1. Encryption keys seem to be all the rage right now. But what are they?
  2. Each messenger states that its encryption algorithm is the most fail-safe. But what kind of encryption systems are there?
  3. Okay, that much is clear. But people also talk about quantum encryption. What’s this?
  4. Is this the fabled unhackable key, then?
  5. If quantum key distribution is so close to ideal, why doesn’t my smartphone’s messenger use it?
  6. What are scientists in the field working on now?
  7. Does this mean that this encryption technology will appear on my phone?

Encryption keys seem to be all the rage right now. But what are they?

An encryption key is a string of bits used for encrypting and decrypting a message, known only to the sender and the receiver. Thanks to this, information can be transmitted via open channels, as even having intercepted the message, a bad actor theoretically won’t be able to read it because of not knowing the key. In reality, though, a bad actor can endeavor to hack the encryption algorithm used by a messenger and thus read what we wrote. 

Each messenger states that its encryption algorithm is the most fail-safe. But what kind of encryption systems are there?

There are a lot of encryption systems out there, but all of them can be divided into two big groups: symmetric and asymmetric. In symmetric systems, both users’ computers know the key that turns a set of symbols into an emoji, a “hi” or a code for a bank transaction. This is the most reliable way. However, there is one problem: how to transmit the key to the sender and the receiver – by mail or courier?

Asymmetric systems use two keys, a public and a private one. The public key allows us to encrypt a message and is accessible to everyone, but can only be read with the help of the private key known only to the receiver’s computer. This is just like arithmetic: it’s easy to multiply 3 by 5, the result is 15. But it’s more difficult to guess when you don’t know which factors we got 15 from. And now imagine that you have to factorize a twenty-digit number in this way. It’s believed that a bad actor simply doesn’t have the resources to decrypt a message without a key in a reasonable amount of time. But this isn’t always so. 

Okay, that much is clear. But people also talk about quantum encryption. What’s this?

Admittedly, the term “quantum encryption” isn’t exactly correct – it’s more right to talk about quantum key distribution (QKD). This approach tackles the main problem in the distribution of keys in symmetric encryption systems. It gives an opportunity to generate keys between several users without the human factor interfering into the distribution process. For example, it’s impossible to bribe the courier transmitting the keys, kill them or intimidate them. 

QKD’s information carrier of choice is quantum radiation, which offers a range of useful properties. Unlike powerful laser radiation used today in almost all data transmission systems, it’s impossible to copy an unknown quantum state, impossible to split it, and it self-disrupts when measured. 

 

Read also: ITMO Researcher Represents Russia at QKD Security Workshop

Is this the fabled unhackable key, then?

Theoretically, yes – the attacker shouldn’t have any knowledge of the key. This is what researchers of quantum key distribution are aiming towards. It’s thought that if this protocol is built correctly, in the ideal world a bad actor will know nothing about the key. 

It’s obvious, however, that the real world is far from ideal. Because of this, however much scientists try, bad actors will always have the chance to learn something about the key. The main goal in this case is to make this chance as slim as possible. But you have to understand that it’s not only important for the bad actor to know nothing about the key, but also for the right, reliable encryption algorithm to be applied using the resulting key. 

 

Read also: How Quantum Systems Provide Total Security

If quantum key distribution is so close to ideal, why doesn’t my smartphone’s messenger use it?

It’s unwieldy and expensive, simple as that. QKD systems of course aren’t as big as the first computers, which occupied entire buildings, but they’re still much bigger, and most importantly, more expensive, than your average personal computer. QKD systems are utilized in some Austrian and Swiss banks, but it’s still impossible to tap into such a vast market. Still, IT companies are increasingly looking in the direction of quantum key distribution: part of the shares of the Swiss company ID Quantique was bought by the South Korean telecom operator SK Telecom. Russia also has similar examples – the telecom operator Smarts JSC is an investor and co-founder of the company Quanttelecom LLC.

 

Read also: Canadian Experts Test ITMO Quantum Network

What are scientists in the field working on now?

Apart from technological development, engineers need a serious effort by mathematicians and physicists on the development of the fundamental principles of building QKD systems. From a scientific point of view, what attracts the most interest is device-independent quantum key distribution. This approach is founded on the assumption that even the equipment used by legitimate users can be compromised by a bad actor, and even in this case, there is still a possibility to generate a strong key. Many believe that such systems are the future.

Does this mean that this encryption technology will appear on my phone?

Scientists and engineers are currently focusing their efforts precisely on that. But it’s hard to tell exactly when this goal will be reached. The main task we need to solve now is making the system cheap and compact.