Quantum leap: Untangling Toshiba's 'unbreakable' encryption

News by Davey Winder

Claims Toshiba is developing secure quantum cryptography should be taken with a quantum of salt say several cyber-security experts.

According to the Japan Real Time blog, Toshiba is working on a ‘foolproof' quantum-cryptography system that industry analysts claim cannot be breached.

Immediately this raises a number of red flags, not least the use of words such as unbreakable in relation to any encryption system, next-generation or not, and the fact that the analysts who are apparently claiming this remain unnamed in the report. SCMagazineUK.com decided to take a closer look.

First things first, let's start with quantum cryptography itself. Our explanation will be necessarily simplistic as we are not physicists, so please excuse us the dumbing down of the description which will not go into detail about quantum computing per se.

However, quantum cryptography relies heavily upon the condition of entanglement whereby when any particle is affected by an external measurement, the state of the entangled particles that are connected to it are also affected, no matter how far removed from the original particle they may be. What this means is that any attempt to measure the flow of quantum data also disturbs it, and the entanglement condition is so delicate that just looking at it (so any attempt at monitoring or snooping of quantum encrypted traffic) would immediately disturb it and be visible, breaking the flow and requiring another packet to be sent until an ‘undisturbed' one gets through.

The Toshiba system, which starts a two-year long third-party data testing phase in August, uses photons delivered via custom fibre optic cables which are not connected to the internet. According to the unnamed analysts in the report, the one-time key is the same size as the encrypted data, so decoding without the correct key would be impossible as there will be no repeated use of the pattern.

If this proves successful, then Toshiba predicts commercial use may be possible within a decade or two.

It may sound fantastical, but quantum cryptography really isn't anything new, nor has it proven to be as unbreakable as the boffins would have us believe.

Back in 2010, that's no typo either, the MIT Technology Review reported how a group of physicists successfully attacked a commercial quantum cryptography system. The work of that team showed how the earliest efforts to commercialise quantum key distribution (QKD) solutions could be broken by exploiting practical weaknesses in hardware such as how configuration errors can cause unwanted internal reflections in the gear that generates the quantum bits for example, or efficiency mismatches between photo detectors and lasers that create extra photons.

Scientists will have worked hard to patch these known vulnerabilities, but that doesn't mean there are not unknown ones that still remain. Indeed, the likelihood is that there are, and that is why it is somewhat foolish to apply terms such as ‘foolproof' and ‘unbreakable' to the technology.

Those unnamed analysts would, perhaps, have been better advised to talk in terms of unviable instead. We used to say that, other than in the lab, other than security researchers, nobody was really attacking cryptography in any serious manner with any meaningful intent.

Then along came Snowden and our knowledge changed. We now know that The Man has quite clearly been doing just that. However, as Adrian Sanabria, a senior security analyst at 451 Research told SC, what we also know is that “the NSA and GCHQ didn't succeed in breaking non-flawed, standard crypto, which is why they were instead trying to get us to use weaker algorithms – so the bottom line is that quantum crypto is solving a non-issue”.

Not only is quantum cryptography actually not a brand new thing, it's also not an uncrackable thing because it's already been cracked a few times in various forms. Not that it really matters, does it? After all, don't we already have encryption that is pretty much uncrackable if it is implemented properly? In which case, why would we need expensive, complex and technically limiting quantum encryption anyway?

“Sure companies could technically benefit from this technology that Toshiba is working on,” Sanabria continues. “But I don't think they'll be any more secure with a super expensive quantum crypto system than with the crypto algorithms they can implement for free today.”

More often than not, when encryption has failed us it's generally because someone has done something wrong rather than the encryption itself being at fault. As TK Keanini, CTO at Lancope, told SC, “it does no one any good when parts of a system are unbreakable yet the system itself is breakable. It is almost never the cryptographic means that are attacked and breached, it is always the implementation weaknesses.”

Why bother trying to dismantle a wall brick by brick when you can just drive around the wall instead?  As Ken Simpson, CEO at MailChannels, points out, there are much bigger problems that lie on either end of an otherwise ‘unbreakable' fibre optic link. “No amount of QKD would have saved Sony from the massive breach it experienced. Until operational security is massively improved within the corporate environment, I suspect having ‘unbreakable' encryption between offices is a much lower priority for most chief information officers.”

All of which tends to suggest that the unbreakable claims of quantum cryptography could, in actual fact, be the least of its worries when it comes to the future success or otherwise of this Holy Grail of the secure data transfer world.

“The problem with QKD is that even though it promises probably secure properties, it relies on a set of assumptions that are often not practical,”says Dr Chenxi Wang, VP of cloud security and strategy at CipherCloud, talking exclusively to SCMagazineUK.com. “For instance, using QKD, two parties can communicate securely without the worry of a third-party eavesdropper, but this depends on the assumption that the two parties having already successfully authenticated each other.”

In a real world scenario, if you can authenticate each other using some means, then you may be able to distribute a key utilising the same means, hence QKD becomes rather less appealing.

“And to be honest,” Dr Wang continues, “many are not interested in ‘unconditionally secure'. In practice, the market will be much more palatable to a system that is fairly secure, yet requires less assumptions.”

In short, quantum cryptography hasn't found its killer app yet. Until it does, it will remain something of theoretical interest only – no matter how unbreakable it is claimed to be.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews