Researchers develop quantum encryption method to foil hackers

Researchers say quantum encryption is what will finally stop hackers. University of Toronto Professor Hoi-Kwong Lo, a faculty member in The Edward S. Rogers Sr. Department of Electrical & Computer Engineering and the Department of Physics, as well as his team consisting of Senior Research Associate Dr. Bing Qi and Professor Marcos Curty of the University of Vigo, say they have found a new quantum encryption method that can trip up even the most sophisticated hackers.

Quantum cryptography ensures that any attempt by an eavesdropper to read encoded communication data will lead to disturbances that can be detected by the legitimate user. As a result, quantum cryptography allows the transmission of an unconditionally secure encryption key between user1 and user2, even in the presence of a potential hacker, user3. The encryption key is communicated using light signals and is received using photon detectors.

The encryption key in quantum cryptography isn't some super-long password. Instead, it's made up of light signals and photo detectors. In previous versions of the quantum key distribution (QKD) method, hackers could alter commercial QKD systems. In other words, the challenge is that user3 can intercept and manipulate the signals. Quantum hacking occurs when light signals subvert the photon detectors, causing them to only see the photons that user3 wants user2 to see.

Now, Professor Lo and his team say they have come up with a solution to the untrusted device problem: the "Measurement Device Independent QKD" method. While a potential hacker may operate the photon detectors and broadcast measurement results, the two users no longer have to trust those measurement results. Instead, they can simply verify the hacker's honesty by measuring and comparing their own data. This works because when user3 attempts to manipulate the photons that transmit quantum data, he or she also inevitably introduces subtle changes in the data stream.

In Measurement Device Independent QKD, the two users send their signals to an untrusted relay, user4, who may or may not be controlled by user3. This fourth party performs a joint measurement on the signals, providing another point of comparison.

"A surprising feature is that [user4]'s detectors can be arbitrarily flawed without compromising security," Professor Lo said in a statement. "This is because, provided that [user1] and [user2]'s signal preparation processes are correct, they can verify whether [user3] or [user4] is trustworthy through the correlations in their own data following any interaction with [user3/user4]."

A proof-of-concept measurement has already been performed. Professor Lo and his team are now developing a prototype, which they expect will be ready within five years.

Disclaimer: I attend the University of Toronto.

See also:

• Up to 1.5 million Visa, MasterCard credit card numbers stolen
• Hacktivists stole 100 million records in 2011
• Anonymous: LulzSec returns on April Fools' Day?
• Anonymous hacks Panda Security in response to LulzSec arrests
• Anonymous hacks Vatican again
• Anonymous hacks hundreds of Chinese government sites