Get best of the week

New cryptography method promising perfect secrecy greeted with skepticism

An international development team claims that their ideal cryptography is physically impossible to crack




In an ongoing race to create and crack digital codes, the idea of ​​perfect secrecy hovers somewhere on the horizon like a mirage. Recent research has attracted both interest and skepticism, thanks to a description of how to achieve perfect secrecy when sending messages using special silicon chips that generate single keys that cannot be recreated.

Modern cryptography requires computer algorithms to perform mathematically complex processes that turn ordinary data into gibberish. Usually, data becomes unreadable to any person who does not have a digital key that reveals the mathematics used to protect this data - unless the opponent has enough computing power to crack a mathematically complex code without a key. However, a study published on December 20, 2019 in the journal Nature Communications claimed the invention of “cryptography of perfect secrecy,” which will remain safe even when the opponent has access to the quantum computers of the future.

“Ideal secrecy is a concept that represents the highest degree of security in cryptography,” says Rafael Misotsky , a cryptographer at Intel Corporation who was not involved in writing the work. “If the cryptosystem achieves perfect secrecy, it should remain safe regardless of the amount of computing power available to the attackers.”

Most attempts to achieve perfect secrecy have focused on the development of systems with quantum key distribution (KRK). KRC systems rely on the principles of quantum physics for the safe distribution of digital keys around the world. However, Misotsky clarifies, companies and governments will have to fork out for new quantum communication channels, such as satellite networks, to implement the CRC.

In contrast, the new method of cryptography of perfect secrecy described in Nature Communications should work on the existing fiber optic communications infrastructure. This method was developed by an international team of researchers from the University of Science and Technology. King Abdullah of Saudi Arabia, the University of St Andrews in Scotland and the Center for Substandard Scientific Processes in California, USA.

“I like to think of it as a bridge that provides a viable implementation of the ideas of the CRC using classical optical communications,” says Andrea Fratalocci, an electrical engineer from the University of Science and Technology. King Abdullah, lead author of the work. The picture from the work demonstrates how an array of reflective disks arranged in the form of a human fingerprint can create chaotic light states by reflecting laser light.



Instead of relying on quantum physics for key security, Fratalocci and colleagues used chaotic states of light to protect key privacy. To do this, they applied reflective nanodisks to the surface of silicon chips, the location of which was chosen in the form of a pattern resembling fingerprints. The surface of the chip acts as a labyrinth for the waves of laser light that are reflected inside it, moving along it randomly.

“Randomness means that any light entering the maze generates random movement without exception,” Fratalochchi explains. “Not every disc pattern is able to meet this requirement, and the correct pattern must be sought in computer simulations.”

What is important, any small and irreversible change in the structure of patterns on the chips will create a completely different scattering of laser waves. Researchers demonstrated this experimentally by placing contaminated drops of water on the surface of the chip, and showing how the small deposits remaining after the evaporation of the water changed both the pattern of the chip itself and the resulting chaotic state of light. They imagine that in the future, the chips will use an absorbing hydrogel that can change shape, thereby changing the pattern.

To use such a system, two users — often called Alice and Bob in cryptographic scenarios — take one chip each with a disk pattern that can generate chaotic states of light. Alice and Bob begin by triggering laser pulses passing through each chip. Then they transmit these different chaotic states of light to another person via an ordinary optical cable.

At the end of the transfer, Alice and Bob measure the spectral sequence of the obtained chaotic state of light, and use another channel to publicly transmit the received data that has not been changed. By comparing the data obtained, they together can create a one-time key based on the imposition of repeating spectral sequences.

Randomly irreversibly changing patterns on chips, Alice and Bob can create and transfer one-time keys, the security of which will not be interrupted by eavesdropping or interception by a third party (which in such scenarios is often called Eve). This is because each chip with a pattern will initially exist in thermodynamic equilibrium with its environment, so each subsequent change in the pattern of the chip will increase the overall disorder both in the system and in the environment.

Even if Eve tries to recreate the key, retaining all the signals transmitted by Bob and Alice to each other, or creating an ideal physical copy of both chips, Eve will not be able to recreate the exact environment of each chip, which also participates in determining the chaotic state of light. The second law of thermodynamics makes it physically impossible for Eve to recreate the original thermodynamic equilibrium that existed in the initial conditions of each of the chips.

