Eight characters, one capital letter, one non-letter, must not be your pet’s name unless your dog answers to X7&fqPv%. Even with a password like that, which would blow the little ‘password strength’ bar clear into the next screen, you can still get hacked. That’s why there’s so much excitement surrounding quantum key distribution (QKD), a process that involves two parties passing photons. Does it work? Is it safe? Is it legal in North Carolina?
Quantum key distribution has been around for awhile. It was first proposed in 1984 (coincidence?) by Charles Bennett and Gilles Brassard in an attempt “to establish a security guarantee that holds against unlimited computational power, both classical and quantum mechanical.” Under QDK, a secure link would be established only after the parties exchange photons.
The secret to this magical password lies in the law of quantum mechanics which states that a quantum object cannot be measured without causing a disruption. This means that once the secure QTM link is established, any type of eavesdropping would be easily and quickly detected and the breached data can be identified and removed. This is theoretically clean but mathematically difficult and in practice was impossible with the technology available in 1984. Technology has improved since 1984, but it still takes months to calculate if a quantum disturbance has occurred.
In May 2016, researchers at the Institute for Quantum Computing (IQC) at the University of Waterloo in Ontario, Canada, believe they’ve achieved QKD. To get around the mathematical challenge of calculating the allowed length of the final secret key and determining the observed disturbance for any protocol, they changed the mathematical key rate calculation to the dual optimization problem. The end result was that the length of time to perform the calculation was reduced from months to seconds.
A detailed explanation of the ‘dual optimization problem’ can be found in their paper in Nature Communications. Optimization is a technique for choosing from available solutions by reducing the number of parameters. It’s a mathematical ‘trick’ but researchers conducted three tests to prove it works. They tested their software against results for known protocols and they matched perfectly. Then they pitted it against protocols that had never been studied before and developed a way for users to input new protocols into their software.
Does this mean the photon password is ready for your smartphone? No, but it’s really close, says Norbert Lütkenhaus, a professor with IQC at the University of Waterloo.
The work by our group now frees us to explore protocols that are adapted to the technological capabilities.
The motto of good old UWaterloo is “Concordia cum veritate” or “ In harmony with truth.” That sounds like the perfect place to develop security software that uses photons to put two parties in harmony to protect the truth of their data. Go Warriors!