The New Math of Quantum Cryptography

The original version of this story appeared in Quanta Magazine.

Hard problems are usually not a invited sight. But cryptographers emotion them. That’s because definite difficult mathematics problems underpin nan information of modern encryption. Any clever instrumentality for solving them will punishment astir forms of cryptography.

Several years ago, researchers recovered a radically caller attack to encryption that lacks this imaginable anemic spot. The attack exploits nan peculiar features of quantum physics. But dissimilar earlier quantum encryption schemes, which only activity for a fewer typical tasks, nan caller attack tin execute a overmuch wider scope of tasks. And it could activity moreover if each nan problems astatine nan bosom of mean “classical” cryptography move retired to beryllium easy solvable.

But this striking find relied connected unrealistic assumptions. The consequence was “more of a impervious of concept,” said Fermi Ma, a cryptography interrogator astatine nan Simons Institute for nan Theory of Computing successful Berkeley, California. “It is not a connection astir nan existent world.”

Now, a new paper by 2 cryptographers has laid retired a way to quantum cryptography without those outlandish assumptions. “This insubstantial is saying that if definite different conjectures are true, past quantum cryptography must exist,” Ma said.

Castle successful nan Sky

You tin deliberation of modern cryptography arsenic a building pinch 3 basal parts. The first portion is nan bedrock heavy beneath nan tower, which is made of difficult mathematical problems. The building itself is nan 2nd part—there you tin find circumstantial cryptographic protocols that fto you nonstop backstage messages, motion integer documents, formed concealed ballots, and more.

In between, securing those day-to-day applications to mathematical bedrock, is simply a instauration made of building blocks called one-way functions. They’re responsible for nan asymmetry inherent successful immoderate encryption scheme. “It’s one-way because you tin encrypt messages, but you can’t decrypt them,” said Mark Zhandry, a cryptographer astatine NTT Research.

In nan 1980s, researchers proved that cryptography built atop one-way functions would guarantee information for galore different tasks. But decades later, they still aren’t definite that nan bedrock is beardown capable to support it. The problem is that nan bedrock is made of typical difficult problems—technically known arsenic NP problems—whose defining characteristic is that it’s easy to cheque whether immoderate campaigner solution is correct. (For example, breaking a number into its premier factors is an NP problem: difficult to do for ample numbers, but easy to check.)

Many of these problems look intrinsically difficult, but machine scientists haven’t been capable to beryllium it. If personification discovers an ingenious algorithm for quickly solving nan hardest NP problems, nan bedrock will crumble, and nan full building will collapse.

Unfortunately, you can’t simply move your building elsewhere. The tower’s foundation—one-way functions—can only beryllium connected a bedrock of NP problems.

To build a building connected harder problems, cryptographers would request a caller instauration that isn’t made of one-way functions. That seemed intolerable until conscionable a fewer years ago, erstwhile researchers realized that quantum physics could help.