By Remon Berrevoets

The future of encryption

Encryption is all around us; from sending a WhatsApp message to securing digital bank transactions. Digital encryption is a way of making messages unrecognizable by scrambling them using a digital key, a list of zeros and ones. The scrambled message can only be decoded and read with the right key, thereby safeguarding the information when it is sent between locations. For an adversary to try and break the encryption, they will have to intercept the used key. A crucial step during encryption is therefore the distribution of such secret keys between the parties who wish to communicate safely.

Currently, digital keys are distributed using mathematical algorithms like RSA. For an adversary to intercept the digital key, they will need to solve difficult calculations that require immense computing power. Current computers would take over a million years to solve such equations, which is the key assumption behind the security of this method. However, the advent of the quantum computer threatens to solve these equations a lot faster. Although the current quantum computers are not yet mature enough for this task, the possibility exists to tap and store messages now, and decrypt them later when the quantum computing technology is ready. This means we need a new way of digital key generation and distribution to protect our data, independently of an algorithm.

Measurement-Device Independent Quantum Key Distribution

To counter the threat of a quantum computer to our current cryptography methods, we must fight fire with fire. Or better phrased: we must fight quantum with quantum. A technology called Quantum Key Distribution (QKD) uses quantum mechanical phenomena to securely distribute a digital key between two parties. QKD utilizes quantum information bits, known as qubits. Such qubits are fundamentally different from classical bits. Whereas classical bits can have a value of 0 or 1, qubits can be in any combination of 0 and 1 at the same time. We quantum folks like to refer to this phenomenon as superposition. The peculiar thing about superposition is that when one tries to measure the qubit, the outcome will again be 0 or 1. Thus, the measurement collapses the qubit, effectively changing its state.

Measurement-Device Independent QKD (MDI-QKD), shown in figure 1, is one of the implementations of key distribution using quantum mechanics. In this protocol, two sending parties, Alice and Bob, want to share a secret key. To achieve this, they send information in the form of qubits to a central hub, Charlie. At Charlie, Alice and Bob’s qubits interfere on a beam splitter, after which these qubits can entangle. Entanglement is a quantum mechanical phenomenon in which two qubits cannot be described separately from each other. This results in correlated measurement outcomes of the qubits.

Next in the MDI-QKD protocol, Charlie performs what is called a Bell State Measurement. This is a measurement that projects the two qubits of Alice and Bob onto an entangled state. However, this entangled state can only occur if Alice and Bob sent qubits with exactly opposite values. A successful Bell State Measurement therefore contains valuable information for Alice and Bob: without explicitly communicating the qubit’s value they themselves sent, Alice and Bob are still able to determine the qubit’s value that the other party has sent. The only information they need is the value of the qubit they themselves have sent and the information of the Bell State Measurement. With this knowledge, Alice and Bob can use their qubit information to create a bit for the key. They repeat this procedure many times until they have created a full length key, which can then be used in classical encryption methods to encrypt and transmit data over a network.

The qubits that Alice and Bob create are random. Since the final key consists of this qubit information, the final key itself is also random. They distribute the key independently of an algorithm, making them inherently protected from the computation power of a (quantum) computer.

Figure 1: Graphical representation of the MDI-QKD protocol without (a) and with (b) an eavesdropper. a) Step 1: The two locations (Alice and Bob) send a qubit with a particular value to a central hub (Charlie). Step 2: the qubits from Alice and Bob are combined at Charlie on a beam-splitter, where entanglement can take place, which can be measured by a Bell State Measurement. Step 3: When the Bell State Measurement is successful, Charlie sends this information back to Alice and Bob, who store this information. Step 4: Alice and Bob repeat steps 1-3 many times, until they have a large collection of Bell State Measurements. Subsequently they use a part of their results to check whether or not there were too many faulty measurements, and if their key is thus safe to use. b) The same protocol as in a), but with the presence of an eavesdropper, Eve. The eavesdropper taps Alice’s qubit, thereby collapsing the state and effectively changing its value. The qubits from Bob now entangle with the qubits from Eve, instead of with the original qubit from Alice. This causes faulty Bell State Measurements, which Alice and Bob can detect in step 4 of the protocol. In this example, the key will not be used. Image Eve: Valentine Cameron Prinsep, Photo: Charlie Chaplin: P.D Jankens, Photo Alice Cooper: Hunter Desportes, Photo Bob Dylan: Svenska Dagbladet via IMS Vintage Photos.

A Secure Key

The question arises: what exactly makes this key secure against eavesdroppers? The security is based on two important properties of quantum mechanics: the no-cloning theorem and the collapse of the qubit’s wavefunction. The no-cloning theorem states that it is impossible to copy an unknown qubit. If an eavesdropper wants to learn something about the qubit’s value, they must make a measurement on the original qubit. This measurement causes the qubit’s wavefunction to collapse, effectively changing its value. The qubit’s value is crucial to the creation of entanglement at the central node, so if an eavesdropper measures the qubit in transition, it can have major impact on entanglement. As a result, the eavesdropper can cause “successful” Bell State Measurements where it should not have been and vice versa. When Alice and Bob notice too many faulty Bell State Measurements, they abort the protocol and do not make use of the key: there might have been an eavesdropper after all! By only using secure keys, Alice and Bob ensure that all data transfer between locations is secured.

Real-world Demonstrations

Our quantum cryptography team demonstrated the MDI-QKD protocol in July 2021. In this deployment, Alice and Bob were located in Delft and Den Haag, respectively. They generated the qubits and sent them to the central hub Charlie in Rijswijk. In this deployment, we specifically demonstrated that qubits can co-exist with classical internet data. This is a non-trivial task, given the large intensity difference between the qubits and internet signals, and the intolerance of the qubits to external noise. By using different wavelengths for the classical channels and the qubits, we managed to send 3 signals over the same optical fiber: our qubits, a 100Mb/s internet signal and a 10 Gb/s internet signal. The generated key was used to encrypt all the data going over the 10Gb/s channel. To demonstrate an application, we encrypted a video stream between Delft and Den Haag. This deployed quantum network, where qubits co-exist with classical signals and are integrated with classical network equipment, shows that our technology is ready for practical applications; an important step toward the secure quantum network of the future.

The next steps

Now that we have demonstrated the first deployment and demonstrated its technological readiness, we want to showcase as many applications as possible in relevant environments. One of our current projects is the launch of the testbed with our partners Eurofiber and Juniper. The nodes are spread across data centers in the Utrecht area, and we are currently exploring the options of possible use cases. The goal is to bridge the gap between the technology and potential future customers.

To further shape the commercialization of MDI-QKD, the activities of QuTech’s Quantum Cryptography Lab will soon be transferred to the fresh new start-up Q*Bird, spinning out from TU Delft. Q*Bird already has an interesting project lined up where we are going to install a multi-node MDI-QKD network inside the Port of Rotterdam! Stay tuned for updates!

Remon studied Applied Physics at TU Delft, and persued a career as Optical Engineer in the Quantum Cryptography Lab afterwards. Currently, he is the Co-Founder of Q*Bird, a company commercializing the technology developed in the Quantum Crypto lab.

This post is a translation and adaptation of this article that got published in het ‘Nederlands tijdschrift voor Natuurkunde’. Credits to Willeke for editing the original article.