Introduction

Ever wondered if the transactions, communications, information transfer that happens over the internet is secure or not? Is it hackable? The answer is yes, and to avoid that we use the concept of cryptography. In simple terms, cryptography is a technique of secure communication with the method of converting plain text from the sender into unreadable text or encoded message using a key or a cipher. When the intended receiver receives this encoded message, he has the key to decode it, and hence the transfer of information is protected in this case. 

Having understood the concept of cryptography let us understand what quantum cryptography is. 

1. What is Quantum Cryptography?

As we discussed above, cryptography was the method of encrypting the data with a key and decoding it at the receiving end to protect it from attacks of cybercrimes. With the same logic, let us try and define quantum cryptography- if the technique used to encrypt the plaintext is the principle of quantum mechanics then it is called quantum cryptography. It takes advantage of ‘no change theory’ that means it cannot be interrupted knowingly or unknowingly.  As we know, as per the definition of quantum in physics is a packet of energy. Also, an important thing to note here is that it is different from post-quantum cryptography. 

While it sounds simple, the complexity lies in understanding the principles of quantum mechanics which are used in this technique: 

  1. The universe is made up of particles and their state and position is uncertain as they can exist simultaneously in more than one place or state
  2. Photons are randomly generated in one of the two quantum states 
  3. Quantum properties of a quantum cannot be accurately measured without disturbing it 

2. How does Quantum Cryptography Work

 As per the definition of quantum cryptography, it uses the principles of quantum mechanics and quantum algorithms to make it technically unhackable. Let us consider a transfer of data between two parties i.e. sender and receiver. In quantum cryptography, the key used to cipher the plaintext is called quantum key distribution (QKD) i.e. a sequence of photons to transmit the data over an optical fiber cable. By comparing measurements of the properties of these photons, the parties involved will be able to find out what the key is and if it is compromised by any third party. 

Let us dive deeper into understanding a step-by-step breakdown of the process and understand quantum cryptography basics:

  1. The sender sends a photon through a polarizer with randomly assigned polarizations and bit assignments. The available options are one of these- vertical (read one bit), Horizontal (read Zero bit), 45 degrees right (read One bit), or 45 degrees left (read Zero bit).
  2. These photons now travel towards the receiver which uses a beam splitter that can be horizontal, vertical, or diagonal to decode or read the polarization of each photon. The receiver does not know which beam splitter is to be used for which photon. It is a game of guessing. 
  3. Once this sequence of photons is sent, now the receiver tells the sender the random assignments of a beam splitter for each photon in the same sequence it was sent. The sender will now compare what he used to polarize this key. Of all these photos, the ones who were sent with the wrong splitter are then discarded and the remaining sequence is considered as the key.

This ensures the safety and confidentiality of information transmitted as the hacking or intercepting will be discarded in the communication medium itself. The photons that are compromised by the eavesdropper will change their state. The change can be noticed at the endpoint which makes it easier for detection and removal. 

Asymmetric vs Symmetric Encryption

This is how encryption works- a sequence of binary digits is shared from one end then it is deciphered at the other end by either using a private or public key. 

  1. Symmetric Key Encryption:  In this type of cryptography, both the sender and receiver use a single key during the communication or transfer of information. The sender uses this key for encrypting plain text and sends the ciphered text to the receiver through the communication channel. The receiver uses the same key for decrypting the ciphered text on the other end. Upon deciphering he recovers the plain text.  Here like Advanced Encryption Standard (AES) use the same key. 
  2. Asymmetric Key Encryption: this type of cryptography is also referred to as public-key cryptography. Here we use two related keys; public and private. The public key is used for encryption and the private key is used for decryption. Both keys are different. Even if the public is known by everyone, only the intended individual will be able to decipher the text as only he has the unique private key. The asymmetric encryption algorithm is used in WhatsApp communication. Here like in RSA use two linked keys, a combination of public and private. 

Symmetric cryptography is tougher to break compared to asymmetric cryptography. Let us have a look at what are the ways to defend ourselves against attacks in the case of quantum cryptography 

How to defend

First and foremost, using longer keys during encryption is the simplest way to protect against attacks. Although longer keys make the encryption slower and costlier. Another option is to use symmetric encryption for the transmission of messages themselves and then use asymmetric encryption for the key. The same idea is used behind transport layer security (TLS), an online standard. 

The best solution would be to use a combination of post-quantum method algorithms of the likes of lattice-based encryption for an initial conversation and then securely exchange keys, main message can be encrypted using symmetric encryption

Conclusion

With increasing network attacks and malware, it’s becoming more important than ever to protect the data during transmission. Even if we perfect quantum technology with multiple security layers, one solution alone will be susceptible to attacks. And hence it is advised to have a hybrid solution during the communication.

So, have you made up your mind to make a career in Cyber Security? Visit our Master Certificate in Cyber Security (Red Team) for further help. It is the first program in offensive technologies in India and allows learners to practice in a real-time simulated ecosystem, that will give you an edge in this competitive world.

Also, Read

SHARE
share

Are you ready to build your own career?