Infosys experts share their views on how digital is significantly impacting enterprises and consumers by redefining experiences, simplifying processes and pushing collaborative innovation to new levels

« Futuristic usage of Chatbots in Hotel, Insurance industries | Main | Differential Privacy: The Privacy Guarantee »

what exactly is quantum key management

 

QUANTUM KEY MANAGEMENT

All of us are familiarized with the word encryption. Encryption is the technique of encoding the message to a different pattern using some key. Usually, the key is generated by some complex mathematical combination of numbers. Greater the complexity of the method of key generation, lesser the probability of tapping the channel and getting the decrypted message. In the earlier times, it used to take years to do the eavesdropping and key cracking.

In the present scenario, we see the world evolving tremendously in terms of science and technology. This is the era of quantum computing. As the computers are subjected to this revolutionary change, they become much faster and they can break a highly complex key within days or may be hours. So there is only one way left in order to fight with this, and the motto is "Fight quantum with quantum".

In the method of Cryptography, we need three factors.

  1. Encryption key

  2. Sharing the key between the source and target i.e. Key Exchange

  3. A very strong encryption algorithm

Consider the widely used Encryption method called RSA. It was invented in 1977 and thought to be broken with an effort of 40 quadrillion years. But in 1994, the code was broken. As the computers evolve, this breaking of code has become much easier. Today we are used to 2048-bit or even 4096-bit computing.

Before 10 to 15 years ago when quantum computing was introduced, it only took a significantly less amount of time to crack a code which has high mathematical complexity. Hence, quantum computing will make our castle of security collapse into house of cards. Researches have been growing significantly in past few years in the direction of using the behavior of quantum particles and their effects to make the encryption stronger. The interesting fact is that there has been a breakthrough in this area.

The random numbers that we use in cryptographic methods are not completely random. We generate the keys from a set of random sequence which is called pseudo random numbers. The numbers when generated using mathematical method, will contain a more or less a subtle amount of pattern in them. The less entropy (which is a measure of randomness) it contains; easier it is to break.

Some casinos were attacked recently. There, the output of the sequence machine was recorded continuously for a significant time period and analyzed. Engineers reverse engineered the pseudo random numbers and they were able to predict the spin of the wheels. This resulted in enormous financial gains. This is one example from many. When it comes to business, administrations etc., the severity of the issue becomes gross.

Researchers were actually looking to generate numbers which are truly random. Mostly, for the numbers generated, they found that, they were not fast enough or they were not truly random or they aren't repeatable.

According to Heisenberg's principle, it's impossible to measure the exact measures of a quantum particle and hence the Quantum world is truly random. So the researchers concentrated on taking the advantages of this intrinsic randomness. They developed machines containing optical fibers which will generate truly random numbers with a larger size of machine in the earlier times. Later as the optical fiber technology evolved, the size of the random generator reduced to size of your palm. Here onwards developed the security in terms of quantum particles like applying quantum effects on laser to carry the codes.

Now we shall look into what exactly is the scenario of quantum key management:

Take the scenario as Alice sends a message and Bob receives it. Eve is the eavesdropper who listens to the message and tries to get the key. Alice sends photons to Bob in 4 different polarizations or vibrations. The 4 types of polarizations will be like horizontal, vertical, left or right polarizations. In these polarizations, two of them can be selected to represent a 1 and two of them for a zero. Bob then measures the direction in which they are polarized. By using 2 differently polarized filters, Bob measures each photon one at a time back and forth. He gets the bits when polarizations match. He gets a 1 for a matched filter he used and 0 for a mismatch. Later Alice call Bob to tell the information about the filter. Instead of telling the key, Alice would say right or wrong for the filters Bob used. After they got this public check of the order of the detectors used, they discard the incorrect messages obtained by Bob. Thus Bob will get the secret key of encryption. If the Eve listens to the channel, filters he should use for detection which results in changing the photons sent by Alice which can be detected then by the public check between Alice and Bob. For Eve it's nearly impossible to get the correct filter order and hence security here is improvised against eavesdropping.

The studies are taking place in order to facilitate this quantum based or photons based key exchange. In recent times, the length of the optic fibers used has grown to 150 km from a few kilometers that was used in the earlier times.  Researches are also growing faster in the area for exploring different aspects of the quantum key management which all contributes to a burgeoning security.

We as a part iEDPS Product Team are working on a pilot to leverage Quantum Key Distribution for a Next Gen Data Protection for your organization.

 

Author,

Aswathi Valsan 

IEDPS TEAM, ICETS

https://www.infosys.com/services/incubating-emerging-technologies/offerings/enterprise-data-privacy-suite.html 


Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.