Researchers have published a technique for encryption that promises to go beyond perfect secrecy to encryption that is unbreakable, even if quantum computing is brought into the picture. The technique, which takes advantage of chaos and the second law of thermodynamics mixed with the speed of optical chips, doesn’t require quantum power to achieve quantum-proof results. Less-powerful or traditional-architecture devices could therefore, theoretically protect their secure communications from attacks launched by quantum computers.
A. Di Falco, V. Mazzone, A. Cruz, and A. Fratalocchi, the inventors of the technique and authors of a paper in Nature describing their findings, use correlated chaotic wavelengths as the basis of both the encryption key and the technique for not transmitting it between the two participants in the communication.
In the context of encryption, “perfect secrecy” is a description of a scheme, not a qualitative judgment. Invented back when the telegraph was the fastest form of communication, The Vernam cipher encrypts a message with a key that has three qualities:
- The key is as long as the message encrypted
- The key is never reused in whole or in part
- The key is kept secret.
Claude Shannon proved mathematically that a properly implemented Vernam cipher is, in fact, unbreakable. So why aren’t we all using this “perfect” method?
The Vernam cipher isn’t widely used because the key, of whatever length, still has to be shared. And anything that must be transmitted can be captured and used. That is the vulnerability addressed in the new technique.
So how do the two ends of an encrypted communication come up with the same key if one doesn’t create the key and share it with the other? Here’s where it gets a bit complicated (OK, the math is a lot complicated), but Cruz and Quelita Moreno of CUP Sciences walked Dark Reading through the process several times.
The sender and receiver of the encrypted message will communicate frequently, each time communicating a light pulse that will be unique in amplitude, frequency, and a variety of other qualities. Now, the pulses sent between the systems are never the same; in fact, physics tells us that, with randomization of the start conditions for the pulse, it would be impossible for them to be the same. Those differences are critical for the scheme to work.
The optical chips within the receiving and sending devices build a difference matrix that records the qualities of these light pulses. Those difference matrices will be essentially the same on each end of the transaction, and will be the basis for an encryption key of an arbitrary length. Even if someone could intercept the pulses used to fill the difference matrices, their system would not contain all the starting conditions used to seed the matrix, so illicit decryption would be impossible.
Since the key is based on the difference in randomly generated light pulses, the second requirement for perfect secrecy is met. And because the key is never transmitted between the two ends of the conversation, the third quality required for perfect secrecy is satisfied.
From theory to practice
The researchers who developed the technique present mathematical proof that the encryption is resistant to both time-domain and spectral attacks. More attack resistance comes in the physical implementation of the encryption chip which turns a fingerprint into a random number seed through a process involving, among many other things, reflective nanodisks, chaotic billiards, and a fully chaotic fingerprint resonator.
Researchers are engaging in exercises such as this because of the certainty among many in the cryptography community that the advent of widely available quantum computing marks the end of all currently useful encryption. At this time, the researchers who developed this technique are in the early stages of working with chip manufacturers to bring the chip to production and distribution.
Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives.
Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and … View Full Bio