Quantum Key Distribution (QKD) is a method of secure communication that uses quantum mechanics to encrypt information. Although the security of QKD is in principle unbreakable, if implemented incorrectly, attackers could steal important information. These are known as side-channel attacks, in which the attackers exploit weak points in the structure of the information system in order to eavesdrop on the exchange of secret keys.
Researchers at the National University of Singapore (NUS) have developed two methods, one theoretical and one experimental, to ensure that QKD communication cannot be attacked in this way. The first is an ultra-secure cryptography protocol that can be used on any communications network that requires long-term security. The second is a unique device that defends QKD systems against bright light pulse attacks by creating a power threshold.
“The rapid advances in quantum computing and algorithmic research mean that we can no longer take today’s toughest security software for granted. Our two new approaches promise to ensure that the information systems we use for banking, healthcare, and other critical infrastructure and data storage can withstand possible future attacks, ”said Assistant Professor Charles Lim of the NUS Department of Electrical and Computer Engineering and Center for Quantum Technologies, who led the two research projects.
Future-proof quantum communication protocol
Typically two measurement settings are used in QKD – one to generate the key and the other to test the integrity of the channel. In an article published in the magazine Nature communication May 2021, the NUS team showed that with their new protocol, users can independently test the other party’s encryption device by generating a secret key from two randomly chosen key generation settings instead of just one. The researchers showed that introducing an additional set of key-generating measurements for users made it difficult for the eavesdropper to steal information.
“It’s a simple variation on the original protocol that started this field, but it can only be tackled now thanks to significant developments in mathematical tools,” said Professor Valerio Scarani, one of the inventors of this type of method and co-author of the Paper. He is from the NUS Department of Physics and Center for Quantum Technologies.
Compared to the original “device-independent” QKD protocol, the new protocol is easier to set up and more tolerant of noise and losses. It also offers users the highest level of security possible through quantum communication and allows them to independently verify their own key generation devices.
With the establishment of the team, all information systems created with “device-independent” QKD would be free of misconfigurations and incorrect implementations. “Our method enables data to be safe from attackers, even if they have unlimited quantum computing power. This approach could lead to a truly secure information system that eliminates all side channel attacks and allows end users to easily and reliably monitor implementation security, ”explained Asst Prof. Lim.
A unique quantum power limiter of its kind
In practice, quantum cryptography uses optical pulses with very low light intensity to exchange data via untrustworthy networks. The use of quantum effects can securely distribute secret keys, generate real random numbers and even generate banknotes that are mathematically forgery-proof.
However, experiments have shown that it is possible to inject bright pulses of light into the quantum cryptosystem in order to break its security. This side-channel attack strategy uses the way in which incident bright light is reflected to the outside environment in order to reveal the secrets of the quantum cryptosystem.
In a new paper published in PRX quantum On July 7, 2021, NUS researchers reported their development of the first optical device that addresses this issue. It is based on thermo-optical defocusing effects to limit the energy of the incident light. The researchers use the fact that the energy of the bright light changes the refractive index of the transparent plastic material embedded in the device, i.e. it sends a fraction of the light out of the quantum channel. This enforces a power limit threshold.
The NUS team’s power limiter can be seen as the optical equivalent of an electrical fuse, but it is reversible and does not burn if the energy threshold is exceeded. It is very inexpensive and can be easily made with standard components. It also does not require electricity, so it can be easily added to any quantum cryptography system for greater implementation security.
Asst Prof. Lim added: “It is imperative to close the gap between theory and practice of quantum secure communication if we are to use it for the future quantum internet. We do this holistically – on the one hand, we’re designing more practical quantum protocols, and on the other, we’re developing quantum devices that closely match the mathematical models that the protocols adopt. We can thus significantly reduce the gap. ”