What has Edward Snowden taught us about Quantum Cryptology?

Magnifying glass inspecting computer code

The latest story to hit the headlines as a result of the Edward Snowden leaks is that the US National Security Agency (NSA) has a $79m (48m) research project called 'Penetrating Hard Targets' which in part wants to construct a "cryptologically useful quantum computer" which would break all forms of public-key encryption known to man. Which begs the question what are quantum computers and quantum cryptography, and how worried should we be about them?

Quantum computing 101

Richard Feynman, the famed theoretical physicist perhaps best known for his work on the atomic bomb but also one of the pioneers in quantum mechanical theory, once sagely said that "if you think you understand quantum mechanics, you don't understand quantum mechanics" which isn't the greatest starting point for a feature explaining anything 'quantum' you might think.

However, understanding the potential impact of quantum computing in general and quantum cryptography in particular is more important that growing a brain the size of Brazil and writing A Brief History of Quantum Physics. It's less about the theoretical specifics and more about the specific practicalities, if that makes sense.

Having said that, let's have a go at rounding up what quantum is. The first thing to appreciate is what it is not, and that is anything new. Feynman was writing about the whole quantum shebang in 1982, and I've been reading about it for close on twenty years now. Something else it isn't is a reality, in any kind of practical way at any rate.

What it is, then, in as simplistic an explanation as I can manage, is a process of computing that does not process data by passing electrons through transistors and encoding them into binary digits. Instead, it uses qubits, or caged atoms if you prefer, which are an entirely different beast.

Different as unlike a binary digit which can be either a zero or a one, as can a qubit, the qubit can be both at the same time courtesy of a process of superpositioning. If you can reach a point in your head where that makes any kind of sense, then you are ready for the acceptance that in the quantum computing world the problem and its solution, in fact every possible solution, can be processed at the same time.

As we move this basic concept into the world of cryptography and security, it doesn't get any the easier and the main protagonist is something known as entanglement. This describes when a whole bunch of quantum particles get connected together, and if any of those particles is impacted by an external measurement then all the connected particles are also impacted even if at the total opposite end of the particle chain as it were.

Entanglement holds the key, if you will excuse the obvious pun, to the concept of quantum cryptography. Although it is easy to make the mistake of thinking that this is another advance towards that holy grail of security technology which is 'unbreakable' encryption, that's not actually the case; what quantum cryptography promises to deliver is rather a method to ensure the secrecy of encrypted data.

Why is this distinction such an important one? Well that is easy to explain, and understand, because if any attempt to snoop on encrypted data being transported via a quantum channel is made then that act of snooping will 'disturb' the qubits and the entanglement process would make that attempt visible and the flow of data would immediately stop.

It gets better, the packet that has been 'seen' would also be destroyed because the entangled qubit chain would be broken, and another quantum encrypted packet would have to be sent. The very act of 'seeing' the data is enough to destroy it in transit, and that makes for a very secure method of distributing data.

Davey Winder

Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.

Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.

You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.