English-Video.net comment policy

The comment field is common to all languages

Let's write in your language and use "Google Translate" together

Please refer to informative community guidelines on TED.com

TED@Westpac

Vikram Sharma: How quantum physics can make encryption stronger

Filmed
Views 402,854

As quantum computing matures, it's going to bring unimaginable increases in computational power along with it -- and the systems we use to protect our data (and our democratic processes) will become even more vulnerable. But there's still time to plan against the impending data apocalypse, says encryption expert Vikram Sharma. Learn more about how he's fighting quantum with quantum: designing security devices and programs that use the power of quantum physics to defend against the most sophisticated attacks.

- Encryption expert
Vikram Sharma uses quantum technology to strengthen cryptographic key management and encryption. Full bio

Recently, we've seen the effects
of cyber attacks on the business world.
00:12
Data breaches at companies like JP Morgan,
Yahoo, Home Depot and Target
00:17
have caused losses of hundreds of millions
00:22
and in some cases, billions of dollars.
00:25
It wouldn't take many large attacks
to ravage the world economy.
00:28
And the public sector
has not been immune, either.
00:33
In 2012 to 2014,
00:36
there was a significant data breach
at the US Office of Personnel Management.
00:40
Security clearance
and fingerprint data was compromised,
00:45
affecting 22 million employees.
00:48
And you may have heard of the attempt
by state-sponsored hackers
00:53
to use stolen data to influence election
outcomes in a number of countries.
00:57
Two recent examples are
the compromise of a large amount of data
01:03
from the Bundestag,
the national Parliament of Germany,
01:07
and the theft of emails from the US
Democratic National Committee.
01:10
The cyber threat is now affecting
our democratic processes.
01:16
And it's likely to get worse.
01:21
As computer technology
is becoming more powerful,
01:24
the systems we use to protect our data
are becoming more vulnerable.
01:27
Adding to the concern
is a new type of computing technology,
01:33
called quantum computing,
01:36
which leverages microscopic
properties of nature
01:38
to deliver unimaginable increases
in computational power.
01:41
It's so powerful that it will crack
many of the encryption systems
01:46
that we use today.
01:50
So is the situation hopeless?
01:52
Should we start packing
our digital survival gear
01:55
and prepare for an upcoming
data apocalypse?
01:58
I would say, not yet.
02:02
Quantum computing is still in the labs,
02:04
and it will take a few years
until it's put to practical applications.
02:06
More important,
02:10
there have been major breakthroughs
in the field of encryption.
02:11
For me, this is
a particularly exciting time
02:15
in the history of secure communications.
02:18
About 15 years ago,
02:21
when I learned of our new-found ability
02:23
to create quantum effects
that don't exist in nature,
02:25
I was excited.
02:29
The idea of applying
the fundamental laws of physics
02:30
to make encryption stronger
02:34
really intrigued me.
02:35
Today, a select groups of companies
and labs around the world, including mine,
02:38
are maturing this technology
for practical applications.
02:44
That's right.
02:48
We are now preparing
to fight quantum with quantum.
02:49
So how does this all work?
02:53
Well, first, let's take a quick tour
of the world of encryption.
02:55
For that, you'll need a briefcase,
02:59
some important documents that you want
to send your friend, James Bond,
03:01
and a lock to keep it all safe.
03:05
Because the documents are top secret,
we're going to use an advanced briefcase.
03:08
It has a special combination lock
03:13
which, when closed,
03:15
converts all the text
in the documents to random numbers.
03:16
So you put your documents inside,
close the lock --
03:20
at which point in time the documents
get converted to random numbers --
03:24
and you send the briefcase to James.
03:27
While it's on its way,
you call him to give him the code.
03:30
When he gets the briefcase,
he enters the code,
03:34
the documents get unscrambled, and voilĂ ,
03:37
you've just sent
an encoded message to James Bond.
03:40
(Laughter)
03:44
A fun example, but it does illustrate
three things important for encryption.
03:45
The code -- we call this
an encryption key.
03:50
You can think of it as a password.
03:53
The call to James to give him
the code for the combination lock.
03:56
We call this key exchange.
04:00
This is how you ensure
04:03
you get the encryption key
securely to the right place.
04:04
And the lock, which encodes
and decodes the document.
04:09
We call this an encryption algorithm.
04:12
Using the key, it encodes
the text in the documents
04:15
to random numbers.
04:20
A good algorithm will encode in such a way
04:21
that without the key
it's very difficult to unscramble.
04:24
What makes encryption so important
04:29
is that if someone were to capture
the briefcase and cut it open
04:31
without the encryption key
and the encryption algorithm,
04:35
they wouldn't be able
to read the documents.
04:38
They would look like nothing more
than a bunch of random numbers.
04:41
Most security systems rely
on a secure method for key exchange
04:46
to communicate the encryption key
to the right place.
04:51
However, rapid increases
in computational power
04:56
are putting at risk a number
of the key exchange methods we have today.
04:59
Consider one of the very
widely used systems today -- RSA.
05:04
When it was invented, in 1977,
05:09
it was estimated that it would take
40 quadrillion years
05:13
to break a 426-bit RSA key.
05:17
In 1994, just 17 years later,
05:22
the code was broken.
05:26
As computers have become
more and more powerful,
05:29
we've had to use larger and larger codes.
05:31
Today we routinely use 2048 or 4096 bits.
05:35
As you can see, code makers and breakers
are engaged in an ongoing battle
05:41
to outwit each other.
05:46
And when quantum computers arrive
in the next 10 to 15 years,
05:50
