Is anything 100% safe in practice - rather than theory?
Is anything 100% safe in practice - rather than theory?

Some systems are inherently very difficult to hack, but given the proven problems of deployment and the ingenuity of attackers sidestepping security controls, it's unwise to describe anything as hack-proof – but that appeared to be the claim for a new quantum computer. However closer analysis shows the researchers qualified this claim, describing a ‘theoretically' hack-proof system in a report in Science Advances which explains the use of quantum encryption techniques in a new system developed at Duke University, The Ohio State University and Oak Ridge National Laboratory.  It can create and distribute encryption codes at megabit-per-second rates- five to 10 times faster than existing methods.

EurekAlert quotes Daniel Gauthier, a professor of physics at The Ohio State University, as saying, "We are now likely to have a functioning quantum computer that might be able to start breaking the existing cryptographic codes in the near future. We really need to be thinking hard now of different techniques that we could use for trying to secure the internet."

The technique was reportedly demonstrated to be secure from common attacks, even in the face of equipment flaws that could open up leaks.

For Quantum key distribution (QKD) Both parties must have access to the same key, and it must be kept secret; the system measures photons which change their properties if disturbed, alerting if there is a security breach. Laser-based systems for QKD are now coming to market and China has demonstrated use of a satellite to send a quantum key to two land-based stations located 1200 km apart.

Previously they would transmit keys at relatively low rates - between tens to hundreds of kilobits per second - which are too slow for most practical uses on the internet. But Nurul Taimur Islam, a graduate student in physics at Duke, reports that by adjusting the time at which the photon is released, and a property of the photon called the phase, their system can encode two bits of information per photon instead of one. Along with high-speed detectors developed by Clinton Cahall, graduate student in electrical and computer engineering, and Jungsang Kim, professor of electrical and computer engineering at Duke, they power their system to transmit keys five to 10 times faster than other methods.

Encryption keys encoded in photons of light can be sent over existing optical fibre cable making it relatively straightforward to integrate this new transmitter and receiver into the current internet infrastructure.

Ofer Maor, director of enterprise solutions at Synopsys, commenting on earlier reports describing the system as hack proof, said:  "We often encounter these new “Hack Proof” promises. While the technology does indeed sound interesting, touting a “Hack Proof” title is dangerous and somewhat presumptuous.  Even if the theory is indeed hack proof, we have seen that in many cases, when this is implemented to become a usable commercial product, implementation flaws introduce new security weaknesses that can later be taken advantage of, ending in an embarrassing compromise to the “Unbreakable” theme."

While the researchers report that any attempt to hack a key exchange would leave errors on the transmission that could be easily spotted by the receiver, they acknowledge that real-world implementations of QKD require imperfect equipment, and these imperfections open up leaks that hackers can exploit.