What has Edward Snowden taught us about Quantum Cryptology?
The NSA may want quantum computing, but is it any nearer to cracking the problem or cryptology?


The latest story to hit the headlines as a result of the Edward Snowden leaks is that the US National Security Agency (NSA) has a $79m (48m) research project called 'Penetrating Hard Targets' which in part wants to construct a "cryptologically useful quantum computer" which would break all forms of public-key encryption known to man. Which begs the question what are quantum computers and quantum cryptography, and how worried should we be about them?
Quantum computing 101
Richard Feynman, the famed theoretical physicist perhaps best known for his work on the atomic bomb but also one of the pioneers in quantum mechanical theory, once sagely said that "if you think you understand quantum mechanics, you don't understand quantum mechanics" which isn't the greatest starting point for a feature explaining anything 'quantum' you might think.
However, understanding the potential impact of quantum computing in general and quantum cryptography in particular is more important that growing a brain the size of Brazil and writing A Brief History of Quantum Physics. It's less about the theoretical specifics and more about the specific practicalities, if that makes sense.
Having said that, let's have a go at rounding up what quantum is. The first thing to appreciate is what it is not, and that is anything new. Feynman was writing about the whole quantum shebang in 1982, and I've been reading about it for close on twenty years now. Something else it isn't is a reality, in any kind of practical way at any rate.
What it is, then, in as simplistic an explanation as I can manage, is a process of computing that does not process data by passing electrons through transistors and encoding them into binary digits. Instead, it uses qubits, or caged atoms if you prefer, which are an entirely different beast.
Different as unlike a binary digit which can be either a zero or a one, as can a qubit, the qubit can be both at the same time courtesy of a process of superpositioning. If you can reach a point in your head where that makes any kind of sense, then you are ready for the acceptance that in the quantum computing world the problem and its solution, in fact every possible solution, can be processed at the same time.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
As we move this basic concept into the world of cryptography and security, it doesn't get any the easier and the main protagonist is something known as entanglement. This describes when a whole bunch of quantum particles get connected together, and if any of those particles is impacted by an external measurement then all the connected particles are also impacted even if at the total opposite end of the particle chain as it were.
Entanglement holds the key, if you will excuse the obvious pun, to the concept of quantum cryptography. Although it is easy to make the mistake of thinking that this is another advance towards that holy grail of security technology which is 'unbreakable' encryption, that's not actually the case; what quantum cryptography promises to deliver is rather a method to ensure the secrecy of encrypted data.
Why is this distinction such an important one? Well that is easy to explain, and understand, because if any attempt to snoop on encrypted data being transported via a quantum channel is made then that act of snooping will 'disturb' the qubits and the entanglement process would make that attempt visible and the flow of data would immediately stop.
It gets better, the packet that has been 'seen' would also be destroyed because the entangled qubit chain would be broken, and another quantum encrypted packet would have to be sent. The very act of 'seeing' the data is enough to destroy it in transit, and that makes for a very secure method of distributing data.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
ThreatLabz Report: The state of encrypted attacks
Whitepaper What's hiding in your web traffic?
By ITPro Published
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolen
Capita told the pension provider to “work on the assumption” that data had been stolen
By Ross Kelly Published
-
Gumtree site code made personal data of users and sellers publicly accessible
News Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
By Connor Jones Published
-
Pizza chain exposed 100,000 employees' Social Security numbers
News Former and current staff at California Pizza Kitchen potentially burned by hackers
By Danny Bradbury Published
-
83% of critical infrastructure companies have experienced breaches in the last three years
News Survey finds security practices are weak if not non-existent in critical firms
By Rene Millman Published
-
Identity Automation launches credential breach monitoring service
News New monitoring solution adds to the firm’s flagship RapidIdentity platform
By Praharsha Anand Published
-
Neiman Marcus data breach hits 4.6 million customers
News The breach took place last year, but details have only now come to light
By Rene Millman Published
-
Indiana notifies 750,000 after COVID-19 tracing data accessed
News The state is following up to ensure no information was transferred to bad actors
By Rene Millman Published