Before we dive in, please take a look at the glossary regarding the more technical terminology in this article;
Glossary
NIST - National Institute of Standards and Technology (US).
Block cipher – Algorithm that operates on groups with a set bit length, which are called blocks. These are used to encrypt large amounts of data.
Bits - A bit is a unit of data. The smallest unit, to be more precise. This unit can have one of two values; either yes/no, high/low, or like in the binary system, 1 and 0.
Block size - Block size refers to the amount of data that a specific block can store in the block chain. The amount of data on a block depends on the block and its size.
Key size - The key size refers to the number of bits that a cryptographic algorithm (like a cipher) uses in a key.
Quantum mechanics - Quantum mechanics is a fundamental physics theory that describes the physical properties of nature on the scale of subatomic particles and atoms.
AES will be replaced by... Quantum encryption!
Let’s begin with a short history lesson. Where does AES come from? What is it and when did we start using it?
As you may already know, data is secured through the current AES standard. AES is short for Advanced Encryption Standard. Originally, this specification of electronic data encryption was called Rijndael. AES is a variation of the Rijndael Block cipher and was developed by two Belgian cryptographers. They submitted their proposal with NIST during the selection process for AES. Rijndael consists of a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a 128 bits block size, but with three different key lengths: 128, 192 and 256 bits.
The United States government adopted AES to replace the Data Encryption Standard (DES), which was published in 1977.
The algorithm as described by AES is a ‘symmetric key algorithm’, which means that the same key is used for both encryption as well as decryption of the data.
In the United States, the NIST announced AES on November 26, 2001 as U.S. FIPS PUB 197 (FIPS 197). The announcement was followed by a 5-year standardization process, during which 15 competing designs were presented and evaluated. Eventually, the Rijndael cipher was selected as most suitable solution.
AES has been included in the ISO/IEC 18033-3 standard. On May 26, 2002, after it was approved by the U.S. Secretary of Commerce, AES became effective as a U.S. federal government standard. AES is also available in many different encryption packages and is the first (and only) publicly accessible cipher that has been approved by the U.S. National Security Agency (NSA) for secret information when used in an NSA-approved cryptographic module.
The fact that AES uses the symmetric key algorithm, means there is a catch. These cryptographic algorithms are essentially designed in a way that the key cannot be hacked within a reasonable timeframe. This is what brings us to the present and the rise of the quantum computer. The quantum computer is able to process numbers – and therefore hack these keys – many times faster than the common computers we use on a daily basis. For malicious actors who manage to gain access to a quantum computer, that ‘reasonable timeframe’ suddenly becomes a lot more feasible. In that case, the key is basically useless. It would be like leaving your house and leaving the front door wide open… But this will change soon, because AES is about to be replaced by quantum encryption.
Quantum encryption, what is that?
Quantum encryption, also called quantum cryptography, is a security standard for data transfers or electronic communication. The line that uses quantum encryption is impossible to tap into without being detected. When someone does manage to tap in, this security standard is able to choose another safe route within a split second.
In order to encrypt data in a way that it cannot be hacked, quantum cryptography utilizes the principles of quantum mechanics. This may sound simple, but there is actually a lot of complexity in these principles, such as:
- The universe consists of particles that are inherently uncertain and can be at more than one place at the same time, or in more than one state of existence.
- Photons are randomly generated in one of two quantum states.
- A quantum property cannot be measured without disrupting or changing it.
- You may be able to clone a number or quantum properties of a particle, but not the entire particle.
All of these principles play an important role in how quantum cryptography works. They ensure that this form of encryption, as opposed to mathematical encryption, is actually unhackable.
Super safe, but how does quantum encryption work?
Quantum cryptography, or Quantum Key Distribution (QKD), uses a series of photons (light particles) to transfer data from one location to another location through a fibre optic cable. By comparing measurements of the properties of a fraction of these photons, the two endpoints can determine what the key is – and whether it is safe to use it.
A more detailed breakdown makes the process a bit easier to understand:
- The sender sends photons through a filter (or polarizer) that randomly assigns them to one of four possible bit indications and polarizations: Horizontal (zero bit), vertical (one bit), 45 degrees right (one bit) or 45 degrees left (zero bit).
- The photons travel to a recipient. This recipient uses two beam splitters (horizontal/vertical and diagonal) to read out the polarization of each photon. The recipient does not know which beam splitter to use for each photon, which means they have to guess.
- After the stream of photons has been send, the recipient tells the sender which beam splitter was used for each of the photons, in the order in which they were send. The sender compares this information with the series of polarizers that were used to send the key. Photons that were read with the wrong beam splitter will be discarded, and the remaining series of bits will become the key.
An example
Let’s say our CEO Benjamin wants to send a secret file to his assistant Hanna. The file cannot be intercepted during the transfer. By using QKD, Benjamin sends Hanna a series of polarized photons through a fibre optic cable. It is not necessary to secure the cable, because the photons have a randomized quantum state.
When an eavesdropper – let’s call him Peter – attempts to listen in to this ‘conversation’ between Benjamin and Hanna, he will have to read out every photon in order to get to the content. Subsequently, those photons have to be disclosed to Hanna. Because Peter has read the photons, the quantum state of the photons has changed, resulting in error notifications in the quantum key. This alerts Benjamin and Hanna that someone is trying to listen in and that the key has been compromised, so they should no longer use that key. Benjamin needs to send Hanna a new key that has not been compromised. With that new key, Hanna will be able to read the file.
The solution we need now for tomorrow
With the development of quantum computers, the urgency to use unhackable encryption rapidly increases. These computers pose a great risk to the integrity of encrypted data. Fortunately, quantum cryptography through QKD, fully based on the complex principles of quantum mechanics, is the solution we need to protect our data in the future.