The quantum cracking fest is upon us. Modern cryptography is essentially based on making direct attacks, without previously existing exploits, slow and hard. As well as integer factorization or other similarly difficult mathematical problems work as the basis of many public-key encryption methods, these are only a deterrent. With a large enough quantum computer, Shor’s algorithm and others will seriously reduce the effectiveness of widely used encryption techniques.
Quantum hacking is coming
Scientists and engineers have known for a long time that cryptography must be made quantum proof. The question, though, is how. Some public-key algorithms, like lattice-based or hash-based cryptography are thought to be quantum safe, but to this day a formal proof which supports this claim is to be found. Even RSA would be able to resist large quantum computer attacks, if a large enough key were used. This approach presents its own problems: using large keys makes the encryption and decryption processes much slower, and significantly increases the energy consumed during these operations. Hence, there there are practical limits to how large a key can be used. How keys are selected is another issue. These are randomly generated from imperfect pseudo-random number generators (PRNG). It would be difficult, but (very) patient analysis of these generators would lead to the ability of key prediction. On the other hand, even if you posses the perfect encryption mechanism, information would still be susceptible to human error and software exploits.
The ideal quantum-proof encryption algorithm would be fast and easy to implement, not require the exchange of keys and be immune to middle men and eavesdroppers. Additionally, countermeasures should be implemented to avoid intrinsic predictability in the method. As a response to the rise of quantum computing, and other issues affecting modern encryption, Quantum1Net has proposed and designed a solution which satisfies each of the above conditions. This simple, but effective system is based on the same science which creates many of the problems cryptography will face in the near future: quantum mechanics.
Nothing left to hack
They key component of Quantum1Net’s system is the Quantum Encryption Key Generator (QEKG). This is a simple quantum-optical device which is capable of producing continuous streams of random numbers from the detection of pairs of quantum entangled photons on either side of the system. The numbers are perfectly random: they are not calculated using a PRNG algorithm. Instead, they are obtained from photon arrival times at a set of different detectors. These are distributed with a certain underlying statistical distribution (which can be controlled), but are intrinsically random: it is impossible to predict when a detector will give the next read.
To avoid having to transmit encryption keys over the network, when communication is needed, the two involved parties instead exchange timestamps corresponding to photon detections. The corresponding keys are then calculated by each party, but never shared. Eavesdroppers intercepting the communication will only be able to pick up cyphertext, with no public key to even give a clue on how to decipher it. Even in the worst case scenario of a decryption key for a given communication is discovered afterwards, the system remains safe: the ease and speed with which the QEKG can generate is such that every communication is equipped with a unique, randomly selected key which is discarded after a single use. On top of this, the system is algorithm agnostic: any encryption rule can be implemented. The algorithm could even be changed, or varied among users.
Nothing for spies to hear
What if the timestamps are directly intercepted by an eavesdropper? The QEKG system has countermeasures for this situation as well. When the two involved parties wish to establish communication and generate the corresponding keys, they do so based on coincidences between their own set of photon detectors. The timestamps associated with detection coincidences are continuously streamed, and can only be read once. Therefore, intercepting them would cause a misalignment between the two communicating parties. Security mechanisms are hard-coded into the system to make this situation cause a direct canceling of communication. As if that was not enough, another countermeasure, based on fundamental physical results can be implemented. The same QEKG device can be used to create a BB84 quantum key distribution system, which would serve as the basis of an overlaying quantum network. In this case, photons, and not timestamps, would be transported over the network, and the system would be protected by the no-cloning theorem. Any intercept would again cause an error in key generation.
These few paragraphs may seem rushed. The truth is that in such a short piece justice cannot be paid to Quantum1Net’s QEKG system. They key point is that the system avoids exchange of keys, continuously generates new ones and uses truly random numbers to generate the keys. Quantum1Net leaves nothing for eavesdroppers to hear. It has no underlying algorithm associated with the random numbers, so it is impossible to predict future keys as there is nothing to calculate. In short, there is nothing to hack, so a hack is essentially impossible. Quantum1Net is, to the best of our knowledge, a safe encryption system for the post-quantum world.