and Bob throws away the readings for which he picked the wrong base. The result: Bob and Alice end up with identical, random strings of ones and zeros that they can use as a fresh key for their future communications.

If eavesdropper Eve tries to intercept photons traveling from Alice to Bob, Bob will notice a shortage of incoming photons. Eve could attempt to hide the theft by copying the polarization of each stolen photon and sending it on to Bob, but the laws of quantum mechanics, which make it impossible to perfectly “clone” the quantum state of a photon, get in her way, so she is bound to make mistakes that betray her presence. So, not only do Alice and Bob have truly random keys in hand, they also have the ultimate security against eavesdroppers: the laws of physics.

Written on eggshells

That’s the easy part, from Sergienko’s point of view. The hard part: making this technique work over practical distances.

That’s because, to retain the quantum properties that make them so useful for secure communication, photons have to be kept isolated from all external disturbances. Another challenge: the same “no-cloning” law that thwarted Eve prohibits the use of any amplifiers, standard in traditional telecommunications, on the optical lines that transmit the photons. “One single photon has to travel from point A to point B,” says Sergienko. It’s as if the code were written on eggshells. How can you send millions or billions of those eggshells, far and fast?

“It’s a dilemma,” says Sergienko. “The quantum realm gives you more opportunities, but to make these opportunities work for people, you have to solve the problem of how the quantum state will survive in the classical environment,” the messy reality in which it’s nearly impossible to avoid interacting with other fields and particles.

Today’s “best of the best” technology can create a few million quantum states per second, says Sergienko. But the farther you try to send them, the more of them will “crack” like broken eggshells—that is, get absorbed into the line and disappear—before they reach their destination.

Distance and speed

So while some physicists are chasing distance records, dispatching quantum states across hundreds of kilometers, Sergienko is more interested in finding the optimal balance between transmission distance and the rate at which new states can be created.

Today, data rates of about 100 kHz are possible within a modest city-sized network. Not exactly telecom speed—typical home broadband connections run 10 or 100 times faster—but good enough to transmit the bits of a robust key that guarantees the highest level of secure communication.

In 2003 and 2004, Sergienko and Gregg Jaeger, an associate professor of natural sciences and mathematics in Boston University’s College of General Studies, led a team that partnered with researchers at Harvard University and BBN Technologies (now a part of Raytheon) to build just such a system. With support from the Defense Advanced Research Projects Agency (DARPA), the military’s advanced research arm, they used standard commercial fiber optic cables in the ground to send photons between three sites in the greater Boston area: one at Boston Univeristy, one at Harvard, and a third at BBN’s headquarters, near Fresh Pond in Cambridge.

The system spanned about 18 miles end-to-end.

“We showed that this secure communication can be established between three nodes through the metropolitan fiber, and can go 24/7,” says Sergienko. Even though the data rate was not high—just about 1,000 bits per second, slower than a dial-up modem—over time, each site would build up a long enough key to enable secure communication on demand. The system ran for three years, and was followed several years later by similar, independent demonstration networks in Europe, Japan, and China.

What happened next? That’s a government secret. But Sergienko is confident that secure quantum key distribution networks are live today somewhere in the United States. The likeliest spots: Washington, DC, where such a network could enable secure communication between government agencies, eliminating the need for all those trucks; and Wall Street, where it would guarantee absolute privacy for transactions between financial institutions.

Today, Sergienko is trying to narrow the gap between quantum and classical data rates. With fiber quality nearly as good as it can get, and the rate at which new quantum states can be created almost maxed out, Sergienko and his colleagues around the world are taking a new tack: encoding more bits of information in a single photon. While photon polarization can only represent zero or one, a different property of photons, called orbital angular momentum, can encode at least 10 different distinguishable states, and possibly more. Instead of simple binary bits, cryptographers would have a whole mini alphabet to work with.

As for those armored trucks? Though they might still be standard for transporting secret keys to remote locations, Sergienko wouldn’t be surprised if they are no longer pulling up to the Pentagon. But the secrets of the unbreakable code are still just that: secret.

Source: Boston University