I'm going to be attending a security round-table at Birmingham University this Thursday and I've been trying to create a short, simple introduction to quantum encryption for real people.  That's more difficult than it sounds...

The work in progress is below...

Quantum encryption is a very young field.  The first public research into quantum encryption was conducted by Stephen Wiesner at Columbia University in New York during the early 1970s.  His paper 'Conjugate Coding' was published in 1983 in SIGACT News.  Wiesner's paper had previously been rejected by IEEE Information Theory.  This is indicative of the unusual nature of the field; Einstein referred to quantum entanglement – a principle used in quantum encryption – as "spooky action at a distance."  The normal laws of physics do not apply in quantum relationships.

Quantum encryption is focused on finding a solution to the key distribution problem.  This is a problem with ensuring that two users who wish to communicate secretly will use a genuinely secret key for their communication.  In many communication situations it is impossible to do this in advance.  This means users have to agree a secret key at the time of communication.  A problem arises in trying to agree this key without revealing it to eavesdroppers.

At the moment secret keys are shared using systems like Diffie-Hellman key exchange.  Diffie-Hellman uses very large prime numbers to agree a secret key and assumes that analysis of the exchange is very difficult.  While this is true of today's computers it may not be true of those deployed tomorrow.  It will certainly not be true when quantum computers enter production.  They will be able to factor large integers instantly.

Quantum encryption uses Quantum Key Distribution (QKD).  This is a method of generating a verifiable secret key that can be transmitted between two people but cannot be altered in transit without the alterations being detected.  Two different aspects of quantum physics can be employed to accomplish this; one is the Heisenberg uncertainty principle and the other is quantum entanglement.  Both methods are generally accomplished through the transmission of photons.

The uncertainty principle is applied to quantum encryption through the polarisation of photons.  In observing the state of a photon a secret key can be obtained.  An example is that vertical photon polarisation can constitute the binary "0" and horizontal polarisation the binary "1".   The strength of photon polarisation is that it is possible to observe photons in different ways: rectilinear, circular, and diagonal.  When you observe a photon in one way you alter the conjugates that could be obtained by observing it in another way.  Unless you know how you should be looking at the photon you cannot obtain useful information about it.  It is also impossible to intercept a polarised stream of  photons.  It is virtually impossible to read the stream without degrading it to a detectable extent.

Quantum entanglement is applied to quantum encryption through the entanglement of individual photons.  This is a genuinely “spooky action” that results in the two photons having a mutual relationship that does not rely on time or space.  If one photon is altered than the other will also change state.  The result of measurements of photon states are random but shared.  It is virtually impossible to either predict or intercept this form of communication.  There is some degree of discrepancy possible between Alice and Bob's measurements of the changed states but an attempt at eavesdropping would noticeably degrade the data stream.

As those already familiar with encryption will have guessed both the uncertainty principle and quantum entanglement offer methods of exchanging secret keys that are highly resistant to man-in-the-middle attacks.  It is very difficult to intercept photon communication streams.  The Observer Effect is one of the primary reasons for this; the very act of observing the photons results in altering their states.  This will both reduce the coherency of the message being transmitted and ensure that both Alice and Bob will know their stream is being intercepted.  The difficulty of interception is compounded with quantum entanglement.  The only way to reliably intercept an entangled stream would be through introducing a third entangled photon.  However, this would weaken each photon to such a degree that it would be easily detectable.

There are two possible ways to intercept quantum encrypted communication streams.  One is where an attacker (Eve) manages to pretend to be Bob when talking to Alice and to pretend to be Alice when talking to Bob.  If Eve assumed these identities it would be possible to act as a silent observer of the data stream.  The second interception method would involve sending large pulses of light towards either Alice or Bob's transmission equipment between the legitimate communication pulses.  The reflection of the massive light pulse could indicate the polarisation of Alice or Bob's equipment.  This is potentially useful on encryption relying on the uncertainty principle.

A limit to quantum encryption based on the uncertainty principle is deniability.  The act of intercepting a polarised photon stream will place some data in Eve's hands.  If Alice and Bob detect the interception and switch keys during their conversation they will not have ensured they can deny that the conversation took place.  Eve will have partial data of the conversation.  If the the data Alice and Bob changed with the switch of their keys is already partially known to Eve, Eve has proof that the conversation took place.

One method of strengthening quantum encryption is privacy amplification.  Privacy amplification is where Alice and Bob use the initial strength of quantum encryption to establish a secret key.  This secret key is used to make further secret keys that Eve will have no information about.  Privacy amplification provides additional protection but does not reduce the probability of eavesdropping to zero.  It is important to bear in mind that there is no such thing as a 'completely secret' communication method.

Sources:

Quantum cryptography, http://en.wikipedia.org/wiki/Quantum_key_distribution

Quantum Cryptography Tutorial, http://www.cs.dartmouth.edu/~jford/crypto.html

Quantum Encryption progresses, http://tonytalkstech.com/2004/05/04/quantum-encryption-progresses/

Ah, child labour.  That forgotten resource; small, easily intimidated and full of energy.  I've been doing my bit for European economic competitiveness, and I have enticed innocent children to become test subjects for a usability study.  The little mites have been deceptively handed a Ubuntu laptop and left alone.  The purpose of this study?  To find out if Dapper Drake can be used by real (small) people.

I am astounded by the results of my research.  They are better than my fan-boy GNU/Linux DNA dared to expect.  

I powered up a laptop for Test Subject #1 (TB#1 hereafter) and waited for his initial reaction.  Blankness.  He didn't know when Ubuntu had finished loading and was ready for use due to the unfamiliar desktop.  I showed TB#1 the desktop menu and left him play.  After half an hour I returned and asked “how's it going?”

TB#1 kept his chubby eyes glued to the screen.  “It's OK.  I'm just finding it hard to beat the computer.” I was curious.  What was TB#1 trying to beat the computer at?  What had TB#1 done to my nice default install of Ubuntu?  I leaned over and looked at the screen.  TB#1 was playing four-in-a-row.

“The computer moves so fast.  Sometimes it moves too fast for me and I don't have time to think,” said TB#1.  I nodded my head.  The test subject had discovered software of direct interest to his age-group.  His youthful mind was being trashed by the game but that's the price you pay for science.

I left the room.  TB#1 was using my old laptop.  It was not a valuable resource so I confidently wandered away.  Three hours later I wandered back.  TB#1 was gone, the laptop was powered down and plugged out.  Hm.  I started it.  Clean mount.  No problems.  On the desktop was one new folder (default name) and one new file (default name).  TB#1 had obviously been experimenting with the abilities of the computer.  Excellent.

The next day TB#1 was back.  He hovered around until I innocently suggested he might like to play with the laptop.  He pretended to consider this suggestion and agreed.  Shortly thereafter TB#1 was sitting in a sofa doing whatever nine year old humans do.  I left him again for two hours.  When I returned TB#1 was gone and the laptop was again neatly powered off.

There are some variables to take into account with my testing.  TB#1 had a protector.  Some kind of mother figure.  However, the mother figure has no idea about computers.  The last time she was sighted with a computer she was waving a mouse in the air and saying it didn't seem to be working.  Therefore her impact on the actual results of TB#1's actions were minimal.

The second variable is that TB#1 has used an old computer.  He has a Windows 95 machine at home (I kid you not).  Therefore TB#1 has some awareness of the desktop paradigm.  

Conclusion?  Kids can use Ubuntu Dapper Drake.  TB#1 has no objection except that four-in-a-row is too difficult.  What a result.  Well done Mark Shuttleworth and associates.