TED@Westpac
Vikram Sharma: How quantum physics can make encryption stronger
Filmed:
Readability: 5.6
1,181,090 views
As quantum computing matures, it's going to bring unimaginable increases in computational power along with it -- and the systems we use to protect our data (and our democratic processes) will become even more vulnerable. But there's still time to plan against the impending data apocalypse, says encryption expert Vikram Sharma. Learn more about how he's fighting quantum with quantum: designing security devices and programs that use the power of quantum physics to defend against the most sophisticated attacks.
Vikram Sharma - Encryption expert
Vikram Sharma uses quantum technology to strengthen cryptographic key management and encryption. Full bio
Vikram Sharma uses quantum technology to strengthen cryptographic key management and encryption. Full bio
Double-click the English transcript below to play the video.
00:12
Recently, we've seen the effects
of cyber attacks on the business world.
of cyber attacks on the business world.
0
817
4404
00:17
Data breaches at companies like JP Morgan,
Yahoo, Home Depot and Target
Yahoo, Home Depot and Target
1
5245
5411
00:22
have caused losses of hundreds of millions
2
10680
2691
00:25
and in some cases, billions of dollars.
3
13395
2847
00:28
It wouldn't take many large attacks
to ravage the world economy.
to ravage the world economy.
4
16792
3701
00:33
And the public sector
has not been immune, either.
has not been immune, either.
5
21229
3150
00:36
In 2012 to 2014,
6
24706
3768
00:40
there was a significant data breach
at the US Office of Personnel Management.
at the US Office of Personnel Management.
7
28498
4279
00:45
Security clearance
and fingerprint data was compromised,
and fingerprint data was compromised,
8
33157
3430
00:48
affecting 22 million employees.
9
36611
4204
00:53
And you may have heard of the attempt
by state-sponsored hackers
by state-sponsored hackers
10
41561
4103
00:57
to use stolen data to influence election
outcomes in a number of countries.
outcomes in a number of countries.
11
45688
5558
01:03
Two recent examples are
the compromise of a large amount of data
the compromise of a large amount of data
12
51624
3619
01:07
from the Bundestag,
the national Parliament of Germany,
the national Parliament of Germany,
13
55267
3310
01:10
and the theft of emails from the US
Democratic National Committee.
Democratic National Committee.
14
58601
4733
01:16
The cyber threat is now affecting
our democratic processes.
our democratic processes.
15
64807
4287
01:21
And it's likely to get worse.
16
69712
1933
01:24
As computer technology
is becoming more powerful,
is becoming more powerful,
17
72141
3738
01:27
the systems we use to protect our data
are becoming more vulnerable.
are becoming more vulnerable.
18
75903
4158
01:33
Adding to the concern
is a new type of computing technology,
is a new type of computing technology,
19
81093
3548
01:36
called quantum computing,
20
84665
1991
01:38
which leverages microscopic
properties of nature
properties of nature
21
86680
2953
01:41
to deliver unimaginable increases
in computational power.
in computational power.
22
89657
3909
01:46
It's so powerful that it will crack
many of the encryption systems
many of the encryption systems
23
94069
4413
01:50
that we use today.
24
98506
1200
01:52
So is the situation hopeless?
25
100625
2230
01:55
Should we start packing
our digital survival gear
our digital survival gear
26
103228
2857
01:58
and prepare for an upcoming
data apocalypse?
data apocalypse?
27
106109
3000
02:02
I would say, not yet.
28
110283
1658
02:04
Quantum computing is still in the labs,
29
112489
1922
02:06
and it will take a few years
until it's put to practical applications.
until it's put to practical applications.
30
114435
3490
02:10
More important,
31
118347
1206
02:11
there have been major breakthroughs
in the field of encryption.
in the field of encryption.
32
119577
3486
02:15
For me, this is
a particularly exciting time
a particularly exciting time
33
123497
3001
02:18
in the history of secure communications.
34
126522
2667
02:21
About 15 years ago,
35
129759
1429
02:23
when I learned of our new-found ability
36
131212
2326
02:25
to create quantum effects
that don't exist in nature,
that don't exist in nature,
37
133562
3785
02:29
I was excited.
38
137371
1419
02:30
The idea of applying
the fundamental laws of physics
the fundamental laws of physics
39
138814
3287
02:34
to make encryption stronger
40
142125
1731
02:35
really intrigued me.
