< Return to Video

How quantum physics can make encryption stronger

  • 0:01 - 0:05
    Recently, we've seen the effects
    of cyber attacks on the business world.
  • 0:05 - 0:11
    Data breaches at companies like JP Morgan,
    Yahoo, Home Depot and Target
  • 0:11 - 0:13
    have caused losses of hundreds of millions
  • 0:13 - 0:16
    and in some cases, billions of dollars.
  • 0:17 - 0:20
    It wouldn't take many large attacks
    to ravage the world economy.
  • 0:21 - 0:24
    And the public sector
    has not been immune, either.
  • 0:25 - 0:28
    In 2012 to 2014,
  • 0:28 - 0:33
    there was a significant data breach
    at the US Office of Personnel Management.
  • 0:33 - 0:37
    Security clearance
    and fingerprint data was compromised,
  • 0:37 - 0:41
    affecting 22 million employees.
  • 0:42 - 0:46
    And you may have heard of the attempt
    by state-sponsored hackers
  • 0:46 - 0:51
    to use stolen data to influence election
    outcomes in a number of countries.
  • 0:52 - 0:55
    Two recent examples are
    the compromise of a large amount of data
  • 0:55 - 0:59
    from the Bundestag,
    the national Parliament of Germany,
  • 0:59 - 1:03
    and the theft of emails from the US
    Democratic National Committee.
  • 1:05 - 1:09
    The cyber threat is now affecting
    our democratic processes.
  • 1:10 - 1:12
    And it's likely to get worse.
  • 1:12 - 1:16
    As computer technology
    is becoming more powerful,
  • 1:16 - 1:20
    the systems we use to protect our data
    are becoming more vulnerable.
  • 1:21 - 1:25
    Adding to the concern
    is a new type of computing technology,
  • 1:25 - 1:27
    called quantum computing,
  • 1:27 - 1:30
    which leverages microscopic
    properties of nature
  • 1:30 - 1:34
    to deliver unimaginable increases
    in computational power.
  • 1:34 - 1:38
    It's so powerful that it will crack
    many of the encryption systems
  • 1:39 - 1:40
    that we use today.
  • 1:41 - 1:43
    So is the situation hopeless?
  • 1:43 - 1:46
    Should we start packing
    our digital survival gear
  • 1:46 - 1:49
    and prepare for an upcoming
    data apocalypse?
  • 1:50 - 1:52
    I would say, not yet.
  • 1:52 - 1:54
    Quantum computing is still in the labs,
  • 1:54 - 1:58
    and it will take a few years
    until it's put to practical applications.
  • 1:58 - 2:00
    More important,
  • 2:00 - 2:03
    there have been major breakthroughs
    in the field of encryption.
  • 2:03 - 2:06
    For me, this is
    a particularly exciting time
  • 2:07 - 2:09
    in the history of secure communications.
  • 2:10 - 2:11
    About 15 years ago,
  • 2:11 - 2:14
    when I learned of our new-found ability
  • 2:14 - 2:17
    to create quantum effects
    that don't exist in nature,
  • 2:17 - 2:19
    I was excited.
  • 2:19 - 2:22
    The idea of applying
    the fundamental laws of physics
  • 2:22 - 2:24
    to make encryption stronger
  • 2:24 - 2:25
    really intrigued me.
  • 2:26 - 2:32
    Today, a select groups of companies
    and labs around the world, including mine,
  • 2:32 - 2:36
    are maturing this technology
    for practical applications.
  • 2:36 - 2:37
    That's right.
  • 2:37 - 2:41
    We are now preparing
    to fight quantum with quantum.
  • 2:42 - 2:44
    So how does this all work?
  • 2:44 - 2:47
    Well, first, let's take a quick tour
    of the world of encryption.
  • 2:47 - 2:49
    For that, you'll need a briefcase,
  • 2:49 - 2:53
    some important documents that you want
    to send your friend, James Bond,
  • 2:53 - 2:55
    and a lock to keep it all safe.
  • 2:56 - 3:01
    Because the documents are top secret,
    we're going to use an advanced briefcase.
  • 3:01 - 3:03
    It has a special combination lock
  • 3:03 - 3:05
    which, when closed,
  • 3:05 - 3:08
    converts all the text
    in the documents to random numbers.
  • 3:08 - 3:12
    So you put your documents inside,
    close the lock --
  • 3:12 - 3:16
    at which point in time the documents
    get converted to random numbers --
  • 3:16 - 3:18
    and you send the briefcase to James.
  • 3:19 - 3:22
    While it's on its way,
    you call him to give him the code.
  • 3:22 - 3:25
    When he gets the briefcase,
    he enters the code,
  • 3:25 - 3:28
    the documents get unscrambled, and voilà,
  • 3:28 - 3:32
    you've just sent
    an encoded message to James Bond.
  • 3:32 - 3:33
    (Laughter)
  • 3:34 - 3:38
    A fun example, but it does illustrate
    three things important for encryption.
  • 3:39 - 3:42
    The code -- we call this
    an encryption key.
  • 3:42 - 3:44
    You can think of it as a password.
  • 3:44 - 3:49
