Enabling unbreakable security – qubits meet q bits, in secret

6 Aug 2019 |
Share on:

KETS, a Kx Ventures company, enables unbreakable security using quantum technologies

by PJ O’Kane

What destroys is seldom what creates, but that’s what quantum technology does in relation to Internet security. On the one hand it completely undermines the techniques we rely on today for confidential communication, but in return it gives us unbreakable security. It’s not a bad swap.

The cryptographic approaches that underpin Internet security today hail from the 1970s. They are based largely on traditional number theory and problems like factoring large numbers into their prime components that are hard to solve, but quick to verify. As an example, if you were asked to factorise 901 it might take a little while, but if asked to verify it is 53 x 17, it could be done quite quickly.

But when big numbers, really big numbers, are used along with a bit of modulo or “clock” arithmetic, the gulf gets even bigger and, as there is no known technique to speed it up, hackers trying to crack encryption codes that are based on them must resort to what are called “brute force” attacks – i.e. trying every possible combination to get the right one. It’s crude but it works. Moreover, as computing power increases the time to successfully complete such attacks reduces. The traditional response has been to increase key length, as each added bit doubles the difficulty and keeps the faster technology at bay. But that doesn’t work against quantum computing.

The reason it doesn’t work is that quantum computers can try all possible combinations simultaneously. That may sound like parallel processing but it’s subtly different. Unlike classical computers which base their processing on “bits” that are either 1 or 0 at any time, quantum computing is based on “qubits” that can be both simultaneously – thereby enabling calculations to be performed simultaneously. It’s a mind-bender but a loose analogy may help. Imagine a maze with 100s of paths. Normal, i.e. serial, processing would try each path in turn to identify the right one, parallel processing would try a number simultaneously, but quantum would try them all simultaneously and thereby determine the right one almost instantly (think of it as emptying a bucket of water in the centre and seeing it flow immediately across every possible path). It’s based on a principle called “superposition” that gives us crazy scenarios like Schrodinger’s Cat in which a poor animal is simultaneously dead and alive while waiting for a specific event to happen. Teenagers sometimes display similar behavior at weekends.

Not every problem is amenable to parallel processing, let alone quantum processing, but those that are include the public key algorithms which we use to derive the private key from the public key stored on digital certificates used for encrypting data in transit and in-situ. As a result, the foundations of contemporary internet security like TLS/SSL and RSA-based encryption are being undermined by advances in quantum computing.

But intelligent use of quantum cryptography, combined with new post-quantum algorithms, provides an alternative to the public/private key mechanism. Specifically, quantum key distribution enables the transmission of a key between two parties in a manner that can detect if a third party has been eavesdropping, and if the communication has therefore been compromised. Similar to superposition, the security in quantum cryptography comes from a fundamental physical quantum mechanical law that prevents a third party from trying to measure a key distributed with quantum states without disturbing them – this is Heisenberg’s uncertainty principle at work as an eavesdropping detection mechanism in which mismatches in values transmitted between the two trusted parties may suggest the presence of an interloper.

In summary, where today’s approach makes it difficult for eavesdroppers to snoop on our communications, quantum will make it impossible (like understanding the theory that underpins it!). KETS, a Kx Ventures company using kdb+, provides quantum-based solutions for generating random numbers and distributing them securely as symmetric keys to enable unbreakable encryption. Read more about the fascinating world of quantum cryptography, why it is necessary and how KETS makes it achievable in CEO Chris Erven’s recent blog. 

 

SUGGESTED ARTICLES

Components of a Cyber Solution with Kx

12 Jun 2018 | , , ,

The Kx for Cyber platform is a unique combination of traditional SIEM and Security Orchestration, Automation/Analysis and Remediation (SOAR). This blog focuses on tools designed to aid and augment the security team throughout the typical cybersecurity workflow, including the extraction, transformation and loading of data as well as the analysis and visualization.