Securing the Internet the Los Alamos Way

Quantum Physics Makes the Net More Random

The growing number of cyber-security attacks on the private and government sectors underscores the need for fresh methods of addressing vulnerabilities in IT systems.

Most cryptography systems employ long strings of near-random numbers. This includes the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols that most Web addresses use to secure user data. But in reality, the random numbers used to encrypt data are not completely random. They’re generated using algorithms which, with the right talent and computing power, can be figured out. With the right tools, most existing cryptography methods can be broken.

SSL and TLS open a secure connection to a server using a pair of keys: one is publicly known, and one is private and secret. However, if the digits of the public key aren’t random enough, hackers can use the public key to predict the digits in the private key. Data centres have limited access to true random numbers, as the systems generating those numbers are programmed by humans using predictable mathematical methods. With enough computing power, the protocols can be cracked, highlighting a need for truly bulletproof keys.

After several years of research, physicists at the Los Alamos National Laboratory have developed a quantum random number generator and a quantum communication system, both of which exploit the immutable laws of quantum physics. Unlike current maths-based encryption, keys which are derived from random numbers generated by a potentially predictable algorithm, a quantum key cannot be unlocked through calculation.

Last year, the lab partnered with Whitewood Encryption Systems to commercialise a technology called Entropy Engine. This is a plug-and-play computer card that is compatible with most network servers and creates truly random numbers at a rate of up to 200 million bits per second. The engine can deliver random numbers on demand to existing encryption applications and devices performing cryptographic operations in data centres, cloud computing systems, mobile phones and the Internet of things.

The Entropy Engine isn’t the only quantum-based encryption system, but it could drive the technology further toward the mainstream. Los Alamos expects Entropy Engine will be adopted for everyday transactions including online shopping and the connections between nodes of the Internet of things. According to its developers, its performance is more than ten times higher than that of other quantum devices currently on the market.

Los Alamos Laboratory and its partners are demonstrating the prospects of quantum mechanics in computing. Companies such as Google, IBM and Microsoft as well as a series of well-funded start-ups and top research universities are engaged in developing quantum-based systems for computing. The world of sub-atomic physics is expected to have a big impact on securing information systems and boosting — possibly by many millions — certain computational functions. There’s lots of leverage in the world of the very small.