Could Smart City Become Deathtrap ?
With the idea of Smart City and IoT rapidly emerging, the highly autonomous and personalized smart services once only existed in science fictions could find their ways into your daily life much faster than you think.
Imagine your day in 2030: waking up by a household robot, the freshly prepared breakfast, and coffee is waiting for you. Then you hop on your self-driving car and get on an extremely busy but yet very fast and well-ordered highway. When you arrive at the workplace where the automated security system recognizes you and let you get in. After a day of work, you go to a nice restaurant for dinner, the chef is still human but the servers have been completely replaced by robots, you ordered a steak and after a while, the robot server serves your food to you along with a sharp knife…
The introduction of smart devices and robots could make your life much more convenient and help humans to focus on what really matters rather than the mundane tasks. However, the adoption of these devices inevitably opened up huge arrays of opportunities for malicious parties to attack. And the consequences for the victim, unfortunately, could be much more serious than ever before. A simple manipulation of direction or acceleration for the self-driving system can become life threatening on the highway; a move manipulation for the server robot can also be deadly. This is just individual scale, attacks can also target automated city water treatment plants and electric grid control system, it is not impossible for a large scale terrorist attack to happen this way.
In order to secure these systems from being manipulated by attackers, secure and robust software architectures is a necessity, safety rule can also be added to prevent the devices from harming people. However, much like software testing, one can only prove certain bugs do not exist in the system but cannot prove the system is bug-free. This is why it is essential for the communication channel to be kept secure so that it is nearly impossible for malicious parties to attempt to exploit the system without getting noticed.
Traditional communication security is based on public key cryptography, the public key is generated from the private key through secure hashing algorithm, and the system cannot be proven secure because both parties public key is available publicly and with enough computation power, hash collision will eventually happen so that the key can be cracked and the security is deprecated. Recently Google has cracked the widely used SHA-1 secure hashing algorithm, while it is true that SHA-1 algorithm is relatively dated and next generations of hashing algorithms require orders of magnitude more computation power, with the exponential development in traditional and quantum computation technology, all computation power based communication security will be deprecated eventually.
Lucky for us, quantum encryption has already emerged and began to commercialize. Quantum encryption works by securely sending two streams of random entangled photons to a communication pair, which is called quantum key distribution(QKD), when one party observes the spins of one photon stream and use it as the key, the laws of physics tells what the other party’s key is which is exactly the opposite spin, thus a shared secret is transmitted. The laws of physics also proves us the channel is securely based on the no-cloning theorem, it is impossible to create a copy of random unknown quantum state, any third party observation made to the quantum key distribution channel will cause the photons to collapse on the observation direction and so that it is impossible for an eavesdropper to know the key without noticing the communication pair.
Various efforts have been made to commercialize quantum encryption, the cost has been cut down significantly in recent years and a nationwide quantum channel is even made theoretically possible by the introduction of quantum repeaters. Perhaps in the near future, the exponential development of quantum communication technology can bring it to civilian use and we might not need to worry too much about our self-driving car crashing into the car on the left while driving on the highway.