Blog :: Security Operations

Quantum Cryptography Explained: Applications, Disadvantages, & How It Works

quantum cryptography

As we’ve inched closer and closer to quantum computing, quantum cryptography has become a greater concern. We haven’t yet created a quantum computer that’s faster than the binary computers we use today, but it’s possible that this will change within a few years. While this opens up a lot of possibilities, quantum computers will likely be able to break many current encryption protocols.

A Brief Refresher on Encryption & Quantum Computing

Today’s encryption is based on using huge numbers that are hard to factor. The below video by Art of the Problem does a great job of visually demonstrating how public key encryption works (you may also want to check out their video on RSA encryption):

As stated in the video, “the strength of a one-way function is based on the time needed to reverse it.” If it would take a binary computer (or an array of them) a thousand years to factor a large number, then we can consider the encryption to be secure. But this is where quantum computers will shake things up.

This video from Kurzgesagt (another excellent channel) explains quantum computers in a very easy-to-digest way:

In summary: instead of using bits as the smallest units of information, quantum computers use qubits.  A qubit can be a variety of things, but we’ll focus on the photon.

A photon’s “0” and “1” states refer to whether it’s horizontally or vertically polarized. But in quantum physics, according to the video, it can be “in any proportion of both states at once.” Whereas 4 traditional bits can be in only one of 16 configurations at once, 4 qubits can be in all 16 configurations at once. This opens up the doors to massive computational power.

The Threat to Traditional Encryption

As computers have grown more powerful, we’ve reacted by simply using larger numbers in encryption. In 2009, researchers factored the now-obsolete RSA-768 modulus, which was “several thousands times harder to factor than a 512-bit one.” It took the researchers over 2 years working on hundreds of machines. “On a single core 2.2 GHz AMD Opteron processor with 2 GB RAM, [it] would have taken about fifteen hundred years.”

The researchers also predicted that “factoring a 1024-bit RSA modulus would be about a thousand times harder” than RSA-768. A new report from the US National Academies of Sciences, Engineering, and Medicine states that a powerful quantum computer could crack RSA-1024 in less than a day.

We should keep in mind that quantum computers would not efficiently brute-force solve problems—i.e. run calculations until arriving at a correct answer. But the quantum model is well-suited to certain problems, like factoring large numbers.

What is Quantum Cryptography?

Note that quantum cryptography is different than post-quantum cryptography or quantum-resistant cryptography. Quantum cryptography takes advantage of the properties of quantum physics to encrypt information at the physical network layer. Post-quantum and quantum-resistant cryptography efforts, however, remain focused on developing encryption methods that rely on hard math problems—the kind that quantum computing is not well-suited to solve.

How Quantum Cryptography Works

Qubits have an interesting quirk—they settle on a single state when observed. Many of today’s encryption methods can be circumvented by side-channel attacks, man-in-the-middle attacks, and more. But the quirk of qubits makes it easy to tell if they’ve been observed. If they’ve settled on a single state, then you would know not to trust the message.

In this way, quantum cryptography could encrypt fiber networks—i.e. the physical layer—from end to end. With fiber cable running across the entire connection, in theory you would not need encryption at any other layer of the network.

Quantum Cryptography Disadvantages

The biggest problem right now is the problem you have with any new technology: it’s prohibitively expensive. Furthermore, it would require its own infrastructure. Post-quantum encryption has the advantage of compatibility with existing networks.

We also haven’t quite figured out quantum technology yet. Error rates are relatively high, and fiber-based quantum cryptography only works over fairly short distances. You could increase that distance with repeaters, but that would create weak spots. It’s also unlikely to have an entirely fiber-based connection.

Furthermore, society’s usually a step (or several) behind emerging hacking methods. And according to an MIT Technology Review article released this week, “some US experts think it could take at least 20 years to get quantum-proof encryption widely deployed.”

Quantum Cryptography Applications

Despite the issues, researchers have already accomplished amazing things with quantum encryption.

Concluding Thoughts

Current cybersecurity best practices call for multiple security layers. I expect that will remain true even as we perfect quantum technology. While the capabilities that quantum cryptography offer are powerful, a hybrid solution will likely be the best approach. In the short term, post-quantum cryptography looks more promising as a widely deployed solution.

For more articles on encryption, check out our related blogs: