&ball; Physics 15, 116
Three experiments demonstrate the key elements of a quantum cryptographic scheme that is predicted to be unhackable, bringing the promise of quantum encryption technologies closer to reality.
In the 1980s, physicists began to come up with quantum encryption methods that would scramble data to ensure its security. The methods exploit a particular quirk of quantum systems: the measurements of these systems intrinsically modify the properties of the systems. Specifically, the protocols involve serial measurements of quantum objects, the statistics of which should reveal any eavesdropping. However, researchers have struggled to build devices that work exactly as the protocols specify. Now three research groups, one based in Germany, one in the UK and one in China, have independently carried out proof-of-principle experiments of a quantum encryption method that can secure information even if the devices used do not not behave exactly as expected. [1–3]. The demonstrations are “a major breakthrough for cybersecurity,” says Charles Lim of the National University of Singapore, who participated in the Germany-based experiments.
The three experiments each demonstrate aspects of an encryption method known as device-independent quantum key distribution (DIQKD). In DIQKD, a device repeatedly generates pairs of entangled quantum particles. Two parties, Alice and Bob, each take one particle from each pair. Alice and Bob then create a “key” – a string of 1s and 0s that can encode and decode messages – in part by performing a series of measurements of a two-result property of their particles. If the particle is a photon, this property could be its polarization, which can be horizontal or vertical. For an atom, it can be the state of the atom (ground or excited). Since the result of a measurement on a particle is correlated with that of its entangled counterpart, Alice and Bob can generate a single shared key after post-processing.
While Alice and Bob make these measurements, they intermittently check the security of their channel using a test based on a quantum rule known as Bell’s Theorem. According to Bell’s theorem, if two particles are entangled, the measurements of these particles must exhibit specific statistical correlations. For the test, Alice and Bob use a subset of the measurements to generate the key. They then verify that the measurements follow the prescribed statistics. If there is a mismatch, Alice and Bob know that their particles are no longer entangled, indicating that they can no longer guarantee channel security. They then reject their measures and restart the process.
Researchers have mathematically proven the safety of DIQKD. No such evidence exists for standard classical encryption methods, which rely on the computational difficulty of factoring large numbers. The researchers predict that future quantum computers will be able to quickly factor these numbers, rendering the current classical cipher obsolete. On the other hand, DIQKD provides security “against an adversary with arbitrary processing power or even a quantum computer”, explains Jean-Daniel Bancal of the National Center for Scientific Research (CNRS).
For the DIQKD methods used in the new experiments, Alice and Bob don’t need any information about the device that generated their particles, which means the researchers “don’t need to model [their] devices,” says Antonio Acín of the Institute of Photonic Sciences in Spain, who was not involved in any of the experiments. “You can treat them like black boxes.” Thus, the methods circumvent vulnerabilities in other quantum encryption protocols, some of which have been implemented in commercially available technologies, such as that available from the Swiss company ID Quantique. In 2007, the Swiss government used Quantum ID’s encryption devices to secure votes in their national elections. But in 2010, two teams of researchers managed to hack the Quantum ID device using discrepancies between its operation and its theoretical description. One team, for example, intercepted an encryption key without Alice or Bob noticing by exploiting a time lag in the machine’s production of successive photons, which, in theory, requires them to be products without delay.
“A real device is different from a mathematical model,” says Qiang Zhang of the University of Science and Technology of China, a member of the China-based team. “Without full knowledge of this difference, it can leave a back door open to attack.”
Although all three experiments used similar DIQKD methods, they have notable differences. China-based experiments used entangled photons; those from the UK, entangled strontium ions; and the Germans, entangled rubidium atoms. “Each has its own advantage,” says Zhang. When using atoms and ions, for example, researchers can track the two particles in an entangled pair, he says. They have no way of tracking two entangled photons. When a photon of a pair is lost, it raises further experimental safety requirements, which Zhang’s team was able to address. However, photons are used in many existing communication technologies, for example, potentially making it easier and faster to implement quantum techniques with photons, Zhang says.
Only the UK-based experiment completed a full DIQKD protocol, generating a 95,000-bit encryption key in approximately 8 hours. The Germany-based experiment produced a few thousand bits over two days, enough for a small fraction of a key, but did not complete the key due to time constraints. The China-based experiment also failed to generate a full key because their detector could not track enough entangled photon pairs to do so. Once they improve their detection efficiency, the team says their system should only take a few minutes to create a key.
In all experiments, Alice and Bob were within a kilometer of each other. In China they were 20-220m apart, in Germany 400m and in the UK only 2m. Because of these distance limitations, the demos don’t yet show that DIQKD can be a practical technology, Acín says. For this, the researchers will have to demonstrate the viability of the methods over kilometric distances. They also need methods to generate keys faster, Lim says.
Given these technical challenges, Zhang thinks commercial DIQKD encryption tools are unlikely anytime soon. But he still thinks the new protests have value. “This [seems like] a ridiculous thing,” he said. But these experiments show that “you can use a device you don’t trust and you can still generate a secure key.”
Sophia Chen is a freelance science writer based in Columbus, Ohio.
- WZ Liu et al.“Towards a photonic demonstration of device-independent quantum key distribution,” Phys. Rev. Lett. 129050502 (2022).
- DP Nadlinger et al.“Experimental Quantum Key Distribution Certified by Bell’s Theorem,” Nature 607682 (2022).
- W.Zhang et al.“A device-independent quantum key distribution system for remote users,” Nature 607687 (2022).