Cryptography/Quantum Cryptography

While in the year 2001, Quantum Cryptography was only a future concept. Since not much was known of how capable a quantum computer would be, but even then it was understood that if at all cost-effective, the technology would have only niche applications. By 2024 the technology is yet to prove itself usable in practical terms. Specific algorithms have to be created for yet to be standardized hardware.

Quantum cryptography deals with three distinct issues:

1 - Since the quantum machines will not be available or standardized in a very near future, let's say by 2035, theoretical efforts are being made in and proofing standard cryptographic practices against brute force attacks using these new systems. As we enter the often referred as post-quantum cryptography, cryptographers raised concern regarding the technology impact on cryptography due to the potential vulnerabilities of general use cryptographic systems to quantum attacks, particularly those facilitated by Shor's algorithm, which can efficiently factor large numbers and compute discrete logarithms—the mathematical foundations of many public-key crypto systems as the reliance (expectation) of some cryptographic systems that consumer level technology will have difficulty in solving certain mathematical problems in useful (to get to the secret) time scales. Something that is specifically eroded by quantum parallelism and Grover's algorithm. Creating a need for development of post-quantum cryptography (PQC) algorithms.

The pressure to fix a probable but yet theoretical concern, while important, this theoretical speculation may be utilized to weaken or thwart the adoption and use of proven and safer algorithms. In a world where consensus is a rarity and scarcer yet is preventive planning, one should refrain from making emotional choices and do a proper cost versus risk analysis.

2 - It is so crucial to develop new algorithms that ca n not only work but makes use of the new quantum computers specifications. Today (2024) advances are specially being made in hardware for secure signal transmission, protection, and speed using quantum properties.

3 - Lastly, verifying that development of the quantum computing technology and quantum-resistant algorithms as to prevent these machines to break the security expectations of legacy systems (much like computers in general made easy work of non-digital cryptography relegating, for example as we saw with the German Enigma machines).

With the new technology comes new terminology like QBit Cryptanalysis, and the other is Quantum Key Exchange (which is the most common use of the term, and I will discuss here)

Quantum Key Exchange


With Quantum Key Exchange, also called quantum key distribution (QKD),[1] you use through-air free-space optical links[2][3] or a single optical fiber to send a single photon at a time orientated to one certain angle of four; we can describe them as horizontally polarized ( - ), vertically polarized ( | ), Ordinary ( \ ) or Sinister ( / ) To detect these photons, you can use either an ordinary filter ( \ slot) or a vertical filter ( | slot)

An ordinary filter has the properties that it will always pass an ordinary polarized photon, and always block a sinister polarized photon (this is because the photon is correctly aligned for the slot in the Ordinary case, and at   to the slot for the Sinister photon.

A vertical filter has similar properties for its two associated photons - it will always pass a vertical photon, and always block a horizontal one.

This leaves four cases: '|' and '-' for an ordinary filter, and '\' and '/' for a vertical one. The problem is - nobody knows! they might make it though the slot, they might not, and it is entirely random.

For this reason, the sender will send 'n' photons to the recipient, and the recipient will then report back which of the two possible filters (chosen at random) he tried.

If the recipient guessed the right filter, he now knows which one of two possible orientations the photon was in. if he guessed wrong, he has no idea - so the sender responds to the recipient's list with a second list - of the decisions the recipient got right. By discarding the "wrong" filter choices, both sender and recipient now know which of two possible choices each of the photons received were actually matched to - and can convert pass/fail into logic 1 or 0 for a binary set (and this can then be used as an encryption key)

However, this *only* works if the cable between the sender and the recipient is completely unbroken - because it is impossible to route, regenerate or otherwise manipulate the photons sent without losing the delicate orientation information that is the hub of the scheme.

Anybody who tries to measure the photons en route must pick the correct filter - if he picks the wrong one, he is unable to tell the difference between a pass and a misaligned photon that happens to have gotten though the slot - and indeed, a block and a misaligned photon that was blocked. If he picks wrongly, he cannot tell what orientation the photon was in, and the eventual conversation between the recipient and sender as to orientation of filters will cause there to be differences between the two sets of data - and reveal an eavesdropper has intercepted photons.

There are obvious problems with this scheme. the first is that sending a single photon down a light pipe can be unreliable - sometimes, they fail to reach the recipient and are read as a false "block". The second is that the obvious attack on this is a man-in-the-middle one - the attacker intercepts both the light pipe and the out-of-band data channel used for the discussion of filters and acceptance lists - then negotiates different Quantum key Exchange keysets with both the sender and the recipient independently. by converting the encrypted data between the keys each is expecting to see, he can read the message en route (provided of course there is no way that either party can verify the transmissions in a way the m-i-t-m cannot intercept and replace with his own doctored version)

However, the problems have not stopped a commercial company selling a product which relies on QKE for its operation.

For further reading