Cybersecurity is one of the most growing domains in IT industry. Ensuring data security and safeguarding data privacy is the need of the hour. To speed boost the protection of data from the super powerful computers of the future, a team of researchers from Duke and Ohio State universities and the Oak Ridge National Laboratory have devised a method for scrambling data to guard it against prying eyes, popularly referred to as quantum key distribution.
The problem with the past technology is its slowness as transfer speeds typically are measured in kilobits per second. However, the researchers found a way to increase key transmission rates between five and 10 times, bringing them into the megabit per second range.”Quantum Key Distribution “, as titled, will be promulgating the counter mechanism to future threats to encrypted data.
As stated by Kevin Curran, a senior member of the IEEE and a professor of cyber security at Ulster University in Northern Ireland, "One powerful aspect of quantum encryption is that it is secure against quantum computers. Its strength does not depend on mathematical complexity, like current cryptography, but on physical principles”. As per the researchers, Quantum computers pose a serious threat to exploit cybersecurity as they lead to the breakdown of in vogue cryptosystems in a reasonable time frame and quantum key distribution with symmetric encryption is one of the very few methods that can provide provable security against an attack aided with a quantum computer, they maintained.
How Does It Work?
THE QKD MECHANISM
The security of QKD is inherent in the fundamental characteristic of quantum mechanics i.e., the act of measuring a quantum system disturbs the system. Thus, an eavesdropper trying to intercept a quantum exchange will inevitably leave detectable traces. The legitimate exchanging parties can decide either to discard the corrupted information or reduce the information available to the eavesdropper to nil by distilling a shorter key.
Components that make up a QKD Implementation are as follows:-
- A fiber or free-space quantum channel to send quantum states of light between the transmitter and receiver. This channel need not be secured.
- A public but authenticated communication link between the two parties to perform post-processing steps and distill a correct and secret key.
- A key exchange protocol to exploit quantum properties to ensure security by detecting eavesdropping or errors, and by calculating the amount of information that has been intercepted or lost.
Both errors and potential information leakage are removed during subsequent error correction and privacy amplification post-processing steps, leaving receiver and transmitter with a shared key known only to them.
Variants of Quantum Key Distribution
A variety of protocols have emerged and demonstrated the concept of QKD in the real world.
The first approach, Discrete Variable QKD encodes quantum information in discrete variables and uses single-photon detectors to measure the received quantum states. Examples are the BB84 protocol and the E91 protocol.
The second approach, continuous-variable QKD (CV-QKD), wherein the quantum information is encoded onto the amplitude and phase quadrature of a coherent laser, and can then be measured by the receiver using homodyne detectors. Example protocols include Silberhorn (2002) and Grangier (2003).
Both of these approaches have been proven to be information-theoretically secure even in the presence of an attacker or eavesdropper.
Future Scope of QKD
Since practical protocols emerged starting in the 1980’s and 1990’s, QKD has evolved into a thriving experimental field and is rapidly becoming a solid commercial proposition. Multiple QKD networks have been implemented around the globe, and more are in progress. The technology has been steadily improving, expanding the distances and information rates achieved. Recent COW (Coherent One Way) deployments have exceeded 300 km. The Quantum-Safe Security Working Group (QSSWG) was formed within the Cloud Security Alliance to help promote the adoption of technologies that will protect data even after quantum computing becomes readily available. QKD is one of the technologies recommended by the QSSWG to protect and future-proof data against developments in computer power, new attack strategies, weak random number generators, and the emergence of quantum computers.
Authored By - Tanu Mishra and Maaz Arif
TCS Cyber Security Practice