The Instituto de Telecomunicações in Lisbon, Portugal, is further developing revolutionary privacy solutions based on the laws of quantum mechanics
The goal of cryptography (and therefore of quantum cryptography) is to hide private information from untrusted malicious agents. While symmetric cryptography offers unconditional security (e.g. one-time pad), it is impractical for everyday applications as it requires a pre-shared key, which cannot be re-used, and is of the size of a message.
Asymmetric public-key systems such as RSA offer practical key management, as the key size is smaller than that of a message, but are based on unproven mathematical conjectures, providing only limited security. Indeed, as most of today’s security is based on the hardness assumption of prime number factoring (and the related order finding problem), the advent of efficient quantum Shor’s algorithm compromised virtually the entire classical cryptography.
While quantum cryptography was shown to be, at least for the case of key distribution, unconditionally secure, and subsequently both experimentally realised and introduced into today’s technology, many advocated the so-called ‘post-quantum cryptography’ – classical cryptography based on even harder mathematical conjectures – in the hope that future computers (both classical and quantum) will not be able to break them.
Nevertheless, such approaches have important negative drawbacks, which ultimately favour quantum cryptography. Namely:
- it turns out that the more difficult the (general) problem is, the more difficult it is to find its instances that are really hard to solve. As a consequence, the more secure post-quantum protocol is (the harder mathematical problem upon which it is based), the more inefficient it is and thus useless for practical purposes (precisely as in the case of the famous Merkle–Hellman knapsack cryptosystem);
- such protocols would still be based on unproven conjectures; this time, unlike the thousand-year-old factoring problem, the new problems would have only a few decades’ history, and assuming that the failure to solve them by only two or three generations of mathematicians would make them truly difficult would be unwise; and
- as a consequence, it is to be expected that most of today’s post-quantum protocols would be broken in the future by more powerful computers. Since the computation power equals money, this brings explicit social inequality, putting ordinary people under direct control of the state and rich individuals/corporations.
Quantum cryptography: Breaking the laws
In contrast, quantum cryptography is based on the impossibility of breaking physical laws (in particular, on quantum complementarity, entanglement and the no-cloning theorem), applicable equally to everyone, and as such offers higher (sometimes even unconditional) security levels, together with equality with respect to the user’s social status, upon quantum fully entering everyday technology.
In addition to secure information exchange, privacy is another important cryptographic functionality often required in everyday applications. One such example is e-voting systems. Another instance is the so-called ‘private data mining’. Users of, say, social security and health services want their personal private information secured when external agencies access hospital databases in order to obtain overall statistical estimates.
Over the past decade, the Security and Quantum Information Group (SQIG) of the Instituto de Telecomunicações (IT) in Lisbon worked on designing and analysing various quantum cryptographic protocols. In the context of tackling the above-mentioned privacy issues and related problems (known under the generic name of secure multi-party computation protocols), we worked on designing and implementing (together with the Optical Networks Group at IT in Aveiro) the so-called ‘cryptographic primitives’ (oblivious transfer and bit-commitment) used as the building blocks of more complex schemes. In the context of designing an improved quantum e-voting platform, we established a collaboration with Scytl, a Barcelona-based company that already offers a classical e-voting system. We also started joint research with Coimbra Genomics, Portugal, in the context of the secure data mining of private DNA information.