1x1


ONLINE FEATURES Book Reviews BW Video Columnists Interactive Gallery Newsletters Past Covers Philanthropy Podcasts Special Reports BLOGS Auto Beat Bangalore Tigers Blogspotting Brand New Day Byte of the Apple Economics Unbound Eye on Asia Fine On Media Green Biz Hot Property Investing Insights Management IQ NEXT: Innovation NussbaumOnDesign Tech Beat Working Parents TECHNOLOGY J.D. Power Ratings Product Reviews Tech Stats Wildstrom: Tech Maven AUTOS Home Page Auto Reviews Classic Cars Car Care & Safety Hybrids INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads

JULY 15, 2003



  STORY TOOLS
Printer-Friendly Version
E-Mail This Story

Related Items
Security Net Archive

POLL INSTANT SURVEY >>
With which of the following statements on outsourcing do you most agree?

The benefits of outsourcing to corporate America far outweigh the costs
There's an even split between the drawbacks and rewards
Any benefits are overshadowed by the loss of U.S. jobs
Unsure

VIEW POLL RESULTS >>
  PEOPLE SEARCH

Search for business contacts:

First Name :
Last Name :
Company Name :

PREMIUM SEARCH
Search by job title, geography and build a list of executive contacts

Search by Zoominfo
  Tech White Papers
Most Recent
Most Popular
SECURITY NET
By Alex Salkever

A Quantum Leap in Cryptography
Visionaries are using photons to develop data-security systems that may prove the ultimate defense against eavesdropping hackers


In a dark, quiet room inside the Cambridge (Mass.) labs of Verizon (VZ ) subsidiary BBN Corp., network engineer Chip Elliott is using the laws of physics to build what he hopes will be an unbreakable encryption machine. The system, which sits atop a pink heat-stablization table, is designed to harness subatomic particles to create a hacker-proof way to communicate over fiber-optic networks.


To build his black box, Elliott and his team of co-researchers have used off-the-shelf fiber-optic gear such as lasers and detectors, which he has tweaked to do unusual things. The goal is to reliably emit and detect single photons or tightly linked pairs of photons -- the key particles in light waves. It's all part of a leading edge information-security field known as quantum cryptography.

Over the next few years, Elliott and others in the field may turn the information-security business on its ear. Quantum cryptography could make the secret codes that protect data transmissions far more difficult to decipher -- an important feature for financial-services companies, telecom carriers, and governments. Quantum cryptography may also quickly alert systems administrators to the presence of cybersnoops, whether they be hackers, fraudsters, or corporate spies.

OBSERVED -- AND ALTERED.  In theory, that will all be thanks to Heisenberg's Uncertainty Principle. This basic law of physics, postulated in 1927 by German physicist Werner Heisenberg, holds that the mere act of observing or measuring a particle will ultimately change its behavior. At macroscopic levels, humans don't notice this law. Put your leg inside an MRI machine, for example, and it doesn't come out noticeably different. But at the atomic level, the MRI's application of strong magnetic forces alters the trajectory and spin of the electrons that are orbiting atoms inside your body.

Messing with photons in a data stream will have the same effect. Under the laws of quantum physics, a moving photon has one of four orientations; vertical, horizontal, or diagonal in opposing directions. Lasers can be modified to emit single photons, each possessing a particular orientation. Photon detectors -- such as a hacker might use -- can record that orientation. But according to Heisenberg's principle, doing so will change the orientation of some particles. That will tip off the sender and the receiver, who can reencode their transmission or switch to a different communications line to avoid eavesdroppers.

Scientists have been working on the concepts behind quantum cryptography for three decades. After a long journey from chalkboard to lab to working prototype, the field is on the verge of a breakout. A Swiss firm, ID Quantique, introduced the first commercial quantum cryptography products last summer. Sometime this summer, MagiQ Technologies in New York City is expected to unveil its Navajo quantum cryptographic system. Several communications companies are currently testing Navajo on their networks, and researchers in the field say the U.S. government could already be using quantum cryptography to secure communications.

IN THE LOOP.  In fact, the Defense Dept. is funding numerous quantum cryptography experiments as part of its $20.6 million quantum information initiative at the Defense Advance Research Projects Agency (DARPA). MagiQ estimates that the market for quantum cryptography will hit $200 million within the next few years. It sells its quantum cryptography units for $50,000 apiece.

