Rarely a day goes by without a major revelation concerning a major data breach. Companies in telecommunications, hospitality and airlines, grocery, media and, perhaps most worryingly, the finance sector have reported major data breaches. Some have been fined millions of pounds for their lack of foresight over the emerging threat. And this is simply those that admit to their failings.
The issue of securing private information is crucial. Encrypting that data is an obvious approach. Advanced encryption algorithms – such as those whose decryption keys are based on combinations of two random prime numbers – are very difficult to break given current computing architectures.
Brute-force attacks, where thousands of combinations of prime numbers are used to break the code, are thought impossible against advanced encryption. Unless hackers have some kind of entry point into the system — like a backdoor — today’s computers lack sufficient processing power to decrypt advanced encryption.
Quantum computing, however, could instantly decrypt all such secured information. This new computing architecture provides an ability to speed up the calculations involved in deciphering encrypted data.
The technology is a marriage of quantum mechanics and information theory. Those working in this field are exploiting scientific knowledge at the frontiers of our understanding of the universe and how it works. Using the superposition principle, behavior exhibited by subatomic particles allows so-called quantum bits – or qubits – that can store two distinct values simultaneously; two qubits can hold four values at any given time. In contrast, contemporary computers are based on the simple binary system, where each bit can only store one value at a time. This allows quantum computers to process information far more quickly.
As the number of qubits on a quantum computer rises, the computer becomes exponentially more powerful. The implications of this technology are profound for those trying to secure data.
Current quantum devices in development have problems with ‘coherence time’ – the time over which data can be stored in such devices – which has led to errors in calculations. However, advances in superconducting circuits – where new materials with specific properties are operated at extremely low temperatures – are leading to breakthroughs. These in turn have led to the development of ‘Schoelkopf’s Law’ (named after a leading researcher in the field), which suggests coherence times can be improved by an order of magnitude every three years.
If this holds, scientists working in the field suggest that a quantum computer could approach solving the problem of a maze by exploring all routes in parallel, rather than sequentially. This would significantly speed up processing times, and place data stores encrypted by combinations of prime numbers at risk – along with all other forms of encryption, from the end-to-end encryption used by secure messaging services, to the encryption that protects financial transactions.
There may, however, be a light at the end of that tunnel: quantum encryption.
As a demonstration of its burgeoning technological prowess, China launched the Micius satellite in August 2016. Named after an ancient Chinese philosopher and scientist, it is part of a demonstration program called Quantum Experiments at Space Scale (QUESS) that involves the University of Vienna and the Austrian Academy of Sciences.
The mission has deployed first-generation quantum encryption technologies that the organizations involved say is “totally safe” against eavesdropping.
At the heart of it lies a novel mechanism that exploits the physics of interferometry, a class of techniques that combine waves so that their specific combination relays the original state of the waves. In the quantum encryption employed on the Micius mission, multiple decryption keys are generated on the satellite, with different keys distributed to the ground stations at each end of a transmission. These keys allow messages to be encrypted and decrypted. Should anyone try and eavesdrop on the transmission, they fundamentally alter the underlying physics in a way that is detectable.
If this technology can be deployed to secure satellite communications systems, it is not a major step for variations of this capability to be used in some way to protect databases that contain personal data from even advances in quantum computing.
Little wonder then that it is time for privacy professionals to sit up and pay attention. The rate at which advances are occurring in this field suggest that in five years quantum computing technology could be routinely available – at which point, sufficient protection for our data will need to be quantum-made.