How to ensure information security? What is an absolutely secure cryptosystem? After more than 20 years of quantum cryptography9.

When people say that quantum cryptography is absolutely secure, they mean that quantum cryptography is impossible to crack mathematically, and that the only way to steal the code is to attack the device physically. In other words, if the device is reliable, then there is absolutely no leakage.

Traditional cryptography

The basic purpose of cryptography is to solve the problem: how to securely transmit information over an insecure channel?

The solution is for the two communicating parties to hide some information, transmit only ciphertext over an insecure channel, and use this hidden information to reduce the ciphertext to plaintext. This hidden information is called a key. All cryptography contains two elements: the key and the algorithm.

The vast majority of cryptographic methods today are based on the one-way difficulty of some kind of math problem. That is, a problem is easy to solve along the positive direction, and you can use it for encryption, but the reverse direction is difficult, making it hard to crack.

Why do so many cryptosystems that were once thought to be unbreakable end up being broken? One profound reason is that mathematically, no problem that is actually in use has ever been proven to be one-way difficult. In fact, we don't even know if one-way difficult math problems exist yet.

So we should have a basic notion that the security of all math-based passwords is unproven! So far, the only cipher that has been proven to be impossible to break mathematically is the quantum cipher. Therefore, the value of quantum ciphers is readily apparent.

Quantum cryptography

How does quantum cryptography achieve secrecy? Like traditional cryptography, it is through algorithms and keys. In fact, the algorithm used in quantum cryptography is a particularly simple one, so simple that it can be explained in a few words.

Any string of information can be represented as a string of binary characters, a string of 0s and 1s, and for each digit a of this 01 string, we give it a corresponding key k, which is also a 0 or a 1. Based on a and k, we can compute the key. Based on a and k, we can calculate the corresponding ciphertext b, which is also a 0 or 1.

The corresponding rule is that if k = 0, then b is equal to a; if k = 1, then b is equal to whichever of 0 and 1 is not equal to a. In other words, k = 0 puts 0 into 0 and 1 into 1. That is, k = 0 turns 0 into 0 and 1 into 1, and k = 1 turns 0 into 1 and 1 into 0. To put it more simply, k= 0 leaves 0 unchanged, and k= 1 swaps 0 and 1. This algorithm is called "different or".

You might wonder why this simple algorithm can't keep a secret when so many complex algorithms can't?

The trick is not in the algorithm, but in the key. Note that the key here is not just a single digit. If there is only one digit, then of course there is no secrecy at all. What happens is that for each bit of the original text, there is a corresponding key. That is, if the length of the original text is n bits, then the length of the key is also n bits. If the original text is as long as A Dream of Red Mansions, then the key needs to be that long too.

500

A Dream of Red Mansions

Also, the string of keys must be a random string. That is, each bit is a random 0 or 1, between any two digits, without any connection.

In addition, a key this long can only be used once. That is to say, if you use an n-bit key to transmit an n-bit text, the next time you transmit the same content, you must start from scratch and reconstruct the n-bit key, and never use the original key again. This is called "one secret at a time".

A key in quantum cryptography is a string of characters that satisfies three conditions: it is equal in length to the plaintext, it is random, and it is secret at once.

Why is this necessary? Because it can never be deciphered mathematically. Why is it impossible to decipher? Because such a piece of ciphertext could correspond to any piece of plaintext of equal length, with equal probability. For example, it could correspond to "attacking east tomorrow morning" or "retreating west the afternoon after tomorrow" or "emigrating to the universe from Earth" with the same probability. ......

Mathematical analysis of such unbiased ciphertexts is completely out of the question, because there is no mathematical problem for you to solve.

A key that is equal in length to the plaintext, randomized, and encrypted one at a time is called a "one-time note". Therefore, an important theorem in cryptography is that a ciphertext encrypted with a one-time note is absolutely indecipherable. This theorem was proved by Claude Shannon, the founder of information theory.

