Encrypted email using public private key pairs as in PGP is not entirely secure. It is claimed that government organisations are able to crack it and there is always the danger of private keys falling into the hands of hackers. If a unique key could be generated every time a message was sent, and that key could be exchanged between sender and recipient without any danger of interception, then the message could be entirely secure. That is the principal behind quantum cryptography.
The principles of quantum encryption have been with us for some time, and new approaches are frequently appearing in scientific publications. One of the latest iterations on this subject was published by a research team from Toronto University who have claimed that their approach is entirely secure and indecipherable. This is how it works.
The essence of quantum cryptography lies in the ability to securely distribute a quantum key between two parties (quantum key distribution) which cannot be detected by an eavesdropper. The bits of the key are encoded as quantum data.
When quantum cryptography was invented it was considered to be an entirely foolproof way to of preventing hacking and encrypting email. This is because if anyone eavesdropped on the message the quantum entanglement would collapse and this would be apparent to the legitimate sender and recipient. That means that the encryption key can be transmitted entirely securely between two users.
However there is a fundamental flaw in this reasoning. The key is transmitted using photons which are received by photon detectors, and it is conceivable that these signals could be intercepted and manipulated by a hacker.
This kind of hacking is called a side-channel attack, and it has been acknowledged by the inventor of quantum cryptography, Dr. Charles Bennett of IBM. When a side-channel attack is launched, the photon detectors are subverted by light signals, so they detect only the photons that the hacker wants the recipient to see.
In the latest approach a solution to this problem has been identified. This is known as "Measurement Device Independent QKD". Although the hacker can operate the photon detectors and send the measurement results, all the recipient need do to detect this is to compare their own data. The key is the detection of small changes that happen during quantum data manipulation.
Sender and recipient send their signals to another photon detector that might be controlled by the hacker; that carries out a joint measurement which provides another data point, and that is adequate to ensure the security of the photon detectors. So far some experiments have supported the theory and a prototype system is being produced which should be ready in the next five years.
This is a guest post by Adam a new Londoner, who has interests in recruitment, all things techy, a passion for travel and a love of fashion. He blogs about recruitment, travel and IT/technology as well as latest trends in mens and womens fashion. If you want Adam to write you specific content, feel free to message me on Twitter (@NewburyNewbie).