THINK SMALL, QUANTUM SMALL
2 Ways to Protect Our Digital Privacy in the Face of Future Technology
Schrödinger’s cat is outta the bag.
That confidence-inspiring little lock-icon in your browser — the one you see when you go shopping online, or when you wisely check your bank balance first — is something a quantum computer can break.
Quantum computers are quirky machines dreamt up by legendary physicist Richard Feynman in the 1980s, much like the digital computer you carry around in your pocket, or perhaps wear on your wrist, was once a theoretical curiosity in the 1930s. The question is: What makes quantum computers such a menace — as well as a boon?
Let’s step back for a moment. Our everyday intuition is firmly rooted in our direct experience of the world around us — the world of human beings, planets, and cats. I suspect (and hope) that you haven’t encountered a man fully dressed, suit and all, and fully naked at the same time. Or Venus in two places. Or a cat that is at once dead and alive — a Schrödinger’s cat. Yet, in the world of tiny things such as particles of light, being in multiple states simultaneously is common behaviour.
So the quantum world is counterintuitive — so what? Whereas digital computers deal in ones and zeros, bits that is, a quantum computer has at its heart the idea of a quantum bit, which can be zero and one simultaneously. What this means is that you can juggle exponentially more information using quantum bits than you can otherwise. Here’s the upshot: Whereas the most powerful digital computer could take the age of the universe to break some of the most widely used encryption methods, a quantum computer could break the same encryption in no time.
Quantum app developers are already paying money for accessing IBM’s prototype cloud quantum computer, named IBM Q of course. Such apps will slash the mammoth cost of designing new pharmaceutical drugs and vaccines for instance. Other tech giants including Google, Microsoft, and chip-maker Intel are in the race to build a quantum computer, along with start-ups such as Psi Quantum — not to mention multibillion-dollar government programmes worldwide.
No wonder, according to the Global Risk Institute in Canada, there is roughly a 1 in 2 chance that we will see code-breaking quantum computers within the decade. But isn’t that — as far as your digital security is concerned — a bridge you can cross when you come to?
Only if you are happy to share all your now-private data with the rest of the world in a few years. Here’s the thing, because data storage is cheap, hackers can blanket-copy tons of secret messages today — including yours — to selectively crack them once code-breaking quantum computers go live.
What now? There are two ways to future-proof your encryption. The first is a variant of public-key cryptography — a technology widely used today — called post quantum cryptography, which experts are confident will remain out of reach of quantum computers. Few Chrome users may have noticed it, but Google recently tried a post-quantum algorithm named New Hope, over a two-year period, with no reported issues, as a security feature in its Chrome browser. Moreover, IBM included a couple of years ago post-quantum in its 5 in 5: five innovations that will help change our lives within five years. The species of post-quantum that IBM is throwing its weight behind comes with a tantalising bonus: Users of cloud computing services could encrypt their input in such a way to enable processing while ensuring the cloud is blind to their data.
We must, at the very least, demand that all our digital communication be protected with an added layer of post-quantum encryption.
The second countermeasure, known as quantum key distribution, or QKD, uses the very laws of quantum physics that make quantum computers so powerful in order to protect against their, or other, security threats — fighting fire with fire so to speak. Here, secret messages are encoded onto individual particles of light, as delicate quantum bits, making their hacking akin to trying to capture, intact, bubbles floating in the air.
Since 2007, Swiss elections have been protected using QKD, where it is used to send ballot information ultra-securely from a central ballot counting station to the Geneva government data centre. Many Swiss banks have since adopted QKD. Given the mounting digital threat to the very notion of democracy, in hindsight, such measures feel strikingly prudent.
Recently, South Korean giant SK Telecom, having invested $65 million in QKD market-leader Swiss-based ID Quantique, announced plans to secure South Korea’s 5G network using quantum technology. This makes sense, as QKD will be used to secure point-to-point underground optical communication between transmission towers, which comprises the bulk of the network’s communication. The fact that 5G transmission towers need to be close together in such a network makes it perfect for existing QKD technology, which is mostly limited to distances of tens of kilometres. Moreover, quantum random number generators (QRNGs), as their name suggests, will be used to produce the true randomness required for encryption. In fact, SK Telecom has just released a custom-edition Galaxy phone — the Galaxy A Quantum — housing a QRNG chip.
The Time 100 pick of influential people in 2018, by Time magazine, featured Chinese physicist Jian-Wei Pan, whose team has recently accomplished two notable feats. One is the launch of the world’s first quantum satellite, making secure communication possible over distances of hundreds of kilometres. Now China could connect all its embassies ultra-securely for example. This will put other superpowers on alert. The second is the experimental demonstration of a quantum communication scheme that I, alongside colleagues, happened to propose a few years ago — for sending messages without sending anything physical. It is tempting to think that, one day, hackers may literally have nothing to clutch at.
Securing digital privacy against hackers with unlimited resources, although seems like a tall order, has become — as South Koreans and others have shown — well within reach. As citizens and businesses we must demand more from telecom providers and app developers, insisting on encryption that will not collapse on the possibly imminent arrival of quantum computers: This is worth campaigning for.
A let-us-wait-and-see approach won’t do — the stakes are too high.
P.S. No cats were harmed during the preperation of this article.
