The Race Between Quantum Computing and Security
In a video post, Black Hat Briefings, which holds a series of highly technical information security conferences, sums up the quantum computing problem rather succinctly: “Imagine a day when all communications are at risk of eavesdropping via Quantum Computers – a day when only new systems that exploit the weirdness of quantum mechanics can ensure privacy.”
That day is on its way, and it looks as if it’s getting closer faster than we anticipated it would.
Recent security breaches, as well as warnings from the National Institute of Standards and Technology (NIST) that our current cryptographic systems will be no match to quantum computers in around 20 years have prompted a worldwide movement to upgrade cryptography systems.
But have no fear, security heroes are on it.
Quantum Key Distribution
Quantum Key Distribution (QKD) was a protocol proposed by Charles Bennett and Gilles Brassard in 1984 in a pursuit “to establish a security guarantee that holds against unlimited computational power, both classical and quantum mechanical,” Dominic Mayers, from the NEC Research Institute in Princeton, notes in his paper summarizing security and quantum computing.
Evaluating the security of any protocol for QKD takes months, even when some of the world’s leading scientists are on it. Undergraduate students at the Institute for Quantum Computing at the University of Waterloo, however, developed new software that allows the enforcement of QKD within a matter of seconds, further solidifying the developing field as the imminent future of data security.
Before an exchange of information happens, all parties involved must exchange a security key in the form of quantum states of light particles, known as photons.
Cloud Security Alliance describes how QKD is impossible to breach undetected: “The act of measuring a quantum system disturbs the system. Thus, an eavesdropper trying to intercept a quantum exchange will inevitably leave detectable traces. The legitimate exchanging parties can decide either to discard the corrupted information, or reduce the information available to the eavesdropper to nought by distilling a shorter key.”