The Key to Quantum Security or a Quantum Shift in Securing Data

It is a security bulwark that relies on factoring very large numbers to provide security assurance. That protective wall of numbers is going to crumble in the not-too-distant future. The battering ram: quantum technology.

Quantum technology will increase the speed of performing calculations exponentially for certain tasks—doubling speed with every step in a process. (For example, the second step in a process will be executed twice as fast as the first, the third step would be four times as fast, and so on.) That will reduce execution time and memory requirements, and promises to crunch massive numbers and support new algorithms based on quantum principles.

Quantum computing is not yet a reality, but quantum key distribution (QKD), the most commercially viable technology in quantum communications, is a reality. QKD is a tool for distributing cryptographic keys between remotely distributed parties in a network. (Cryptographic keys are used to encrypt and decrypt confidential data.) That makes understanding QKD important to SAIC information security engineers.

According to SAIC's Joseph Russell, CISSP®, senior information systems engineer, QKD technologies shift the current paradigm on two planes: detecting attempts to intercept a key while it is being formed and effectively securing data over the long term.

Detection: The BB84 Protocol – Polarized Qubits and the Certainty of Uncertainty

Russell says, "The first shift is that QKD technologies use quantum principles, rather than conventional means, for distributing keys between devices." The principles of quantum mechanics (a branch of physics that describes matter and energy on the atomic and subatomic level) guarantee that the users can detect any disturbance in the transmission of quantum data.

The BB84 protocol is a set of rules based on quantum mechanics for securely exchanging information between devices. Quantum information scientists Charles Bennett and Gilles Brassard developed the BB84 protocol in the 1980s. Russell explains, "A property of light and a well-established principle of quantum mechanics are exploited to achieve security against eavesdropping with the BB84 protocol: photon polarization and the Heisenberg uncertainty principle."

The German physicist Werner Heisenberg won the Nobel Prize in physics in 1932 for discovering the uncertainty principle. The principle says that it is impossible to specify the exact position of an atomic particle and, at the same time, exactly specify the particle's momentum (the mass of the particle multiplied by its velocity). The uncertainty principle also applies to photon polarization. For the BB84 protocol, Russell says, "This means that you can't measure or observe a single photon without changing or destroying it." And that means you can detect attempts to compromise the transmission of photons being used to form a security key.

How QKD Works

BB84 protocol requirements:

• A quantum channel — Earth's atmosphere or space or fiber-optic cable

• A data channel — any media used in communications systems

• A send station with a single-photon generator

• A receive station with a detector capable of reading a single photon

• A set of four polarizing filters for each station — the filters must be capable of polarizing individual photons. It is possible to encode "qubits," or bits of quantum information, into polarized photons. Two of the filters pass photons with vertical or horizontal polarization (the "rectilinear" method of encoding qubits). The other two filters are calibrated at plus or minus 45 degrees off the horizontal and vertical planes (the "diagonal" method of encoding qubits).

"To avoid compromising the QKD process during startup," Russell advises, "a strong authentication protocol should be in place between the two stations, because key generation is initiated on the unsecured channel. The authentication protocol should not be necessary again after the system has been successfully deployed."

Either station can initiate generating a key. When the send and receive stations are in sync, the sending station begins sending single qubits down the quantum channel at a pre-determined rate.

"The sending station randomly selects and records a rectilinear or diagonal filter for each qubit," says Russell. "The receive station also randomly selects the filters for each qubit. The qubit passes through the receive station's filters and on to the detector. The receive station records the selected filters and the value associated with all the qubits that reach its detector."

Continuously Growing Key Material

At the end of the process (or after a sizable bit of raw key material has been sent across the quantum channel), both stations use the open data channel to sift a secret key from the raw key material sent. Each station shares whether the filter used was rectilinear or diagonal, but the specific setting of the filter is not shared.

To make sure the sender and receiver end up with the same material, the only qubits saved and used as raw key material are those that both registered at the receiver and used the same type of filter.

"This process results in continuously growing raw key material at both stations that is completely random," Russell explains. "One of the promising characteristics of a QKD system is its ability to continuously 'grow' the encryption key."

As key material is further refined to account for quantum channel imperfections, it eventually renders exact replicas of key material at both stations.

"Once the channel loss has been determined and the QKD process started, statistical calculations are continuously run against the growing key material," says Russell. "If any change is introduced to the quantum channel, such as someone trying to tap the channel and read the qubits, the statistical calculations are not what they would expect and that will alert the two sides that the channel has been compromised."

Long-Term Security: Combining QKD and One-Time Pad

To keep data as secure as possible, the QKD-generated key can only be used once. According to SAIC's Mark Wilde, quantum information scientist, "If the parties use the same key more than once, then an eavesdropper can gain information about the key from correlations in the data. If the key is used only once, it is impossible for the eavesdropper to do better than to guess randomly to determine the message. The probability of guessing the data becomes exponentially small as the size of the data increases."

According to Russell, a combination of QKD and a means of encryption, known as the one-time pad (OTP), make it feasible to use the key only once and make data secure for the long term.

The one-time-pad reference harkens back to the practice decades ago of providing keys on paper or other flammable material in a pad. The sender would encode the message using a unique, one-time page from the pad and then destroy the page. The message would include information directing the recipient to the correct one-time page in an identical pad, which would be used to decrypt the message and then also be destroyed. The principle remains the same.

OTP employs an encryption algorithm that uses new key material for each bit that is encrypted. It also makes the key stream exactly the same length as the data stream.

A QKD-enabled OTP encryption system makes possible the second shift in the security paradigm. Russell says, "The second shift is derived from the fact that encrypted data [using QKD-enabled OTP] cannot be intercepted today and decrypted at a later date when the computing power exists to crack the code. Using a QKD-enabled OTP encryption system guarantees that a brute force attack on intercepted data will be unsuccessful, no matter how much time and processing power is available to the crypto-analyst. The combination of OTP and QKD provides assurance that, once encrypted, information will never be discovered by attacks on the encryption."

Keeping the Encryption Secure Over Time

QKD can be of use to industries and communities of interest that not only need a high level of information assurance, but also need to keep data secret over a long period of time. For long-term security, a QKD system must also be able to support an OTP algorithm.

QKD Applications

Today's commercially available QKD systems can be used in local and metropolitan area networks and adapted to larger areas. However, the technology is still in its infancy.

Considering QKD's promise for vital military applications, Russell says, "More research and development needs to be conducted to overcome the security assurances required for military applications. However, the potential to solve some of the military's most crucial problems in information security may be found in QKD."