November 15, 2002 6:41 AM PST

'Noisy light' is new key to encryption

Scientists at Northwestern University say they have harnessed the properties of light to encrypt information into code that can be cracked only one way: by breaking the physical laws of nature.

This high-speed quantum cryptography method allowed the scientists to send encrypted data over a fiber-optic line at 250mbps (megabits per second), which the researchers said was more than 1,000 times faster than what was achievable with existing quantum technology.

The research team, led by Northwestern professors Prem Kumar and Horace Yuen, used standard lasers and existing optical technology to transmit a large bundle of photons, the particles that make up light.

Current techniques in quantum cryptography are based on shooting single photons. But detecting single photons is much harder, scientists noted, and requires equipment that is so sensitive it often registers nonexistent photons. Northwestern's quantum cryptography method required less-sensitive detectors.

There is growing interest in using quantum cryptography for commercial and military applications because of the technology's apparent ability to guarantee invulnerability.

"What makes the system so secure is that an eavesdropper can't tap into it without disturbing the photons," said Paul Kwiat, a professor of physics at the University of Illinois at Urbana-Champaign, and a leading authority on quantum cryptography. "If an eavesdropper disturbs the photons, then they're gone."

Quantum cryptography, however, still suffers from one major limitation that may impede its ascent to a practical technology. As it stands today, all quantum cryptography techniques only work over dedicated fiber-optic lines--not over the Internet--and over distances no greater than about 90 kilometers from one point to another.

However, leading technology companies and several start-ups are joining the academic community in working to overcome this hurdle.

Companies such as IBM, through its Almaden Research Center and NEC, with its NEC Research Institute, are well immersed in quantum cryptography research. In addition, telecommunications giant Verizon Communications is dabbling in quantum cryptography through one of its subsidiaries, BBN Technologies, which is working with Northwestern to develop commercial quantum cryptography prototype systems for optical-fiber networks running over the Internet.

Several start-ups have also cropped up, including Swiss company Id Quantique and New York-based Magiq Technologies, each promising to deliver commercial quantum cryptography technology sometime in 2003. Earlier in November, Magiq disclosed it had received about $7 million in seed funding from several angel investors, including Jeff Bezos, founder and chief executive of Amazon.com.

"Of all the quantum information technologies, like quantum computing, quantum cryptography appears to be the first at bat in terms of making it into real-world applications," said Ben Stein, a senior writer at the American Institute of Physics.

How it works
The Northwestern technique uses a form of "secret key" cryptography. In this scenario, the two people communicating with each other--say Alice and Bob--use the same secret key. Alice sends Bob the key with which he can decipher the message.

This differs from the "public key" encryption system in which typically, both Alice and Bob will have a private key that they keep secret, and a public key that they publish. An encrypted message sent by Alice to Bob using the public key can be decrypted by the private key, and vice versa.

Applying the Northwestern method to encode her message, Alice would use the key to manipulate light, creating a pattern more complex than the traditional way of transmitting data in terms of zeros and ones. Different combinations and strings of zeros and ones are used to represent information.

The Northwestern technique takes advantage of the granularity of light, known as quantum noise, which is revealed only through the secret key's pattern. One method the team used to change the light's granularity was randomly polarizing the light. To Eve, the eavesdropper, who does not have the key, the data is indecipherable because the lifted message emits too much fuzz. Bob, however, who has the secret key, can get the pattern and can receive the signal with much less disturbance. This allows him to decipher Alice's message.

"I would think that a logical next step will be to show that this method really works with existing fiber networks," said Lijun Wang, a research scientist at NEC Laboratories. "Also, perhaps they will find a better way to communicate than using polarization of light, which can be prone to unwanted fluctuations in the field."

Once the kinks have been removed from the Northwestern method, as well as from quantum cryptography in general, proponents of the technology say that financial institutions and the military and intelligence communities are likely to be the first to replace their current encryption technologies, which are based on mathematical algorithms.

Today, mathematical encryption that relies on schemes such as the RSA algorithm are considered secure because cracking the keys used to encrypt data is likely to take many years. The RSA algorithm is the most widely used Internet communications encryption program. The larger the prime numbers used to make keys, the longer it would take to crack the encryption. It relies on the assumption that when prime numbers--those divisible only by themselves and the number one--are very long, they are extremely difficult to generate and determine.

"At this time, public-key encryption is not necessarily bad as far as the public is concerned," Kwiat said. "You just don't want to trust your most valuable secrets to it."

Some critics maintain that the firepower of quantum cryptography is far greater than is needed for most businesses.

"The fact is that the effort to break (mathematical) ciphers is exponential in the key size, as long as there's not a fundamental flaw in the cipher," said Nicko van Someren, chief technology officer at encryption company nCipher. "The encryption algorithms we have at this moment are good enough for the job and will be good enough for the job in the foreseeable future."

Advances in computing power
There is a threat looming on the horizon, however, from distributed computing and quantum computing, that could undermine the security of traditional algorithm-based encryption. Distributed computing involves spreading computing tasks across hundreds of thousands of computers--on the Internet or in private networks--that would otherwise be sitting idle. This technique has been used to overcome several mathematical challenges. One group last year found the largest prime number, while another group deciphered a message encoded with RSA Security's RC5-64 encryption algorithm.

"There is a continuous war between code makers and code breakers--people making better algorithms, people breaking those algorithms," said Alexei Trifonov, a research scientist at Magiq. "What is good about quantum cryptography is that it can cut off this vicious circle."

Another fear is that data that has been encrypted with the most impenetrable algorithms in existence today could be stolen and stored untouched for several generations. In years ahead, as computers become more powerful--perhaps through the advent of quantum computing, which can carry out multiple calculations simultaneously--these systems might crack the stashed-away code.

"As computing power and data traffic grow, and information speeds get faster, cryptography is having a hard time keeping up," said Northwestern's professor Kumar. "New cryptographic methods are needed to continue ensuring that the privacy and safety of each person's information is secure."

A recipe for building a nuclear bomb, for instance, would have to be kept secure and encrypted, regardless of the years that pass.

Kumar said that his team at Northwestern is working with two partners, Telcordia Technologies and BBN Technologies, to try to put the technology to commercial use. The university has filed a number of patents based on the research.

"One of the next steps is to show that our schemes can pass through optical amplifiers," Kumar said. This would amplify the stream of photons, letting them travel a greater distance undisturbed. If successful, quantum cryptography would be able to move beyond the constraints of a dedicated fiber-optic line between two points and extend out to wider networks like the Internet.

"We're also working toward speeds of 2.5 gigabits per second," Kumar said. "That's the rate at which regular information is currently transmitted over the Internet's fiber-optic network."

The quantum cryptography research at Northwestern is funded by the U.S. government's Defense Advanced Research Projects Agency.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.