Among the many revelations brought to light by Edward Snowden, perhaps the most disturbing was the discovery that the NSA had worked with tech companies to install backdoors into commercial encryption products. It also introduced weaknesses into encryption standards that it could later exploit. Suddenly, fears about the NSA’s supercomputers and data mining prowess seemed quaint by comparison. If the agency already has the key to your house, what does it need a battering ram for?
Enter quantum encryption, or ”quantum key distribution (QKD)” as it’s formally called, a super-secure technique that even the NSA may not be able to crack. One purveyor of this technology is the Switzerland-based startup ID Quantique. And today, the outlet announced it’s raised $5.6 million from QWave Capital, a venture fund devoted to physics, materials science, and quantum technology.
“ID Quantique is much further than anybody in this field,” says Serguei Kouzmine, Managing Partner at QWave and President of the Russian Quantum Center. And what makes him say that? “They have a real client. Real customers. Any idea is nice. But if you do a consumer device you have more problems to solve.”
That client is the Columbus, Ohio-based R&D nonprofit Battelle. Last week, Battelle announced that it had used ID Quantique’s technology to build America’s first commercial QKD network. It will use the system to transmit secure data between its offices in the Central Ohio area.
So how does quantum encryption differ from classical encryption? Traditionally, secure data is encrypted and decrypted using numerical keys generated by an algorithm. This is a big oversimplification but essentially, you have to know the keys to unlock the data. But with enough computing power, a third party could potentially figure out those values. We’re talking massive, expensive, time-consuming computer power, but still. It’s hard to crack, but not impossible.
But QKD is something entirely different, taking things a step beyond traditional mathematics. The first part is the same: Data is encrypted using an algorithm. But then the data itself is encoded on a light particle known as a photon. Because photons are smaller than atoms, they behave in some pretty crazy ways. For example, you can “entangle” two photons so their properties correlate with one another. A change to one photon (which can occur as easily as by someone observing it) will cause a change in the other photon, even if the two are a universe apart.
After entanglement occurs, the sender transmits the first photon through a fiber cable to the receiver. If anyone has measured or even observed the photon in transit, it will have altered one of the properties of photon no. 1, like its spin or its polarization. And as a result, entangled photon no. 2, with its correlated properties, would change as well, alerting the individuals that the message had been observed by a third party between point A and point B.
This obviously makes no sense. Einstein called it “spooky action at a distance.” Richard Feynman said, “If you think you understand quantum theory, you don’t understand quantum theory.”
And yet. These are the observable traits of quantum physics. (For more, check out our interactive explainer on quantum computing)
It’s relatively new technology, and so of course there are limitations to its implementation, like distance. In 2009, researchers in Switzerland set a record for QKD by sending it 150 miles, but after that, the photons begin to “decohere,” meaning they lose all those “spooky” quantum properties that make them so special. QKD is also only practical for sending something from point A to point B, so a nationwide QKD network doesn’t exactly make sense at this time.
But while a quantum-connected America may be a long ways away, Kouzmine sees plenty of smaller-scale applications for the technology.
“The simplest thing to think about is that all financial institutions are required (to have), in addition to a main server, a backup server.” That’s the perfect use case for ID Quantique’s technology: sending highly sensitive information from point A to point B over a short distance.
And while the US or Russia is a bit too large for a big QKD network at this stage, a smaller country like, say, Liechtenstein could implement the technology to protect its state secrets from domestic spies or foreign spies (like us). “Interestingly enough with the NSA stories,” Kouzmine says, “We saw a spike of interest from small governments. They came to ID Quantique and said, ‘Hey, give us what you do.’”
Although we’re still at the early stages of quantum deployment, ID Quantique is already looking for ways to build on the technology. Battelle Senior Researcher Don Hayford told Fortune that they’re working with ID Quantique to develop “quantum repeaters” that would extend the maximum distance a QKD transmission can travel.
The one wrinkle of course for encryption advocates is that, as reported by ProPublica, the Guardian, and the New York Times, the victory of the NSA over existing encryption standards was not always a technological one. It was a political one, as the agency used its influence to muscle technology companies into setting up backdoors. In other words, we can use the most unbreakable, state-of-the-art encryption techniques we want, but if the gatekeepers of this technology succumb to government pressure, then all the spooky science in the world can’t help us.