41
143880
1427
02:38
Today, a select groups of companies
and labs around the world, including mine,
and labs around the world, including mine,
42
146069
6191
02:44
are maturing this technology
for practical applications.
for practical applications.
43
152284
3606
02:48
That's right.
44
156260
1151
02:49
We are now preparing
to fight quantum with quantum.
to fight quantum with quantum.
45
157435
3467
02:53
So how does this all work?
46
161719
1881
02:55
Well, first, let's take a quick tour
of the world of encryption.
of the world of encryption.
47
163624
3611
02:59
For that, you'll need a briefcase,
48
167259
2047
03:01
some important documents that you want
to send your friend, James Bond,
to send your friend, James Bond,
49
169330
3991
03:05
and a lock to keep it all safe.
50
173345
2067
03:08
Because the documents are top secret,
we're going to use an advanced briefcase.
we're going to use an advanced briefcase.
51
176122
5175
03:13
It has a special combination lock
52
181321
2064
03:15
which, when closed,
53
183409
1565
03:16
converts all the text
in the documents to random numbers.
in the documents to random numbers.
54
184998
3412
03:20
So you put your documents inside,
close the lock --
close the lock --
55
188434
3716
03:24
at which point in time the documents
get converted to random numbers --
get converted to random numbers --
56
192174
3482
03:27
and you send the briefcase to James.
57
195680
2400
03:30
While it's on its way,
you call him to give him the code.
you call him to give him the code.
58
198736
3230
03:34
When he gets the briefcase,
he enters the code,
he enters the code,
59
202387
2936
03:37
the documents get unscrambled, and voilà,
60
205347
2984
03:40
you've just sent
an encoded message to James Bond.
an encoded message to James Bond.
61
208355
3849
03:44
(Laughter)
62
212228
1055
03:45
A fun example, but it does illustrate
three things important for encryption.
three things important for encryption.
63
213966
4490
03:50
The code -- we call this
an encryption key.
an encryption key.
64
218776
2841
03:53
You can think of it as a password.
65
221641
2102
03:56
The call to James to give him
the code for the combination lock.
the code for the combination lock.
66
224093
4849
04:00
We call this key exchange.
67
228966
2031
04:03
This is how you ensure
68
231442
1493
04:04
you get the encryption key
securely to the right place.
securely to the right place.
69
232959
3769
04:09
And the lock, which encodes
and decodes the document.
and decodes the document.
70
237164
3699
04:12
We call this an encryption algorithm.
71
240887
2619
04:15
Using the key, it encodes
the text in the documents
the text in the documents
72
243530
4968
04:20
to random numbers.
73
248522
1396
04:21
A good algorithm will encode in such a way
74
249942
2762
04:24
that without the key
it's very difficult to unscramble.
it's very difficult to unscramble.
75
252728
3733
04:29
What makes encryption so important
76
257529
1993
04:31
is that if someone were to capture
the briefcase and cut it open
the briefcase and cut it open
77
259546
3736
04:35
without the encryption key
and the encryption algorithm,
and the encryption algorithm,
78
263306
3262
04:38
they wouldn't be able
to read the documents.
to read the documents.
79
266592
2516
04:41
They would look like nothing more
than a bunch of random numbers.
than a bunch of random numbers.
80
269132
4150
04:46
Most security systems rely
on a secure method for key exchange
on a secure method for key exchange
81
274575
4849
04:51
to communicate the encryption key
to the right place.
to the right place.
82
279448
4467
04:56
However, rapid increases
in computational power
in computational power
83
284862
2976
04:59
are putting at risk a number
of the key exchange methods we have today.
of the key exchange methods we have today.
84
287862
4365
05:04
Consider one of the very
widely used systems today -- RSA.
widely used systems today -- RSA.
85
292776
4460
05:09
When it was invented, in 1977,
86
297855
3301
05:13
it was estimated that it would take
40 quadrillion years
40 quadrillion years
87
301180
4500
05:17
to break a 426-bit RSA key.
88
305704
3536
05:22
In 1994, just 17 years later,
89
310006
4333
05:26
the code was broken.
90
314363
1531
05:29
As computers have become
more and more powerful,
more and more powerful,
91
317355
2571
05:31
we've had to use larger and larger codes.
92
319950
2667
05:35
Today we routinely use 2048 or 4096 bits.
93
323117
5998
05:41
As you can see, code makers and breakers
are engaged in an ongoing battle
are engaged in an ongoing battle
94
329831
5031
05:46
to outwit each other.
95
334886
1794
05:50
And when quantum computers arrive
in the next 10 to 15 years,
in the next 10 to 15 years,
96
338553
4096
05:54
they will even more rapidly
crack the complex mathematics
crack the complex mathematics
97
342673
4186
05:58
that underlies many
of our encryption systems today.
of our encryption systems today.
98
346883
3690
06:03
Indeed, the quantum computer is likely
to turn our present security castle
to turn our present security castle
99
351034
5408
06:08
into a mere house of cards.
100
356466
2587
06:12
We have to find a way
to defend our castle.
to defend our castle.
101
360815
3500
06:17
There's been a growing
body of research in recent years
body of research in recent years
102
365474
2603
06:20
looking at using quantum effects
to make encryption stronger.
to make encryption stronger.
103
368101
3221
06:23
And there have been
some exciting breakthroughs.
some exciting breakthroughs.
104
371760
3267
06:27
Remember those three things
important for encryption --
important for encryption --
105
375474
2929
06:30
high-quality keys, secure key exchange
and a strong algorithm?
and a strong algorithm?
106
378427
4893
06:35
Well, advances in science and engineering
107
383831
2667
06:38
are putting two of those
three elements at risk.
three elements at risk.
108
386522
3237
06:42
First of all, those keys.
109
390450
1865
06:45
Random numbers are the foundational
building blocks of encryption keys.
building blocks of encryption keys.
110
393006
4230
06:49
But today, they're not truly random.
111
397260
2579
06:52
Currently, we construct encryption keys
112
400641
2738
06:55
from sequences of random numbers
generated from software,
generated from software,
113
403403
3809
06:59
so-called pseudo-random numbers.
114
407236
2563
07:02
Numbers generated by a program
or a mathematical recipe
or a mathematical recipe
115
410712
3317
07:06
will have some, perhaps subtle,
pattern to them.
pattern to them.
116
414053
3761
07:10
The less random the numbers are,
117
418784
1552
07:12
or in scientific terms,
the less entropy they contain,
the less entropy they contain,
118
420360
3344
07:15
the easier they are to predict.
119
423728
2067
07:18
Recently, several casinos
have been victims of a creative attack.
have been victims of a creative attack.
120
426917
3922
07:22
The output of slot machines
was recorded over a period of time
was recorded over a period of time
121
430863
4349
07:27
and then analyzed.
122
435236
1357
07:28
This allowed the cyber criminals
123
436982
1968
07:30
to reverse engineer
the pseudo-random number generator
the pseudo-random number generator
124
438974
3667
07:34
behind the spinning wheels.
125
442665
1999
07:36
And allowed them, with high accuracy,
to predict the spins of the wheels,
to predict the spins of the wheels,
126
444688
5307
07:42
enabling them to make big financial gains.
127
450019
3467
07:47
Similar risks apply to encryption keys.
128
455122
3158
07:50
So having a true random number generator
is essential for secure encryption.
is essential for secure encryption.
129
458815
5160
07:57
For years, researchers have been looking
at building true random number generators.
at building true random number generators.
130
465815
5254
08:03
But most designs to date
are either not random enough,
are either not random enough,
131
471093
3373
08:06
fast enough or aren't easily repeatable.
132
474490
2733
08:10
But the quantum world is truly random.
133
478053
3151
08:13
So it makes sense to take advantage
of this intrinsic randomness.
of this intrinsic randomness.
134
481546
4991
08:20
Devices that can measure quantum effects
135
488165
1912
08:22
can produce an endless stream
of random numbers at high speed.
of random numbers at high speed.
136
490101
3930
08:26
Foiling all those
would-be casino criminals.
would-be casino criminals.
137
494421
3000
08:30
A select group of universities
and companies around the world
and companies around the world
138
498485
3577
08:34
are focused on building
true random number generators.
true random number generators.
139
502086
3422
08:37
At my company, our quantum
random number generator
random number generator
140
505895
3658
08:41
started life on a two meter
by one meter optic table.
by one meter optic table.
141
509577
3787
08:46
We were then able to reduce it
to a server-size box.
to a server-size box.
142
514085
3804
08:50
Today, it's miniaturized into a PCI card
that plugs into a standard computer.
that plugs into a standard computer.
143
518736
5772
08:59
This is the world's fastest
true random number generator.
true random number generator.
144
527482
4134
09:04
It measures quantum effects to produce
a billion random numbers per second.
a billion random numbers per second.
