I was reading last week a children’s book about “Secret codes”. You probably know the kind of thing I’m talking about – substituting one letter for another, or a squiggly shape for a letter, rearranging letters, and so on. Fun things to do, but not the basis of modern cryptography.
However, the book didn’t just stop at these codes, but went on to talk about some of the modern principles of cryptography, trying its best to keep it understandable to (say) a ten year-old. For example, there’s the box with two padlocks. How do I send a secret message to my friend, keeping it secure? I can lock it in a box – that will keep it secure, but then I have the problem of how I send a copy of the key to the box to my friend. The key could get intercepted on the way. The villain interceptor then might make a copy of the key, forward the original on to my friend, and then quietly decode every message we send between ourselves without us ever knowing.
Well – here’s a way around it. I write the message, put it in a box, and padlock the box. I have the only key for the padlock, and it stays with me. I send the padlocked box to my friend. She can’t open it of course – she doesn’t have the key. Instead, she attaches her own padlock on it, to which she has (and keeps) the only key. The box now has two padlocks, and she sends it back to me. I undo my padlock, and then send the box back to her. She undoes her padlock and opens the box. Secure. There are mathematical versions of this technique.
The technique used commonly for sending credit card details is more complicated, and works on a different principle – a code that is easy to encode, but one that is brutally difficult to decode, unless one has the secret key. It’s a bit like this, though not exactly. I want to send a message to my friend. I ask her to send me an open padlock (one that she has the only key for). She sends that to me. If that’s intercepted, who cares?, all the villain has is a padlock and no key. The open padlock comes to me, and I snap it shut on my message in the box. Note that I don’t have a key for unlocking it. I don’t need one. When the padlock snaps closed, it locks itself. The open padlock allows me to make a message secure, but doesn’t allow me to decode that message by opening the lock. You need the key for that. I send the padlocked box back to my friend who then opens it with the key. The key stays with my friend, so can’t be intercepted enroute. Mathematical versions of this encryption are considered uncrackable in a reasonable time period – while, fundamentally, one could eventually crack them – the time taken to do so would be impractically long.
Now, this is all fine for now. but quantum computing is lurking on the distant horizon. This has the potential to radically alter mathematical computation, by, in broad terms, being able to do lots of calculations all at once. I’m yet to find a reasonably understandable video on quantum computing – they tend to lapse into jargon and geekspeak very quickly – but this one isn’t so bad, if you’re prepared to do a lot of pausing:
So, how can we keep a message secure from a quantum computer?
With quantum cryptography of course! Here’s PhysicsGirl talking about the idea, with lots of jelly beans and biscuits. You might want to slow her down a bit too.
The idea here is rather different. Being a quantum idea, it’s rather hard to describe in conventional physics terms. Here’s one analogy: Imagine I want again to transmit a message to my friend by locking it in a box with a padlock. This time I’m going to send her a copy of the key ahead of time but imagine the copy I send her is a squishy one. If it’s intercepted and put into a key-cutting machine, it gets squished into something different. The end result is two keys (one with my friend and the copy with the eavesdropper) that don’t work. When my friend receives her key she reports to me that she has it, and I send the padlocked box. The message is safe, because any key that an eavesdropper has won’t work. We also know if there’s been an eavesdropper, because if there has my friend will have a key that doesn’t work. In fact, we can do better and know the key has been compromised before the message even gets sent. By describing certain aspects of the key she receives (but not the details) back to me I can compare it with my original and see whether her description aligns with mine. If it isn’t, we know we’ve been hacked.
What we have then, is a code which we know is secure. If it’s been hacked, we know about it ahead of time, so don’t send the original.
The quantum world just isn’t like the classical world. One can do things that are just not possible with classical physics. That makes it perplexing but also exciting.