    The call to James to give him
    the code for the combination lock.
  • 3:49 - 3:51
    We call this key exchange.
  • 3:51 - 3:53
    This is how you ensure
  • 3:53 - 3:57
    you get the encryption key
    securely to the right place.
  • 3:57 - 4:01
    And the lock, which encodes
    and decodes the document.
  • 4:01 - 4:04
    We call this an encryption algorithm.
  • 4:04 - 4:08
    Using the key, it encodes
    the text in the documents
  • 4:09 - 4:10
    to random numbers.
  • 4:10 - 4:13
    A good algorithm will encode in such a way
  • 4:13 - 4:16
    that without the key
    it's very difficult to unscramble.
  • 4:18 - 4:20
    What makes encryption so important
  • 4:20 - 4:23
    is that if someone were to capture
    the briefcase and cut it open
  • 4:23 - 4:27
    without the encryption key
    and the encryption algorithm,
  • 4:27 - 4:29
    they wouldn't be able
    to read the documents.
  • 4:29 - 4:33
    They would look like nothing more
    than a bunch of random numbers.
  • 4:35 - 4:39
    Most security systems rely
    on a secure method for key exchange
  • 4:39 - 4:44
    to communicate the encryption key
    to the right place.
  • 4:45 - 4:48
    However, rapid increases
    in computational power
  • 4:48 - 4:52
    are putting at risk a number
    of the key exchange methods we have today.
  • 4:53 - 4:57
    Consider one of the very
    widely used systems today -- RSA.
  • 4:58 - 5:01
    When it was invented, in 1977,
  • 5:01 - 5:06
    it was estimated that it would take
    40 quadrillion years
  • 5:06 - 5:09
    to break a 426-bit RSA key.
  • 5:10 - 5:14
    In 1994, just 17 years later,
  • 5:14 - 5:16
    the code was broken.
  • 5:17 - 5:20
    As computers have become
    more and more powerful,
  • 5:20 - 5:23
    we've had to use larger and larger codes.
  • 5:23 - 5:29
    Today we routinely use 2048 or 4096 bits.
  • 5:30 - 5:35
    As you can see, code makers and breakers
    are engaged in an ongoing battle
  • 5:35 - 5:37
    to outwit each other.
  • 5:39 - 5:43
    And when quantum computers arrive
    in the next 10 to 15 years,
  • 5:43 - 5:47
    they will even more rapidly
    crack the complex mathematics
  • 5:47 - 5:51
    that underlies many
    of our encryption systems today.
  • 5:51 - 5:56
    Indeed, the quantum computer is likely
    to turn our present security castle
  • 5:56 - 5:59
    into a mere house of cards.
  • 6:01 - 6:04
    We have to find a way
    to defend our castle.
  • 6:05 - 6:08
    There's been a growing
    body of research in recent years
  • 6:08 - 6:11
    looking at using quantum effects
    to make encryption stronger.
  • 6:12 - 6:15
    And there have been
    some exciting breakthroughs.
  • 6:15 - 6:18
    Remember those three things
    important for encryption --
  • 6:18 - 6:23
    high-quality keys, secure key exchange
    and a strong algorithm?
  • 6:24 - 6:26
    Well, advances in science and engineering
  • 6:27 - 6:30
    are putting two of those
    three elements at risk.
  • 6:30 - 6:32
    First of all, those keys.
  • 6:33 - 6:37
    Random numbers are the foundational
    building blocks of encryption keys.
  • 6:37 - 6:40
    But today, they're not truly random.
  • 6:41 - 6:43
    Currently, we construct encryption keys
  • 6:43 - 6:47
    from sequences of random numbers
    generated from software,
  • 6:47 - 6:50
    so-called pseudo-random numbers.
  • 6:51 - 6:54
    Numbers generated by a program
    or a mathematical recipe
  • 6:54 - 6:58
    will have some, perhaps subtle,
    pattern to them.
  • 6:59 - 7:00
    The less random the numbers are,
  • 7:00 - 7:04
    or in scientific terms,
    the less entropy they contain,
  • 7:04 - 7:06
    the easier they are to predict.
  • 7:07 - 7:11
    Recently, several casinos
    have been victims of a creative attack.
  • 7:11 - 7:15
    The output of slot machines
    was recorded over a period of time
  • 7:15 - 7:17
    and then analyzed.
  • 7:17 - 7:19
    This allowed the cyber criminals
  • 7:19 - 7:23
    to reverse engineer
    the pseudo-random number generator
  • 7:23 - 7:25
    behind the spinning wheels.
  • 7:25 - 7:30
    And allowed them, with high accuracy,
    to predict the spins of the wheels,
  • 7:30 - 7:33
    enabling them to make big financial gains.
  • 7:35 - 7:38
    Similar risks apply to encryption keys.
  • 7:39 - 7:44
    So having a true random number generator
    is essential for secure encryption.
  • 7:46 - 7:51
    For years, researchers have been looking
    at building true random number generators.
  • 7:51 - 7:54
    But most designs to date
    are either not random enough,
  • 7:54 - 7:57
    fast enough or aren't easily repeatable.
