Since the turn of the millennium, the human race has experienced perhaps its greatest period of technological advancement. Year upon year, our technology becomes smaller, faster and more powerful, leading to ingenious innovation. This pushes scientists and engineers at the forefront of their fields to maintain their arduous efforts to feed a cumbersome fetish for improvement. Despite the boisterous claims of so many companies, we find that the one thing we just cannot seem to get right is online security; the ability to protect our most sensitive information. The internet is cluttered with pop-up ads for security software, designed to prey on those who worry about their online privacy, offering greater security at lower prices. So why is it that our greatest efforts are still undermined almost constantly by computer hackers working from the comfort of their living rooms?
When Edward Snowden first broke the news that the NSA had been collecting vast amounts of data they had no business having, a sudden bout of unease spread across the internet. Is the privacy we take for granted merely a comfort which we can enjoy only as long as the powerful allow it? And if one of the most powerful nations on Earth had been collecting this data, how could one man simply side step their security to leak this information? With Snowden fuelling debate on the balance between national security and information privacy, an overlooked issue must be confronted; our online security just isn’t secure enough.
Within our standard online security, there’s a plethora of techniques employed to keep our information protected: password protection, firewalls, and message authentication to name a few. But perhaps most crucially we have encryption, the process of converting our data into a secret code, only accessible by either password or a secret key. This keeps access from external sources to a minimum however, as with all security, it is fallible. 1
Keylogging is the simplest hacking method, whereby a hacker embeds a keylogger into your system which can track and record your generation or use of cryptographic keys, negating your best defence. 2 If you are using your normal computer then this is definitely a problem, however the situation changes when we start dealing with quantum particles.
With more powerful computing methods becoming more widely available, security methods must be developed that are equally as powerful. Enter quantum cryptography, a far more powerful and almost impenetrable encryption method. Quantum cryptography and traditional cryptography differ entirely in their fundamental means of encoding the data. 3
Traditional methods invoke the use of complex mathematical algorithms in order the change the data into secret code, whereas quantum cryptography uses both photonic spin and polarisation. These ideas of ‘spin’ and ‘polarisation’ refer to properties belonging to a particle of light. To simplify, imagine a jigsaw with one piece missing. The piece can be rotated 360° but there is only one correct angle and side to which this piece can fit into the jigsaw in order to complete the picture. Similarly, a photon carrying information can be sent to a receiver but unless the receiver knows the spin, then the information will be incomplete. This example of quantum cryptography is known as quantum key distribution (QKD). The major advantage of QKD is that any eavesdropping by a third party will be noticed. By eavesdropping on the information, the particle must in some way be observed which produces detectable anomalies. 4
When a quantum system is measured the system is automatically altered, so in order for an eavesdropper to go unnoticed, he would have to send an identical particle to the receiver. This is easy enough when messages are encoded using just one of either ‘spin’ or ‘polarisation’, but once both are used, it becomes impossible as from the Heisenberg uncertainty principle. Both properties cannot be precisely measured simultaneously, meaning the more information we have on one property, the less we will have of the other. Thus it becomes noticeable to both parties instantly that their communication is not secure. There is a certain level of error which is associated with the practical uses of these channels which would result in the disruption of photons. However, once these errors are accounted for and the channel seems secure, then a certain amount of photons can be selected and used for the encryption key between the two parties.
The practical uses of this type of data encryption are endless. From the protection of our bank details to the most personal messages we send our loved one, we may finally have a method of achieving true privacy and perhaps in the future, this will be commonplace within our networks. Until then, we must remain vigilant and not allow our information to be taken from us so easily and without response. The truth that Edward Snowden brought to light about the actions of the NSA echo the sentiments of Benjamin Franklin, “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety”.
This article was specialist edited by Derek Connor and copy edited by Helen Kinch.