In the late 1990’s while I was with Ascend Communications, I participated in the creation of the “point-to-point tunneling protocol” (PPTP) with engineers at Microsoft and Cisco Systems, now an Internet Engineering Task Force (IETF) industry standard. PPTP is the technical means for creating the “virtual private networks” we use at UBC, by encrypting “open” Internet packets with IPSEC 128 bit code, buried in public packets. It was an ingenious solution, enabling private Internet traffic that we assumed would last for a very long time. It was not to be, as we now know. Most disturbing, in the 1990’s the US Congress debated giving the government the key to all encryption, which was resoundingly defeated. Now, the NSA appears to have illegally circumvented this prohibition and cracked encryption anyway. But this discussion is not about the political, legal and moral issues, which are significant. In this post I am more interested in exploring the question: “So now what do we do?” There may be an answer on the horizon, and Canada is already a significant participant in the potential solution.

As it happens, Canada is already at the forefront of quantum computing, a critically important new area of research and development, that has significant future potential in both computing and cryptography. I have previously written about Vancouver-based D-Wave, which has produced commercial systems that have been purchased by Google and Lockheed Martin Aerospace. The Institute for Quantum Computing in Waterloo, Ontario is the other major center of quantum computing research in Canada. Without taking a major diversion to explain quantum mechanics and its applications in computing and cryptography, there is a great PBS Nova broadcast, available online, which provides a basic tutorial. The Economist article below, also does an admirable job of making this area understandable, and the role that the Waterloo research centre is playing in advancing cryptography to an entirely new level.

We need to insure that Canada remains at the forefront of this critically important new technology.

## Cryptography

### The solace of quantum

# Eavesdropping on secret communications is about to get harder

At the moment cryptography concentrates on making the decrypting part as hard as possible. The industry standard, known as RSA (after its inventors, Ron Rivest, Adi Shamir and Leonard Adleman, of the Massachusetts Institute of Technology), relies on two keys, one public and one private. These keys are very big numbers, each of which is derived from the product of the same two prime numbers. Anyone can encrypt a message using the public key, but only someone with the private key can decrypt it. To find the private key, you have to work out what the primes are from the public key. Make the primes big enough—and hunting big primes is something of a sport among mathematicians—and the task of factorising the public key to reveal the primes, though possible in theory, would take too long in practice. (About 40 quadrillion years with the primes then available, when the system was introduced in 1977.)

Since the 1970s, though, the computers that do the factorisation have got bigger and faster. Some cryptographers therefore fear for the future of RSA. Hence the interest in quantum cryptography.

Alice, Bob and Werner, too?

The most developed form of quantum cryptography, known as quantum key distribution (QKD), relies on stopping interception, rather than preventing decryption. Once again, the key is a huge number—one with hundreds of digits, if expressed in the decimal system. Alice sends this to Bob as a series of photons (the particles of light) before she sends the encrypted message. For Eve to read this transmission, and thus obtain the key, she must destroy some photons. Since Bob will certainly notice the missing photons, Eve will need to create and send identical ones to Bob to avoid detection. But Alice and Bob (or, rather, the engineers who make their equipment) can stop that by using two different quantum properties, such as the polarities of the photons, to encode the ones and zeros of which the key is composed. According to Werner Heisenberg’s Uncertainty Principle, only one of these two properties can be measured, so Eve cannot reconstruct each photon without making errors. If Bob detects such errors he can tell Alice not to send the actual message until the line has been secured.

One exponent of this approach is ID Quantique, a Swiss firm. In collaboration with Battelle, an American one, it is building a 700km (440-mile) fibre-optic QKD link between Battelle’s headquarters in Columbus, Ohio, and the firm’s facilities in and around Washington, DC. Battelle will use this to protect its own information and the link will also be hired to other firms that want to move sensitive data around.

QuintessenceLabs, an Australian firm, has a different approach to encoding. Instead of tinkering with photons’ polarities, it changes their phases and amplitudes. The effect is the same, though: Eve will necessarily give herself away if she eavesdrops. Using this technology, QuintessenceLabs is building a 560km QKD link between the Jet Propulsion Laboratory in Pasadena, California, which organises many of NASA’s unmanned scientific missions, and the Ames Research Centre in Silicon Valley, where a lot of the agency’s scientific investigations are carried out.

A third project, organised by Jane Nordholt of Los Alamos National Laboratory, has just demonstrated how a pocket-sized QKD transmitter called the QKarD can secure signals sent over public data networks to control smart electricity grids. Smart grids balance demand and supply so that electricity can be distributed more efficiently. This requires constant monitoring of the voltage, current and frequency of the grid in lots of different places—and the rapid transmission of the results to control centres. That transmission, however, also needs to be secure in case someone malicious wants to bring the system down.

In their different ways, all these projects are ambitious. All, though, rely on local fixed lines to carry the photons. Other groups of researchers are thinking more globally. To do that means sending quantum-secured data to and from satellites.

At least three groups are working on this: Thomas Jennewein and his team at the Institute for Quantum Computing in Waterloo, Canada; a collaboration led by Anton Zeilinger at the University of Vienna and Jian-Wei Pan at the University of Science and Technology of China; and Alex Ling and Artur Ekert at the Centre for Quantum Technologies in Singapore.

Dr Jennewein’s proposal is for Alice to beam polarisation-encoded photons to a satellite. Once she has established a key, Bob, on another continent, will wait until the satellite passes over him so he can send some more photons to it to create a second key. The satellite will then mix the keys together and transmit the result to Bob, who can work out the first key because he has the second. Alice and Bob now possess a shared key, so they can communicate securely by normal (less intellectually exhausting) terrestrial networks. Dr Jennewein plans to test the idea, using an aircraft rather than a satellite, at some point during the next 12 months.

An alternative, but more involved, satellite method is to use entangled photon pairs. Both Dr Zeilinger’s and Dr Ling’s teams have been trying this.

Entanglement is a quantum effect that connects photons intimately, even when they are separated by a large distance. Measure one particle and you know the state of its partner. In this way Alice and Bob can share a key made of entangled photon pairs generated on a satellite. Dr Zeilinger hopes to try this with a QKD transmitter based on the International Space Station. He and his team have been experimenting with entanglement at ground level for several years. In 2007 they sent entangled photon pairs 144km through the air across the Canary Islands. Dr Ling’s device will test entanglement in orbit, but not send photons down to Earth.

If this sort of thing works at scale, it should keep Alice and Bob ahead for years. As for poor Eve, she will find herself entangled in an unbreakable quantum web.

From the print edition: Science and technology