< Return to Video

How quantum physics can make encryption stronger

  • 0:01 - 0:05
    Recently, we've seen the effects
    of cyber attacks on the business world.
  • 0:05 - 0:11
    Data breaches at companies like JP Morgan,
    Yahoo, Home Depot and Target
  • 0:11 - 0:13
    have caused losses of hundreds of millions
  • 0:13 - 0:16
    and in some cases, billions of dollars.
  • 0:17 - 0:20
    It wouldn't take many large attacks
    to ravage the world economy.
  • 0:21 - 0:24
    And the public sector
    has not been immune, either.
  • 0:25 - 0:28
    In 2012 to 2014,
  • 0:28 - 0:33
    there was a significant data breach
    at the US Office of Personnel Management.
  • 0:33 - 0:37
    Security clearance
    and fingerprint data was compromised,
  • 0:37 - 0:41
    affecting 22 million employees.
  • 0:42 - 0:46
    And you may have heard of the attempt
    by state-sponsored hackers
  • 0:46 - 0:51
    to use stolen data to influence election
    outcomes in a number of countries.
  • 0:52 - 0:55
    Two recent examples are
    the compromise of a large amount of data
  • 0:55 - 0:59
    from the Bundestag,
    the national Parliament of Germany,
  • 0:59 - 1:03
    and the theft of emails from the US
    Democratic National Committee.
  • 1:05 - 1:09
    The cyber threat is now affecting
    our democratic processes.
  • 1:10 - 1:12
    And it's likely to get worse.
  • 1:12 - 1:16
    As computer technology
    is becoming more powerful,
  • 1:16 - 1:20
    the systems we use to protect our data
    are becoming more vulnerable.
  • 1:21 - 1:25
    Adding to the concern
    is a new type of computing technology,
  • 1:25 - 1:27
    called quantum computing,
  • 1:27 - 1:30
    which leverages microscopic
    properties of nature
  • 1:30 - 1:34
    to deliver unimaginable increases
    in computational power.
  • 1:34 - 1:38
    It's so powerful that it will crack
    many of the encryption systems
  • 1:39 - 1:40
    that we use today.
  • 1:41 - 1:43
    So is the situation hopeless?
  • 1:43 - 1:46
    Should we start packing
    our digital survival gear
  • 1:46 - 1:49
    and prepare for an upcoming
    data apocalypse?
  • 1:50 - 1:52
    I would say, not yet.
  • 1:52 - 1:54
    Quantum computing is still in the labs,
  • 1:54 - 1:58
    and it will take a few years
    until it's put to practical applications.
  • 1:58 - 2:00
    More important,
  • 2:00 - 2:03
    there have been major breakthroughs
    in the field of encryption.
  • 2:03 - 2:06
    For me, this is
    a particularly exciting time
  • 2:07 - 2:09
    in the history of secure communications.
  • 2:10 - 2:11
    About 15 years ago,
  • 2:11 - 2:14
    when I learned of our new-found ability
  • 2:14 - 2:17
    to create quantum effects
    that don't exist in nature,
  • 2:17 - 2:19
    I was excited.
  • 2:19 - 2:22
    The idea of applying
    the fundamental laws of physics
  • 2:22 - 2:24
    to make encryption stronger
  • 2:24 - 2:25
    really intrigued me.
  • 2:26 - 2:32
    Today, a select groups of companies
    and labs around the world, including mine,
  • 2:32 - 2:36
    are maturing this technology
    for practical applications.
  • 2:36 - 2:37
    That's right.
  • 2:37 - 2:41
    We are now preparing
    to fight quantum with quantum.
  • 2:42 - 2:44
    So how does this all work?
  • 2:44 - 2:47
    Well, first, let's take a quick tour
    of the world of encryption.
  • 2:47 - 2:49
    For that, you'll need a briefcase,
  • 2:49 - 2:53
    some important documents that you want
    to send your friend, James Bond,
  • 2:53 - 2:55
    and a lock to keep it all safe.
  • 2:56 - 3:01
    Because the documents are top secret,
    we're going to use an advanced briefcase.
  • 3:01 - 3:03
    It has a special combination lock
  • 3:03 - 3:05
    which, when closed,
  • 3:05 - 3:08
    converts all the text
    in the documents to random numbers.
  • 3:08 - 3:12
    So you put your documents inside,
    close the lock --
  • 3:12 - 3:16
    at which point in time the documents
    get converted to random numbers --
  • 3:16 - 3:18
    and you send the briefcase to James.
  • 3:19 - 3:22
    While it's on its way,
    you call him to give him the code.
  • 3:22 - 3:25
    When he gets the briefcase,
    he enters the code,
  • 3:25 - 3:28
    the documents get unscrambled, and voilà,
  • 3:28 - 3:32
    you've just sent
    an encoded message to James Bond.
  • 3:32 - 3:33
    (Laughter)
  • 3:34 - 3:38
    A fun example, but it does illustrate