Disposable keys obtained by this method would help realize the idea of perfect secrecy cryptography, or " one-time pad " ( one's time-pad, OTP), coined in the telegraph era during the First World War in 1917. The OTP method combines a coded message with a one-time random key the length of the text itself. However, OTP did not take root because the long key length is inconvenient to use, and the problem of its safe transmission is difficult to solve.

The chaotic chip story used by Fratalocci and his colleagues offers a solution to the problem of secure key transfer. Moreover, the researchers also developed an algorithm that extracts more digital information from each laser light pulse, which speeds up the process of creating one-time keys for longer messages.

An international team of researchers has already sent a patent application describing the operation of the system, intending to adapt it for commercial use in a few years. When asked about the shortcomings or limitations of this method, which may occur during its practical use, or possible security problems, Fratalochchi answered that he was not aware of those.

“We were contacted by various companies that have different interests, and with whom we discuss various methods of applying this method for various security tasks,” said Fratalocci. “Our ultimate goal is to use this system to get answers to all existing questions related to crypto security threats.”

But some independent experts in cryptography and physics have expressed concerns or are just skeptical about whether such an approach can actually provide perfect secrecy for practical cryptography.

“I want to emphasize that the main problem with this work is that it makes extremely bold statements, but it’s clear that the author does not have any understanding of the basics of cryptography,” says Yehuda Lindel, an IT specialist from Center for Applied Cryptography and Cybersecurity Research at Bar-Ilan University in Israel. “It always raises serious concerns.”

Lindel admitted that he himself is not a physicist, and cannot confirm the reliability of the physical aspects of the work. However, he emphasized what he called “gross errors” in the work regarding cryptography. For example, he disputes the claim that quantum computers are able to crack all classical cryptographic methods, indicating that Advanced Encryption Standard (AES) can remain safe even when using quantum computers, simply by doubling the length of the key.

“If the result of the initial research were described in the work, which should be studied further, I think that I would have reacted very differently,” Lindel said. - Cryptography is a very complicated thing; "a specialist from another field who claims to have solved all her problems is simply not trustworthy."

The idea of ​​using chaos theory in cryptography was originally proposed by British physicist Robert Matthews in 1989, said Quéck Leon Chuan, a physicist at the Center for Quantum Technologies at National University of Singapore. But he added that this approach was unpopular due to security concerns.

“I believe that security analysis requires further study,” said Queck. “In general, while the attempt is commendable, it seems to me that possible security holes could ruin these protocols.”

Misotsky, a cryptographer from Intel, described the new study as “interesting,” while pointing out possible difficulties in the safe implementation of the system. In particular, he pointed out that the second public channel used for communication between Alice and Bob may be vulnerable toattacks with a mediator (MitM), secretly transmitting and possibly modifying messages transmitted from one side to another, which believe that they communicate only with each other.

To prevent such attacks, conventional cryptography relies on digital signatures and other authentication methods to guarantee direct messaging with proxies, and the absence of an attacker in the middle. “It is not clear how this authentication layer can be added to this new approach, since the second channel proposed in the work is only capable of transmitting keys,” Misotsky said.

In response, Fratalochi explained that the new approach is compatible with various authentication techniques, including those offered for KRC systems. “Our system is very flexible and open to integrate different authentication schemes, but I cannot disclose them, because they are part of the methods we develop,” says Fratalocci.

An anonymous researcher who read a draft of Nature Communications' work as part of an expert assessment also emphasized the presence of “a lot of practical issues with the implementation of the system in its current form.” He wondered if the relatively low speed of mechanical change of patterns on the chip compared to the frequency of laser pulses would result in many pulses having "identical initial conditions despite the fact that users intend to change them quickly enough." The reviewer also suggested that the requirement of the system for both users to have almost identical sources of laser beams "will lead to serious difficulties in the practical implementation of the system."

Another likely difficulty stems from the requirement to achieve thermodynamic equilibrium between the chips and their environment. This may prove to be a difficult and impractical requirement for some applications that fail to constantly guarantee thermodynamic equilibrium, Misotsky said. But, despite his fears, he expects an opportunity to see how the system behaves in practice.

“In general, the work provides an interesting alternative to exchanging keys over conventional communication channels,” says Misotsky. “If implemented correctly, it can be used for OTP encryption, and achieve such an ideal idea in cryptography as perfect secrecy.”

More articles:


All Articles