China’s Quantum Cryptography: Tales from (Quantum) Crypt

Advertisement

China Quantum CryptographyThe dream of hack-proof communication just got a little closer to reality. On August 16, 2016, China launched the world’s first “quantum satellite,” a project the Chinese government hopes will enable it to build a communication system incapable of being hacked. Such a system, if perfected, would allow for encrypted communications between any two devices with absolute certainty that the encryption could not be broken, and with a built-in mechanism for alerting the sender/receiver if someone tried.If you are interested in truly understanding the mechanics of quantum cryptography, I would highly recommend the article “How Quantum Cryptography Works.” For the purpose of this post, a very basic explanation is as follows:

In order to encrypt a two way communication, the sending party (who we will call “Alice”) typically encodes a message using a key and sends the message to the receiving party (who we will call “Bob”), who then decrypts the message using the same key. Since modern technology makes it possible to engineer almost unbreakable keys, the best way for an eavesdropper (who we will call “Eve”) to access the message is to find the key itself, which is vulnerable because it also needs to be communicated between Alice and Bob, but can’t itself be encrypted, or else Bob won’t be able to use it.

Advertisement

Quantum cryptography would allow Bob and Alice to use a new key for every message AND guarantee that if Eve tries to intercept the key, they will know. Quantum entanglement is a physical phenomenon that can cause certain particles to become “entangled” such that a change in one will elicit a predictable change in the other, no matter how far apart the entangled particles are, and without any measurable (by current scientific standards) communication between them. If Alice and Bob share entangled particles, Alice can transmit the information for a new key to Bob for every communication by altering the directional spin of her particles, which in turn will alter the spin of Bob’s particles. A complicated process of measuring particle spin and cross-checking information between Alice and Bob (more fully explained in the article linked to above) is then used to generate the key.

Since so far as science is currently aware there is nothing “communicated” between the entangled particles, there is nothing for Eve to intercept unless she can actually access Bob’s particles. Meanwhile, Heisenberg’s uncertainty principle states that anytime the spin of one of these particles is measured, the very act of measuring it changes the spin of that particle. This means that if Eve does manage to physically access Bob’s entangled particles and measures them to try and get Alice’s key before passing the particles back to Bob, Bob will know the particles were intercepted because the key he thinks he got from Alice won’t work to unlock Alice’s message after he and Alice cross-check their information, since Eve’s measuring of Bob’s particles caused the spin of those particles to change. Furthermore, since Eve is not able to cross-check her information with Alice, even if she is able to listen to Bob and Alice cross-checking their information, Eve will not be able to use her information to formulate the correct key to decode Alice’s message.

Advertisement

The ability to send completely secure messages between any two points has myriad applications for data security. From a commercial standpoint, it could mean the ability for enterprises to remote access data without fear of interception. It could also mean an increase in the security of customer information (especially information that is legally required to be protected, such as personally identifiable information) and a corresponding decrease in the risk of a security breach that might result in damage to a company’s brand, increased compliance costs, or potential litigation awards and expenses. For consumers, it could mean the ability to communicate private information securely in an age where so many online transactions require the sending of sensitive information over the internet.

Advertisement

More troubling (or liberating, depending on your point of view) are the challenges quantum cryptography poses for law enforcement and national security. Agencies such as the CIA, FBI, and NSA currently depend on access to third party data networks, such as e-mail clients and telecommunication companies, for a large part of their data collection and monitoring activities. Under the “third-party doctrine” when Alice sends a message to Bob, if a copy of that message is kept by the medium they use to communicate (e.g. by Alice’s e-mail client), a government agency can request a copy of that information directly from Alice’s e-mail client without needing to get a warrant, and without telling Alice or Bob about the request. Quantum cryptography could allow Alice to send an encrypted message to Bob such that, even if a government agency gets a copy of the message itself from Alice’s e-mail client, they will not be able to decrypt it without help from either Alice or Bob.

Quantum cryptography still has a long way to go before it lives up to its promise, and there will almost certainly be bumps along the way. Yet, if the Chinese satellite launch does kick start the quantum cryptography revolution, commercial enterprises, consumers, governments, hackers, and lawyers alike will need to find ways to respond to the new challenges it creates.

ARTICLE BY Adam Waks of Proskauer Rose LLP
© 2016 Proskauer Rose LLP.

Published by

National Law Forum

A group of in-house attorneys developed the National Law Review on-line edition to create an easy to use resource to capture legal trends and news as they first start to emerge. We were looking for a better way to organize, vet and easily retrieve all the updates that were being sent to us on a daily basis.In the process, we’ve become one of the highest volume business law websites in the U.S. Today, the National Law Review’s seasoned editors screen and classify breaking news and analysis authored by recognized legal professionals and our own journalists. There is no log in to access the database and new articles are added hourly. The National Law Review revolutionized legal publication in 1888 and this cutting-edge tradition continues today.