    three things important for encryption.
  • 3:39 - 3:42
    The code -- we call this
    an encryption key.
  • 3:42 - 3:44
    You can think of it as a password.
  • 3:44 - 3:49
    The call to James to give him
    the code for the combination lock.
  • 3:49 - 3:51
    We call this key exchange.
  • 3:51 - 3:53
    This is how you ensure
  • 3:53 - 3:57
    you get the encryption key
    securely to the right place.
  • 3:57 - 4:01
    And the lock, which encodes
    and decodes the document.
  • 4:01 - 4:04
    We call this an encryption algorithm.
  • 4:04 - 4:08
    Using the key, it encodes
    the text in the documents
  • 4:09 - 4:10
    to random numbers.
  • 4:10 - 4:13
    A good algorithm will encode in such a way
  • 4:13 - 4:16
    that without the key
    it's very difficult to unscramble.
  • 4:18 - 4:20
    What makes encryption so important
  • 4:20 - 4:23
    is that if someone were to capture
    the briefcase and cut it open
  • 4:23 - 4:27
    without the encryption key
    and the encryption algorithm,
  • 4:27 - 4:29
    they wouldn't be able
    to read the documents.
  • 4:29 - 4:33
    They would look like nothing more
    than a bunch of random numbers.
  • 4:35 - 4:39
    Most security systems rely
    on a secure method for key exchange
  • 4:39 - 4:44
    to communicate the encryption key
    to the right place.
  • 4:45 - 4:48
    However, rapid increases
    in computational power
  • 4:48 - 4:52
    are putting at risk a number
    of the key exchange methods we have today.
  • 4:53 - 4:57
    Consider one of the very
    widely used systems today -- RSA.
  • 4:58 - 5:01
    When it was invented, in 1977,
  • 5:01 - 5:06
    it was estimated that it would take
    40 quadrillion years
  • 5:06 - 5:09
    to break a 426-bit RSA key.
  • 5:10 - 5:14
    In 1994, just 17 years later,
  • 5:14 - 5:16
    the code was broken.
  • 5:17 - 5:20
    As computers have become
    more and more powerful,
  • 5:20 - 5:23
    we've had to use larger and larger codes.
  • 5:23 - 5:29
    Today we routinely use 2048 or 4096 bits.
  • 5:30 - 5:35
    As you can see, code makers and breakers
    are engaged in an ongoing battle
  • 5:35 - 5:37
    to outwit each other.
  • 5:39 - 5:43
    And when quantum computers arrive
    in the next 10 to 15 years,
  • 5:43 - 5:47
    they will even more rapidly
    crack the complex mathematics
  • 5:47 - 5:51
    that underlies many
    of our encryption systems today.
  • 5:51 - 5:56
    Indeed, the quantum computer is likely
    to turn our present security castle
  • 5:56 - 5:59
    into a mere house of cards.
  • 6:01 - 6:04
    We have to find a way
    to defend our castle.
  • 6:05 - 6:08
    There's been a growing
    body of research in recent years
  • 6:08 - 6:11
    looking at using quantum effects
    to make encryption stronger.
  • 6:12 - 6:15
    And there have been
    some exciting breakthroughs.
  • 6:15 - 6:18
    Remember those three things
    important for encryption --
  • 6:18 - 6:23
    high-quality keys, secure key exchange
    and a strong algorithm?
  • 6:24 - 6:26
    Well, advances in science and engineering
  • 6:27 - 6:30
    are putting two of those
    three elements at risk.
  • 6:30 - 6:32
    First of all, those keys.
  • 6:33 - 6:37
    Random numbers are the foundational
    building blocks of encryption keys.
  • 6:37 - 6:40
    But today, they're not truly random.
  • 6:41 - 6:43
    Currently, we construct encryption keys
  • 6:43 - 6:47
    from sequences of random numbers
    generated from software,
  • 6:47 - 6:50
    so-called pseudo-random numbers.
  • 6:51 - 6:54
    Numbers generated by a program
    or a mathematical recipe
  • 6:54 - 6:58
    will have some, perhaps subtle,
    pattern to them.
  • 6:59 - 7:00
    The less random the numbers are,
  • 7:00 - 7:04
    or in scientific terms,
    the less entropy they contain,
  • 7:04 - 7:06
    the easier they are to predict.
  • 7:07 - 7:11
    Recently, several casinos
    have been victims of a creative attack.
  • 7:11 - 7:15
    The output of slot machines
    was recorded over a period of time
  • 7:15 - 7:17
    and then analyzed.
  • 7:17 - 7:19
    This allowed the cyber criminals
  • 7:19 - 7:23
    to reverse engineer
    the pseudo-random number generator
  • 7:23 - 7:25
    behind the spinning wheels.
  • 7:25 - 7:30
    And allowed them, with high accuracy,
    to predict the spins of the wheels,
  • 7:30 - 7:33
    enabling them to make big financial gains.
  • 7:35 - 7:38
    Similar risks apply to encryption keys.