BBN, meantime, is building a test network funded by DARPA that will allow multiple parties to tap into a fiber-optic cable loop secured by quantum cryptography. "Rather than having one link protected by quantum cryptography, we imagined a big service where everyone could connect to everybody else," explains Elliot. And at Los Alamos National Laboratory in New Mexico, quantum cryptography researcher Richard Hughes already has run experiments proving that photon detectors can pick up a single photon shot through the air. This could ultimately lead to a role for quantum cryptography in securing satellite communications.

And yet quantum cryptography remains an immature technology. Researchers have only been able to send photon signals for limited distances -- 100 kilometers or less -- over fiber optic cables. Photon detectors aren't particularly reliable, either. They often signal that they've detected a photon when one never arrived. "As much as possible, you want to suppress spurious signals," explains Donald Bethune, a quantum cryptography and photonics expert at IBM's (IBM ) Almaden Research Center. "Just having the detector running in an environment that's too warm can cause this problem." To some degree, scientists can compensate for such flakiness with super-cooled detectors and error-correction software that can sift through the noise and pick out the valid signals.

STOLEN KEYS.  Another problem, for now, is that bursts of single photons move too slowly to be an effective means of real-time data exchange. Once errors are factored in, most quantum encryption systems move data at a rate of 1,000 bits per second or less. This is 1/10,000 the transmission speed of today's fastest systems. For that reason, MagiQ and ID Quantique hope to use quantum cryptography initially to securely distribute secret numerical keys. Nearly ubiquitous in computer security today, these keys are required to decode data encrypted by traditional means -- using mathematical equations to obscure the plain text of messages.

Key distribution has long been a weak link of digital encryption. Hackers who get their hands on secret encryption keys can intercept and read a data stream without the violated parties finding out. "Digital keys can be copied with 100% fidelity and an insider could sell the key to a criminal or some corporate espionage operative and create a vulnerability in the data being transmitted," says Robert Gelfond, CEO of MagiQ.

A key distributed via quantum cryptography, however, would be all but impossible to steal. If a bank pairs a quantum cryptography system with a classical encryption system, then the quantum unit can be automated to pass fresh, secret keys from the sender to the receiver with assurance that no one has read those keys. It can do so as often as several times a second without slowing the data transmission. Since the key exchange is automated with quantum crypto, it's also much easier to work with than existing key-exchange mechanisms, which require more human intervention.

SIMPLE TO USE.  None of this will matter if an enterprising hacker has put a keyboard-sniffer program on your machine to detect your keystrokes. Still, quantum cryptography will provide a new layer of safety for whom paranoia is an essential fact of life -- the kind of people who inhabit banks and the Defense Dept. While the concept and execution of quantum cryptography remain complex, apparently the technology, even it is immature state, is ready for prime time.

Jim Capuano is the operations director at NEON Communications, a Boston-based fiber-optic bandwidth retailer with 80 major customers along the Northeast Corridor. His company test-drove MagiQ's system earlier this spring, and he came away impressed. "It's a very simple product to configure," says Capuano. ID Quantique likewise has customers up and running on its system. The computer world just might be witnessing a new and intriguing phase in the history of cybersecurity.


Salkever is Technology editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column
Get BusinessWeek directly on your desktop with our RSS feeds.XML

Add BusinessWeek news to your Web site with our headline feed.

Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video.

To subscribe online to BusinessWeek magazine, please click here.

Learn more, go to the BusinessWeekOnline home page
Back to Top


TODAY'S MOST POPULAR STORIES

  1. Closing the Door to Microsoft Vista
  2. HP and EDS Try a Tieup
  3. Circuit City Gives Up the Fight
  4. Microsoft's Telescope for Everyone
  5. From Junkie to Software Success

Get Free RSS Feed >>
  MARKET INFO
DJIA 12832.18 -44.13
S&P 500 1403.04 -0.54
Nasdaq 2495.12 +6.63

Portfolio Service Update

Stock Lookup

Enter name or ticker



Copyright 2003, by The McGraw-Hill Companies Inc. All rights reserved.
Terms of Use | Privacy Policy

Media Kit | Special Sections | MarketPlace | Knowledge Centers
McGraw-Hill Cos.