they will even more rapidly
crack the complex mathematics
05:54
that underlies many
of our encryption systems today.
05:58
Indeed, the quantum computer is likely
to turn our present security castle
06:03
into a mere house of cards.
06:08
We have to find a way
to defend our castle.
06:12
There's been a growing
body of research in recent years
06:17
looking at using quantum effects
to make encryption stronger.
06:20
And there have been
some exciting breakthroughs.
06:23
Remember those three things
important for encryption --
06:27
high-quality keys, secure key exchange
and a strong algorithm?
06:30
Well, advances in science and engineering
06:35
are putting two of those
three elements at risk.
06:38
First of all, those keys.
06:42
Random numbers are the foundational
building blocks of encryption keys.
06:45
But today, they're not truly random.
06:49
Currently, we construct encryption keys
06:52
from sequences of random numbers
generated from software,
06:55
so-called pseudo-random numbers.
06:59
Numbers generated by a program
or a mathematical recipe
07:02
will have some, perhaps subtle,
pattern to them.
07:06
The less random the numbers are,
07:10
or in scientific terms,
the less entropy they contain,
07:12
the easier they are to predict.
07:15
Recently, several casinos
have been victims of a creative attack.
07:18
The output of slot machines
was recorded over a period of time
07:22
and then analyzed.
07:27
This allowed the cyber criminals
07:28
to reverse engineer
the pseudo-random number generator
07:30
behind the spinning wheels.
07:34
And allowed them, with high accuracy,
to predict the spins of the wheels,
07:36
enabling them to make big financial gains.
07:42
Similar risks apply to encryption keys.
07:47
So having a true random number generator
is essential for secure encryption.
07:50
For years, researchers have been looking
at building true random number generators.
07:57
But most designs to date
are either not random enough,
08:03
fast enough or aren't easily repeatable.
08:06
But the quantum world is truly random.
08:10
So it makes sense to take advantage
of this intrinsic randomness.
08:13
Devices that can measure quantum effects
08:20
can produce an endless stream
of random numbers at high speed.
08:22
Foiling all those
would-be casino criminals.
08:26
A select group of universities
and companies around the world
08:30
are focused on building
true random number generators.
08:34
At my company, our quantum
random number generator
08:37
started life on a two meter
by one meter optic table.
08:41
We were then able to reduce it
to a server-size box.
08:46
Today, it's miniaturized into a PCI card
that plugs into a standard computer.
08:50
This is the world's fastest
true random number generator.
08:59
It measures quantum effects to produce
a billion random numbers per second.
09:04
And it's in use today to improve security
09:09
at cloud providers, banks
and government agencies
09:13
around the world.
09:16
(Applause)
09:18
But even with a true
random number generator,
09:27
we've still got the second
big cyber threat:
09:29
the problem of secure key exchange.
09:32
Current key exchange techniques
will not stand up to a quantum computer.
09:36
The quantum solution to this problem
09:41
is called quantum key distribution or QKD,
09:43
which leverages a fundamental,
counterintuitive characteristic
09:47
of quantum mechanics.
09:52
The very act of looking
at a quantum particle changes it.
09:54
Let me give you an example
of how this works.
10:00
Consider again exchanging the code
for the lock with James Bond.
10:02
Except this time, instead of a call
to give James the code,
10:07
we're going to use quantum effects
on a laser to carry the code
10:12
and send it over standard
optic fiber to James.
10:16
We assume that Dr. No
is trying to hack the exchange.
10:20
Luckily, Dr. No's attempt to intercept
the quantum keys while in transit
10:26
will leave fingerprints
that James and you can detect.
10:31
This allows those intercepted keys
to be discarded.
10:36
The keys which are then retained
10:40
can be used to provide
very strong data protection.
10:41
And because the security is based
on the fundamental laws of physics,
10:45
a quantum computer, or indeed
any future supercomputer
10:50
will not be able to break it.
10:54
My team and I are collaborating
with leading universities
10:56
and the defense sector
10:59
to mature this exciting technology
11:01
into the next generation
of security products.
11:03
The internet of things
is heralding a hyperconnected era
11:07
with 25 to 30 billion
connected devices forecast by 2020.
11:13
For the correct functioning
of our society in an IoT world,
11:20
trust in the systems that support
these connected devices is vital.
11:25
We're betting that quantum technologies
will be essential in providing this trust,
11:31
enabling us to fully benefit
from the amazing innovations
11:36
that are going to so enrich our lives.
11:41
Thank you.
11:46
(Applause)
11:47

▲Back to top

About the speaker:

Vikram Sharma - Encryption expert
Vikram Sharma uses quantum technology to strengthen cryptographic key management and encryption.

Why you should listen

Vikram Sharma is the founder and CEO of Canberra- based QuintessenceLabs, or Q-Labs, which uses quantum technology to strengthen cryptographic key management and encryption, an urgent need in this era of increasingly sophisticated cyberattacks. One of Westpac’s high-potential Businesses of Tomorrow, Q-Labs uses the world’s fastest random-number generator to create the strongest possible encryption keys, and integrates them into advanced key management and encryption capabilities, protecting banks, governments, and other security-aware enterprises around the globe.

Previously, Sharma founded two successful information-technology start-ups. He holds a Master of Science in Computer Science and a Doctorate in Quantum Physics from ANU, as well as a Master of Science in Management (Sloan Fellow) from Stanford University. He received the Pearcey State Award for Entrepreneurship in 2013.

More profile about the speaker
Vikram Sharma | Speaker | TED.com