  • 7:39 - 7:44
    So having a true random number generator
    is essential for secure encryption.
  • 7:46 - 7:51
    For years, researchers have been looking
    at building true random number generators.
  • 7:51 - 7:54
    But most designs to date
    are either not random enough,
  • 7:54 - 7:57
    fast enough or aren't easily repeatable.
  • 7:58 - 8:01
    But the quantum world is truly random.
  • 8:02 - 8:07
    So it makes sense to take advantage
    of this intrinsic randomness.
  • 8:08 - 8:10
    Devices that can measure quantum effects
  • 8:10 - 8:14
    can produce an endless stream
    of random numbers at high speed.
  • 8:14 - 8:17
    Foiling all those
    would-be casino criminals.
  • 8:18 - 8:22
    A select group of universities
    and companies around the world
  • 8:22 - 8:26
    are focused on building
    true random number generators.
  • 8:26 - 8:30
    At my company, our quantum
    random number generator
  • 8:30 - 8:33
    started life on a two meter
    by one meter optic table.
  • 8:34 - 8:38
    We were then able to reduce it
    to a server-size box.
  • 8:39 - 8:45
    Today, it's miniaturized into a PCI card
    that plugs into a standard computer.
  • 8:47 - 8:52
    This is the world's fastest
    true random number generator.
  • 8:52 - 8:57
    It measures quantum effects to produce
    a billion random numbers per second.
  • 8:58 - 9:01
    And it's in use today to improve security
  • 9:01 - 9:05
    at cloud providers, banks
    and government agencies
  • 9:05 - 9:06
    around the world.
  • 9:07 - 9:14
    (Applause)
  • 9:15 - 9:18
    But even with a true
    random number generator,
  • 9:18 - 9:21
    we've still got the second
    big cyber threat:
  • 9:21 - 9:24
    the problem of secure key exchange.
  • 9:24 - 9:29
    Current key exchange techniques
    will not stand up to a quantum computer.
  • 9:30 - 9:32
    The quantum solution to this problem
  • 9:32 - 9:36
    is called quantum key distribution or QKD,
  • 9:36 - 9:40
    which leverages a fundamental,
    counterintuitive characteristic
  • 9:40 - 9:42
    of quantum mechanics.
  • 9:42 - 9:47
    The very act of looking
    at a quantum particle changes it.
  • 9:48 - 9:50
    Let me give you an example
    of how this works.
  • 9:51 - 9:56
    Consider again exchanging the code
    for the lock with James Bond.
  • 9:56 - 10:00
    Except this time, instead of a call
    to give James the code,
  • 10:00 - 10:04
    we're going to use quantum effects
    on a laser to carry the code
  • 10:04 - 10:08
    and send it over standard
    optic fiber to James.
  • 10:09 - 10:13
    We assume that Dr. No
    is trying to hack the exchange.
  • 10:15 - 10:20
    Luckily, Dr. No's attempt to intercept
    the quantum keys while in transit
  • 10:20 - 10:23
    will leave fingerprints
    that James and you can detect.
  • 10:24 - 10:28
    This allows those intercepted keys
    to be discarded.
  • 10:28 - 10:30
    The keys which are then retained
  • 10:30 - 10:33
    can be used to provide
    very strong data protection.
  • 10:34 - 10:38
    And because the security is based
    on the fundamental laws of physics,
  • 10:38 - 10:42
    a quantum computer, or indeed
    any future supercomputer
  • 10:42 - 10:44
    will not be able to break it.
  • 10:45 - 10:48
    My team and I are collaborating
    with leading universities
  • 10:48 - 10:49
    and the defense sector
  • 10:49 - 10:51
    to mature this exciting technology
  • 10:52 - 10:55
    into the next generation
    of security products.
  • 10:56 - 11:02
    The internet of things
    is heralding a hyperconnected era
  • 11:02 - 11:08
    with 25 to 30 billion
    connected devices forecast by 2020.
  • 11:09 - 11:14
    For the correct functioning
    of our society in an IoT world,
  • 11:14 - 11:19
    trust in the systems that support
    these connected devices is vital.
  • 11:20 - 11:25
    We're betting that quantum technologies
    will be essential in providing this trust,
  • 11:25 - 11:29
    enabling us to fully benefit
    from the amazing innovations
  • 11:29 - 11:32
    that are going to so enrich our lives.
  • 11:34 - 11:35
    Thank you.
  • 11:35 - 11:40
    (Applause)
Title:
How quantum physics can make encryption stronger
Speaker:
Vikram Sharma
Description:
more » « less
Video Language:
English
Team:
closed TED
Project:
TEDTalks
Duration:
11:53

English subtitles

Revisions Compare revisions

Our website uses cookies for analysis purposes.