China’s quantum* crypto tech may be unhackable, but it's hardly a secret
* Quite Unlikely A New Technology’s Useful, Man
Opinion We have a new call to arms in the 21st century battlefront between the West and China. The Middle Kingdom is building an uncrackable national infrastructure based on quantum key distribution (QKD). The laws of physics are being used against us, and we're not keeping up, claims a think tank.
Thanks, Edward Snowden: You propelled China to quantum networking leadership
READ MOREThese are reasonable concerns. Chinese investment and intent in its space and military build-out is highly visible and plausible, as is its displeasure at not achieving parity in semiconductor tech. All nations depend on their data infrastructures and cyber security, so making unbreakable encryption a national priority is, on the surface, sound. QKD can indeed make a channel untappable. A clear and present danger, or one where it's not so much the devil in the details but the entire horde of Hades rampaging just below the headlines.
QKD isn't an encryption technique, but a way of transmitting a random key while guaranteeing it hasn't been intercepted. Random keys are great, the gold standard in encryption. Used properly, they can make any message unreadable from here to eternity, no matter what new technologies evolve.
All QKD does is send a copy of the key and signal if it has been intercepted in transit. This is very clever, but in the same way that quantum computing is very clever. That is to say, clever but almost entirely useless.
Quantum keys are only safe if they are never reused. Which means you need as much key as you have data. A 10 MB file will consume 10 MB of key. A 10 MBps stream needs a 10MBps key stream... QKD thus doubles the bandwidth needed for any connection - or rather, it would if it could. Which it can't.
QKD works by generating pairs of entangled photons, and using math to tell if one of the pair has been observed in flight. Thus it is hard enough at scale, but reality is far harsher than that.
Every explanation of QKD you'll see will have the classic crypto threesome of Alice sending Bob a message while being snooped on by Eve. It is Eve's observation of the photons that triggers the protection, goes the narrative, as in the quantum world the observation of one of an entangled pair discloses the state of the other.
Well, yes, except that observation in the quantum sense does not imply a conscious observer. It means any interaction with the rest of the universe. The same thing mucks up quantum computing, and look how well that's going.
- Upgrading Linux with Rust looks like a new challenge. It's one of our oldest
- Silicon, stars, and sulfur make Apollo's unlikely legacy
- Microsoft decides it's a good time for bad UI to die
- Space nukes: The unbelievably bad idea that's exactly that ... unbelievable
- Engineers on the brink of extinction threaten entire tech ecosystems
In other words, the physical infrastructure of the fiber you're sending your key through is observing it. There are ways to construct the photon stream to detect actual taps versus nature's natural nosiness, but the effect is to make it much harder to use QKD over longer fibers. The key bit rate slows hugely.
Ah yes, the key bitrate. We need a lot of key bits, after all, so it's odd that almost no discussion of QKD has actual figures. It was revealed here that, as of last year, the world speed record over 1,000 km of fiber for a QKD protected key bitstream was 10,000 times faster than the previous world record. That previous world record, alas, was 0.0034 bits per second. The new record? 34 bits per second. You can type faster than that.
Of course, shorter is faster - Toshiba will actually sell you QKD boxes that will serve 300 kbps over a 10 dB path loss - which sounds better than the 50 km of fiber that it represents. On the plus side, the system will work up to a point at 150 km, on the down side it needs a pair of fibers. You won't be able to type this fast, but you will fill it up with a decent audio stream.
You cannot build a national infrastructure out of this. You can barely connect two rooms. What's worse, public key crypto is just as safe in reality. It never transmits private keys in the first place. It works end-to-end as fast as you like, doesn't double bandwidth, scoffs at long fibers, and needs no added hardware.
The reason QKD used to be thought a good idea was that old school public key crypto was vulnerable in theory to future quantum computing attacks, Nation states could warehouse intercepted data until the quantum computing turned up. It hasn't. What has turned up is quantum safe public key crypto that isn't vulnerable if it does.
The best use for QKD is to knock up an impressive PowerPoint deck and show it to a funding agency. This is what presumably happened in China, and it got all the way to the top. Which is excellent news, as it's a lot harder to shift an established idea that's gone bad in an entirely undemocratic regime. It's pretty near impossible in the West – remember the Ronald Reagan-era Star Wars missile defense system with giant flying lasers and physics defying Brilliant Pebbles.
At least we have ways to point and laugh until management changes its mind or we change the management. Let China tie up its best brains and biggest pots of money in chasing a technology that will never work as promised and will never be needed. That's more than a quantum of solace. ®