145
532053
5073
09:09
And it's in use today to improve security
146
537877
3349
09:13
at cloud providers, banks
and government agencies
and government agencies
147
541250
3674
09:16
around the world.
148
544948
1150
09:18
(Applause)
149
546788
6928
09:27
But even with a true
random number generator,
random number generator,
150
555319
2568
09:29
we've still got the second
big cyber threat:
big cyber threat:
151
557911
2896
09:32
the problem of secure key exchange.
152
560831
2682
09:36
Current key exchange techniques
will not stand up to a quantum computer.
will not stand up to a quantum computer.
153
564315
4552
09:41
The quantum solution to this problem
154
569865
1929
09:43
is called quantum key distribution or QKD,
155
571818
3700
09:47
which leverages a fundamental,
counterintuitive characteristic
counterintuitive characteristic
156
575893
4335
09:52
of quantum mechanics.
157
580252
1400
09:54
The very act of looking
at a quantum particle changes it.
at a quantum particle changes it.
158
582077
4907
10:00
Let me give you an example
of how this works.
of how this works.
159
588173
2319
10:02
Consider again exchanging the code
for the lock with James Bond.
for the lock with James Bond.
160
590927
4707
10:07
Except this time, instead of a call
to give James the code,
to give James the code,
161
595974
4158
10:12
we're going to use quantum effects
on a laser to carry the code
on a laser to carry the code
162
600156
4048
10:16
and send it over standard
optic fiber to James.
optic fiber to James.
163
604228
3909
10:20
We assume that Dr. No
is trying to hack the exchange.
is trying to hack the exchange.
164
608774
4349
10:26
Luckily, Dr. No's attempt to intercept
the quantum keys while in transit
the quantum keys while in transit
165
614530
5243
10:31
will leave fingerprints
that James and you can detect.
that James and you can detect.
166
619797
3666
10:36
This allows those intercepted keys
to be discarded.
to be discarded.
167
624043
3468
10:40
The keys which are then retained
168
628026
1757
10:41
can be used to provide
very strong data protection.
very strong data protection.
169
629807
3345
10:45
And because the security is based
on the fundamental laws of physics,
on the fundamental laws of physics,
170
633815
4286
10:50
a quantum computer, or indeed
any future supercomputer
any future supercomputer
171
638125
4063
10:54
will not be able to break it.
172
642212
1934
10:56
My team and I are collaborating
with leading universities
with leading universities
173
644768
2936
10:59
and the defense sector
174
647728
1294
11:01
to mature this exciting technology
175
649046
2436
11:03
into the next generation
of security products.
of security products.
176
651506
3133
11:07
The internet of things
is heralding a hyperconnected era
is heralding a hyperconnected era
177
655895
5738
11:13
with 25 to 30 billion
connected devices forecast by 2020.
connected devices forecast by 2020.
178
661657
6118
11:20
For the correct functioning
of our society in an IoT world,
of our society in an IoT world,
179
668569
5111
11:25
trust in the systems that support
these connected devices is vital.
these connected devices is vital.
180
673704
4828
11:31
We're betting that quantum technologies
will be essential in providing this trust,
will be essential in providing this trust,
181
679704
4823
11:36
enabling us to fully benefit
from the amazing innovations
from the amazing innovations
182
684887
4559
11:41
that are going to so enrich our lives.
183
689470
2898
11:46
Thank you.
184
694046
1150
11:47
(Applause)
185
695220
4930
ABOUT THE SPEAKER
Vikram Sharma - Encryption expertVikram Sharma uses quantum technology to strengthen cryptographic key management and encryption.
Why you should listen
Vikram Sharma is the founder and CEO of Canberra- based QuintessenceLabs, or Q-Labs, which uses quantum technology to strengthen cryptographic key management and encryption, an urgent need in this era of increasingly sophisticated cyberattacks. One of Westpac’s high-potential Businesses of Tomorrow, Q-Labs uses the world’s fastest random-number generator to create the strongest possible encryption keys, and integrates them into advanced key management and encryption capabilities, protecting banks, governments, and other security-aware enterprises around the globe.
Previously, Sharma founded two successful information-technology start-ups. He holds a Master of Science in Computer Science and a Doctorate in Quantum Physics from ANU, as well as a Master of Science in Management (Sloan Fellow) from Stanford University. He received the Pearcey State Award for Entrepreneurship in 2013.
Vikram Sharma | Speaker | TED.com