A – A quantum computer won’t break everything that’s out there now, but it’ll break some of the key tools that we’re using today, and these aren’t obscure tools; these are ubiquitously deployed around the world.

But back to your question, what is quantum cryptography? There’s this whole aspect of re-evaluating computationally secure cryptography in the quantum paradigm, where you have quantum computers, and one needs to prepare for this, because we don’t know when we’re going to have one.

The other thing is, quantum information offers a host of new cryptographic tools. It redefines which computational tools are secure or not, but then it gives you a new tool chest as well. It gives a new tool chest both to the cryptanalyst (code breaker) but also to the cryptographer (code maker).

With quantum systems, we have the Heisenberg Uncertainty Principle – if you try to extract information from a quantum system, you have to disturb it. What that means is, you have eavesdropper detectability.

So, I take a quantum system and prepare it in a state I know, and I send it to you, and if an eavesdropper tries to look at it to learn about it, they have to disturb it.

So then you get it, and you do a few measurements and tell me what you’ve got, and I say ‘that’s right,’ and we can determine, with exquisite precision, how much it’s been disturbed.

At a high level, that’s really how quantum key establishment works: We somehow exchange quantum states; we talk about them to see if there’s been any disturbance; if the disturbance is small enough, we distil out the knowledge the eavesdropper could have had, and now we share common, random data.

Now you’ve established a key, and with this key you can meet all sorts of important cryptographic objectives.

Q – Can you describe a real-world situation where that would be really valuable?

A – There are many different layers of IT infrastructure where cryptography is used. Your service provider could be encrypting your data, and it exists at the user level as well.

Currently, there’s a company in Switzerland that sells devices to do this kind of key establishment. These are first-generation products, so they’re big and they cost a few tens of thousands of dollars. It’s not ridiculously expensive, but it’s not something you can put on a BlackBerry today.

The tough thing about crypto is, your customers generally don’t want anyone to know that they’re your customers. So, they have confirmed that they do have banks amongst their customers, and they have government clients to which they sell these quantum devices, and/or they sell devices that do the current classical cryptography protocols, but are quantum-compatible, where at any point in the future they just plug in the quantum-key distribution, or QKD as it is normally called.

One of the current applications is called the link encryptor. You have a link between two branches of a company, or from a company to a backup centre a few kilometres away, and you can encrypt that link with QKD and know that if somebody’s eavesdropping on it, they’re not going to be able to get any information out of it.

That’s one of the niche applications, and it’s niche because of a lack of economies of scale. Once this technology is developed and more mature and cheaper and faster and so on, and smaller, then we can talk about handheld devices.

And people have been looking at the possibility of doing it with handheld devices. In these resource-constrained environments, efficiency of the codes is critical.

Elliptic-curve cryptography (ECC) replaced RSA (the widely-used mode of key encryption) in many of these constrained environments, because it’s efficient, and there are situations where RSA is not practical. That’s why ECC is ubiquitous on the BlackBerry, because it allows for efficiency.

In the short term, QKD is not going to be efficient or practical enough for a lot of these applications, but in future generations it should be, and there’s no reason it can’t be.

Quantum key distribution is short term; we can implement it, essentially, with current technologies. There are others, like quantum money, digital signatures and so on, which will require technologies that we don’t have in the short or medium term, but in the distant future we might have those.

But then, we’re studying what else we can do in the short term.

Quantum random number generation is another great tool. We need random numbers for all sorts of cryptographic and other purposes. The gaming industry, they need good random number generators, and quantum mechanics is potentially the only real source of randomness.

We can build these quantum random number generators, and they are for sale, but we can improve them and make them even more robust. I would call that a quantum-crypto technology, a very basic one.

We study the full host of things, from what we can do today to what we can do someday when we have quantum computers.

The nice thing about QKD is we have the first generation of these products.

Ultimately, the users don’t care if the technology is quantum or classical. What they do care about is whether it is secure against quantum technologies, because they’re coming and we want to be safe in that environment.

Q –Why is the shift to quantum cryptography important right now?

continue reading…