Message Font: Serif | Sans-Serif

No. of Recommendations: 1
So my bluff has been called ... there's nothing gets past the Fools in this community and now, thanks to the bluster of my previous post, I'm going to have to deliver on my promise to show how quantum entanglement may one day help me to buy a movie ticket securely. This will take some explaining so I'm going to serve it up in two hearty (and hopefully tasty) courses to make it more digestible. Here goes ...

First let's state the "problem", then we can see why we need a "solution".

If I want to exchange sensitive information with somebody online, the details of my bank account for instance, I need to secure the information while it's travelling between us, and one way to do this is to cryptographically encode the information with a secret key that my correspondent also possesses. Until the advent of the internet, only spies and secret agents used such measures to protect information from prying eyes, but these days we all use military-grade encryption almost every day of our lives, banking online, making credit card transactions and yes, even buying a movie ticket.

There is however, a problem with key-based cryptography. How do I send my correspondent the secret key securely (without for example, using yet another key)? Public key encryption is currently the most widely applied "solution" to this problem. Based on the (so far unproven) theory that factoring the product of two huge prime numbers is a mathematically intractable task, a computer algorithm generates the two huge prime factors, one of which is assigned to be the public key and the other, the private key. Applying the public key to some data results in an encoded form of the data that can only be unscrambled by using the private key, and in fact, even the person who applied the public key to the data cannot unscramble it again- nobody can - unless they are in possession of the corresponding private key.

A very crude analogy might serve here ... think of the Egyptian locket in the first Indiana Jones movie. Instructions on one side of the locket were burned onto the nazi villain's hand when he plucked it from the fire (the public key) but to reconstruct the staff that would help locate the lost ark, one also needed the instructions from the other side of the locket (the private key). It's not a great analogy I must admit, but it gives you the idea of the two correspondents each having their own separate but essential pieces of the key.

So how does this work in practice ...

When I want to see my bank account details online, my bank sends my web browser their public key with which I can encrypt any data I need to send to them. When my bank receives my data, they apply their private key to unscramble it. In a similar way, my web browser sends the bank my public key so that they can secure any data that they send to me, and which only I can subsequently read using my private key. In practice these key pairs (one pair for each correspondent) can be generated anew each time we start an online banking session so that even if some evil hackers with a million dollar supercomputer had somehow intercepted my data and were able to crack the keys after several months of intensive computation, it would serve them little since the information would be out of date and any future transactions would use different keys.

And herein lies the "problem" with the current solution to this security problem. It is BELIEVED, but NOT PROVEN that cracking the private key by analyzing the public key and the encrypted data, is more or less an intractable mathematical problem. The advent of supercomputers has changed this somewhat, since in theory, a fast enough computer could do a "brute force" search of huge prime numbers until it found a pair that successfully unscrambled the encrypted data. With current technologies and more sophisticated search algorithms, this could indeed be done, but it would take months or years to crack a key pair of any decent size, by which time one would assume that the original data would be too outdated to be of any practical use to the "evildoers" who intercepted it.

Perhaps the greatest fear of the cryptography community is that some pimply young genius will have a "eureka" moment, rewriting the textbook on number theory and demonstrating a mathematically deterministic route to the factoring of the products of prime numbers of any size. If that were to happen, most of the current, commonly used encryption methods would be in jeopardy and Amazon might have to resort to taking orders over the phone in pig latin ("ooday ooyay avehay the atestlay akirashay ideovay?"). Hardly the most secure of futures!

So can we do better?

The answer is a resounding "Yes" and this is where the quantum entanglement stuff comes into the picture. The relatively new science of quantum cryptography could potentially change all of this. Instead of having to rely on some unproven "fuzzy math" to protect your data, imagine if you could secure it in some cosmically uncrackable "lock box" where it would be protected from prying eyes by the very laws of nature. This is essentially the future that quantum cryptography offers and its promise is already being made real in several companies that are actively commercializing this technology.

In part two, I'll describe how the bizarre quantum mechanical rules that govern the nanoscale world of atoms and even smaller particles, can be harnessed to protect my financial security while I'm using my credit card to purchase a ticket for Rocky XXIII.

To be continued ...

Gordon

http://en.wikipedia.org/wiki/Cryptography