  • 7:58 - 8:01
    But the quantum world is truly random.
  • 8:02 - 8:07
    So it makes sense to take advantage
    of this intrinsic randomness.
  • 8:08 - 8:10
    Devices that can measure quantum effects
  • 8:10 - 8:14
    can produce an endless stream
    of random numbers at high speed.
  • 8:14 - 8:17
    Foiling all those
    would-be casino criminals.
  • 8:18 - 8:22
    A select group of universities
    and companies around the world
  • 8:22 - 8:26
    are focused on building
    true random number generators.
  • 8:26 - 8:30
    At my company, our quantum
    random number generator
  • 8:30 - 8:33
    started life on a two meter
    by one meter optic table.
  • 8:34 - 8:38
    We were then able to reduce it
    to a server-size box.
  • 8:39 - 8:45
    Today, it's miniaturized into a PCI card
    that plugs into a standard computer.
  • 8:47 - 8:52
    This is the world's fastest
    true random number generator.
  • 8:52 - 8:57
    It measures quantum effects to produce
    a billion random numbers per second.
  • 8:58 - 9:01
    And it's in use today to improve security
  • 9:01 - 9:05
    at cloud providers, banks
    and government agencies
  • 9:05 - 9:06
    around the world.
  • 9:07 - 9:14
    (Applause)
  • 9:15 - 9:18
    But even with a true
    random number generator,
  • 9:18 - 9:21
    we've still got the second
    big cyber threat:
  • 9:21 - 9:24
    the problem of secure key exchange.
  • 9:24 - 9:29
    Current key exchange techniques
    will not stand up to a quantum computer.
  • 9:30 - 9:32
    The quantum solution to this problem
  • 9:32 - 9:36
    is called quantum key distribution or QKD,
  • 9:36 - 9:40
    which leverages a fundamental,
    counterintuitive characteristic
  • 9:40 - 9:42
    of quantum mechanics.
  • 9:42 - 9:47
    The very act of looking
    at a quantum particle changes it.
  • 9:48 - 9:50
    Let me give you an example
    of how this works.
  • 9:51 - 9:56
    Consider again exchanging the code
    for the lock with James Bond.
  • 9:56 - 10:00
    Except this time, instead of a call
    to give James the code,
  • 10:00 - 10:04
    we're going to use quantum effects
    on a laser to carry the code
  • 10:04 - 10:08
    and send it over standard
    optic fiber to James.
  • 10:09 - 10:13
    We assume that Dr. No
    is trying to hack the exchange.
  • 10:15 - 10:20
    Luckily, Dr. No's attempt to intercept
    the quantum keys while in transit
  • 10:20 - 10:23
    will leave fingerprints
    that James and you can detect.
  • 10:24 - 10:28
    This allows those intercepted keys
    to be discarded.
  • 10:28 - 10:30
    The keys which are then retained
  • 10:30 - 10:33
    can be used to provide
    very strong data protection.
  • 10:34 - 10:38
    And because the security is based
    on the fundamental laws of physics,
  • 10:38 - 10:42
    a quantum computer, or indeed
    any future supercomputer
  • 10:42 - 10:44
    will not be able to break it.
  • 10:45 - 10:48
    My team and I are collaborating
    with leading universities
  • 10:48 - 10:49
    and the defense sector
  • 10:49 - 10:51
    to mature this exciting technology
  • 10:52 - 10:55
    into the next generation
    of security products.
  • 10:56 - 11:02
    The internet of things
    is heralding a hyperconnected era
  • 11:02 - 11:08
    with 25 to 30 billion
    connected devices forecast by 2020.
  • 11:09 - 11:14
    For the correct functioning
    of our society in an IoT world,
  • 11:14 - 11:19
    trust in the systems that support
    these connected devices is vital.
  • 11:20 - 11:25
    We're betting that quantum technologies
    will be essential in providing this trust,
  • 11:25 - 11:29
    enabling us to fully benefit
    from the amazing innovations
  • 11:29 - 11:32
    that are going to so enrich our lives.
  • 11:34 - 11:35
    Thank you.
  • 11:35 - 11:40
    (Applause)
Title:
How quantum physics can make encryption stronger
Speaker:
Vikram Sharma
Description:

As quantum computing matures, it's going to bring unimaginable increases in computational power along with it -- and the systems we use to protect our data (and our democratic processes) will become even more vulnerable. But there's still time to plan against the impending data apocalypse, says encryption expert Vikram Sharma. Learn more about how he's fighting quantum with quantum: designing security devices and programs that also use the power of quantum physics to defend against the most sophisticated attacks.
more » « less
Video Language:
English
Team:
closed TED
Project:
TEDTalks
Duration:
11:53

English subtitles

Revisions Compare revisions

Our website uses cookies for analysis purposes.