500

Claude Shannon

It is worth noting that one of the 3 conditions in the one-time sticky note is missing. Whether the key length is less than the plaintext, or there is a link between the various bits of the key, or the same key is used twice, it will cause the ciphertext to take on a certain structure, so that an adversary has something to work with, and may be able to break the cipher by means of frequency analysis or the like.

The one-time note method was invented at the end of World War I, but was rarely used in practice. The reason was that it was very difficult to transmit such a large number of keys. If a messenger was sent to transmit the key, as in spy movies such as "The Red Lantern" and "Subterfuge", then once the messenger was captured or mutinied, the loss would be huge. Therefore, the disposable memo method is only used where information security has to be guaranteed at any cost, such as calls between heads of state.

Quantum cryptography changes this by using the physics of quantum mechanics to generate a one-time sticky note key between the two communicating parties. Here's the kicker: both parties get the key at the same time! There is no third party messenger transmitting in between!

This is very clever thinking, a miracle created by quantum mechanics. The technical content of quantum cryptography is expressed here. The process of generating a quantum key is also the process of distributing it, which is why quantum cryptography has a specialized name, called "quantum key distribution".

500

Quantum key distribution

So how does quantum cryptography achieve messenger-less key distribution? A short explanation is that quantum cryptography utilizes two principles in quantum mechanics, one is the principle of superposition and the other is that measurements may lead to sudden changes of state. Based on these two principles, a series of single photons in a randomized state are emitted and received to give both communicating parties an identical string of random characters. This random string is the one-time sticky note key.

500

Superposition in quantum mechanics

500

Measurement in quantum mechanics

After a series of manipulations, both parties are given a random string of 0s and 1s, say 0010111001001010101 ...... Most importantly, this string is exactly the same for both sides. This is the final result.

Once you have the key, you use a "different-or" encryption algorithm to encrypt the plaintext into a ciphertext using the key, and send the ciphertext out. Since the ciphertext is already undecipherable, this step doesn't require any special equipment, and it's just a matter of waltzing down the traditional channel, so it won't hurt if the enemy intercepts it.

A common misconception is that the final transmission of information has to be over some kind of quantum channel. When they learned that a conventional channel would do, they were so confused that they even assumed that anyone who worked on quantum communications was a fraud.

Another common misconception is that the key has to be transmitted over a traditional channel as well. This is absolutely impossible, and if the key were to be sent over an insecure channel, the point of secrecy would be completely lost. No cryptographic system would be stupid enough to do that.

To summarize, what quantum cryptography really does is: generate the key using a quantum channel and transmit the ciphertext using a conventional channel. You may want to ask: if quantum channels guarantee no leakage, why not just transmit the information using quantum channels, but only the key? Because this quantum-mechanical operation can only generate random strings, and random strings have zero information, so this operation itself cannot transmit information. Therefore, the proponents of this method couldn't figure out what use it would be for a long time, until it was discovered that this random string could be used as a key, which made the method useful.

The attack and defense of the quantum code

What if you need to break the quantum code? The basic framework is actually quite simple. Since it is impossible to break the quantum code by mathematical methods, the only way is, of course, physical, by hacking into quantum communication devices by any means necessary.

The reason that math is the main consideration in breaking traditional codes is that it is "possible" to break them with math, not that it is "only" possible to break them with math.

Thus, the contrast between quantum cryptography and traditional cryptography is not that the threat to the former comes only from physics and the threat to the latter comes only from math. It should be that the threat to quantum cryptography comes from physics only, and the threat to traditional cryptography comes from math plus physics!

Quantum cryptography is now at the forefront of research in ensuring that information is not compromised despite the assumption that an adversary has successfully carried out several physical attacks.

One such frontier is called "instrument-independent quantum key distribution". This term means that even if an adversary gains access to our measurement instruments, there is a way to detect and abort the generation of the key in time to avoid disclosing the information. Experimental verification in this area has been successful, and the next step is to improve the code generation rate. In this area, China is also at the forefront of the world.