The Northwestern technique uses a form of "secret key" cryptography. In this scenario, the two people communicating with each other -- say Alice and Bob -- use the same secret key. Alice sends Bob the key with which he can decipher the message. This differs from the "public key" encryption system in which typically, both Alice and Bob will have a private key which they keep secret, and a public key which they publish. An encrypted message sent by Alice to Bob using the public key can be decrypted by the private key, and vice versa. Applying the Northwestern method to encode her message, Alice would use the key to manipulate light, creating a pattern more complex than the traditional way of transmitting data in terms of zeros and ones. Different combinations and strings of zeros and ones are used to represent information. The Northwestern technique takes advantage of the granularity of light, known as quantum noise, which is revealed only through the secret key's pattern. One method the team used to change the light's granularity was randomly polarising the light. To Eve, the eavesdropper, who does not have the key, the data is indecipherable because the lifted message emits too much fuzz. Bob, however, who has the secret key, can get the pattern and can receive the signal with much less disturbance. This allows him to decipher Alice's message. "I would think that a logical next step will be to show that this method really works with existing fibre networks," said Lijun Wang, a research scientist at NEC Laboratories. "Also, perhaps they will find a better way to communicate than using polarisation of light, which can be prone to unwanted fluctuations in the field." Once the kinks have been removed from the Northwestern method, as well as from quantum cryptography in general, proponents of the technology say that financial institutions and the military and intelligence communities are likely to be the first to replace their current encryption technologies, which are based on mathematical algorithms. Today, mathematical encryption that rely on schemes such as the RSA algorithm are considered secure because cracking the keys used to encrypt data is likely to take many years. The RSA algorithm is the most widely used Internet communications encryption program. The larger the prime numbers used to make keys, the longer it would take to crack the encryption. It relies on the assumption that when prime numbers -- those divisible only by themselves and the number one -- are very long, they are extremely difficult to generate and determine. "At this time, public-key encryption is not necessarily bad as far as the public is concerned," Kwiat said. "You just don't want to trust your most valuable secrets to it." Some critics maintain that the firepower of quantum cryptography is far greater than is needed for most businesses. "The fact is that the effort to break (mathematical) ciphers is exponential in the key size, as long as there's not a fundamental flaw in the cipher," said Nicko van Someren, chief technology officer at encryption company nCipher. "The encryption algorithms we have at this moment are good enough for the job and will be good enough for the job in the foreseeable future." Advances in computing power
There is a threat looming on the horizon, however, from distributed computing and quantum computing, that could undermine the security of traditional algorithm-based encryption. Distributed computing involves spreading computing tasks across hundreds of thousands of computers -- on the Internet or in private networks -- that would otherwise be sitting idle. This technique has been used to overcome several mathematical challenges. One group last year found the largest prime number, while another group deciphered a message encoded with RSA Security's RC5-64 encryption algorithm. "There is a continuous war between code makers and code breakers -- people making better algorithms, people breaking those algorithms," said Alexei Trifonov, a research scientist at Magiq. "What is good about quantum cryptography is that it can cut off this vicious circle." Another fear is that data that has been encrypted with the most impenetrable algorithms in existence today could be stolen and stored untouched for several generations. In years ahead, as computers become more powerful -- perhaps through the advent of quantum computing, which can carry out multiple calculations simultaneously -- these systems might crack the stashed-away code. "As computing power and data traffic grow, and information speeds get faster, cryptography is having a hard time keeping up," said Northwestern's professor Kumar. "New cryptographic methods are needed to continue ensuring that the privacy and safety of each person's information is secure." A recipe for building a nuclear bomb, for instance, would have to be kept secure and encrypted, regardless of the years that pass. Kumar said that his team at Northwestern is working with two partners, Telcordia Technologies and BBN Technologies, to try to put the technology to commercial use. The university has filed a number of patents based on the research. "One of the next steps is to show that our schemes can pass through optical amplifiers," Kumar said. This would amplify the stream of photons, letting them travel a greater distance undisturbed. If successful, quantum cryptography would be able to move beyond the constraints of a dedicated fibre-optic line between two points and extend out to wider networks like the Internet. "We're also working toward speeds of 2.5gbps," Kumar said. "That's the rate at which regular information is currently transmitted over the Internet's fibre-optic network." The quantum cryptography research at Northwestern is funded by the US government's Defence Advanced Research Projects Agency.
For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.
Have your say instantly, and see what others have said. Go to the Security forum.
Let the editors know what you think in the Mailroom.
