Hacking Quantum Cryptography is Pointless

Hacking Quantum Cryptography is Pointless

For the first time, an international team has successfully implemented advanced quantum cryptography. Furthermore, encryption is independent of the quantum device used, making it even more resistant to hacking attempts.

The Internet is rife with highly sensitive data. In general, sophisticated encryption techniques ensure that such content cannot be intercepted and read. However, high-performance quantum computers could crack these keys in a matter of seconds in the future. It is therefore fortunate that quantum mechanical techniques enable not only new, much faster algorithms, but also extremely effective cryptography.

As the jargon goes, quantum key distribution (QKD) is secure against attacks on the communication channel but not against attacks or manipulations of the devices themselves. As a result, the devices could output a key that the manufacturer had previously saved and could have forwarded to a hacker. It’s a different story with device-independent QKD (abbreviated DIQKD). The cryptographic protocol is unaffected by the device. This method has been theoretically known since the 1990s, but it has only recently been experimentally realized by an international research team led by LMU physicist Harald Weinfurter and Charles Lim from the National University of Singapore (NUS).

By introducing the additional setting for key generation, it becomes more difficult to intercept information, and therefore the protocol can tolerate more noise and generate secret keys even for lower-quality entangled states.

Charles Lim

There are several methods for exchanging quantum mechanical keys. The transmitter sends light signals to the receiver, or entangled quantum systems are used. The physicists used two quantum mechanically entangled rubidium atoms in two laboratories 400 meters apart on the LMU campus in the current experiment. The two locations are linked by a 700-meter-long fiber optic cable that runs beneath Geschwister Scholl Square in front of the main building.

To create an entanglement, the scientists first excite each atom with a laser pulse. Following this, the atoms spontaneously return to their ground state, each emitting a photon. The spin of the atom is entangled with the polarization of its emitted photon due to the conservation of angular momentum. The two light particles travel along the fiber optic cable to a receiver station, where a joint measurement of the photons reveals atomic quantum memory entanglement.

To exchange a key, Alice und Bob – as the two parties are usually dubbed by cryptographers — measure the quantum states of their respective atom. In each case, this is done randomly in two or four directions. If the directions correspond, the measurement results are identical on account of entanglement and can be used to generate a secret key. With the other measurement results, a so-called Bell inequality can be evaluated.

Quantum cryptography: Hacking is futile

Physicist John Stewart Bell originally developed these inequalities to test whether nature can be described with hidden variables. “It turned out that it cannot,” says Weinfurter. In DIQKD, the test is used “specifically to ensure that there are no manipulations at the devices — that is to say, for example, that hidden measurement results have not been saved in the devices beforehand,” explains Weinfurter.

In contrast to earlier approaches, the implemented protocol, which was developed by researchers at NUS, uses two measurement settings for key generation instead of one: “By introducing the additional setting for key generation, it becomes more difficult to intercept information, and therefore the protocol can tolerate more noise and generate secret keys even for lower-quality entangled states,” says Charles Lim.

With conventional QKD methods, by contrast, security is guaranteed only when the quantum devices used have been characterized sufficiently well. “And so, users of such protocols have to rely on the specifications furnished by the QKD providers and trust that the device will not switch into another operating mode during the key distribution,” explains Tim van Leent, one of the four lead authors of the paper alongside Wei Zhang and Kai Redeker. It has been known for at least a decade that older QKD devices could easily be hacked from outside, continues van Leent.

“With our method, we can now generate secret keys with unidentified and potentially untrustworthy devices,” Weinfurter explains. In fact, he was initially skeptical that the experiment would succeed. But, as he happily admits, his team disproved his concerns and significantly improved the experiment’s quality. Along with the LMU-NUS collaboration project, another research group from the University of Oxford demonstrated device-independent key distribution. The researchers used a system comprised of two entangled ions in the same laboratory to accomplish this. “These two projects lay the groundwork for future quantum networks, in which absolutely secure communication between far-flung locations is possible,” says Charles Lim.

One of the next objectives is to expand the system to include multiple entangled atom pairs. “This would allow many more entanglement states to be generated, increasing data rate and, ultimately, key security,” van Leent explains. Furthermore, the researchers would like to broaden the range. It was limited in the current setup by the loss of approximately half of the photons in the fiber between the laboratories. In other experiments, the researchers were successful in transforming photon wavelengths into a low-loss region suitable for telecommunications. They were able to increase the range of the quantum network connection to 33 kilometers with just a little extra noise.