I recently discussed the NSA's project to develop a quantum computer in part for the purposes of cracking AES-encrypted data captured from internet backbones during the past 10 years and now stored in the enormous warehouses.
Yet, while true quantum computing probably is still years away, quantum key distribution systems already exist. And since these systems do not depend on the practical inability of a computer to factor very large numbers, and instead use the relationship of entangled particles to cipher the exchange of data, making quantum key distribution technology more widely available would be a crypto activist strategy that even a (still-hypothetical) quantum computer plausibly would be unable to defeat.
If you think of packet-switched data security as a chain, then the encryption algorithm provides the strongest link. Managing encryption keys is the weakest link; and stealing keys is what hackers (NSA included) most often succeed in doing. In some cases, as with RSA corporation, the creator of the technology that generates keys takes money to make key theft easy.
As I've discussed, quantum computing fundamentally depends on the engineering feat of manipulating particles into the state known as superposition. Quantum key distribution also uses superpositioned particles but also requires at least one pair of such particles that are entangled. With a pair of entangled particles, observing some aspect of state for one particle exactly predicts the state of the other particle. Prediction in this case amounts to a instantaneous communication between particles.
Since this phenomenon violates the theory of special relativity, which precludes particles influencing each other at any speed faster than light, Einstein derided the entanglement hypothesis, describing it as "spooky action at a distance". And yet 80 years of experimental physics has overwhelmingly confirmed entanglement as a reproducible physical reality.
Quantum Key Distribution and the Flow of Money
Entangled particles secure qubit-based key exchange by relying on the fact that you can neither copy a quantum state (the no-cloning theorem) nor measure all aspects of entangled particles without corrupting the quantum system--in effect, collapsing particles in superposition into particles with a non-random single set of values. As a result, parties using such a quantum system to secure their information exchange can detect the fact and extent of intrusion by a third party.
In 2004, a group of researchers based at Vienna University produced a set of entangled photons and used them as a key to cipher a transfer of funds from Bank Austria Creditanstalt:
At the transmitter station in the Bank Austria Creditanstalt branch office, a laser produces the two entangled photon pairs in a crystal. One of the two photons is sent via the glass fiber data channel to the City Hall, the other one remains at the bank. Both the receiver in the City Hall and the transmitter in the bank then measure the properties of their particles.
The measuring results are then converted into a string of 0s and 1s – the cryptographic key. The sequence of the numbers 0 and 1 is, due to the laws of quantum physics, completely random. Identical strings of random numbers, used as the key for encoding the information, are produced both in the bank and the City Hall. The information is encoded using the so-called “one time pad” procedures. Here, the key is as long as the message itself. The message is linked with the key bit by bit and then transferred via the glass fibre data channel.
Eavesdropping can be detected already during the production of the key – before the transfer of the encoded message has even started. Any intervention into the transfer of the photons changes the sequence of the number strings at the measuring stations. In case of eavesdropping, both partners receive an unequal sequence. By comparing part of the key, any eavesdropping effort can be discerned. Though the eavesdropper is able to prevent the transfer of the message, he is unable to gain any information contained in the message.
Currently there are physical and financial limits on the availability of quantum key distribution: the network cannot extend beyond 120 miles, preventing open internet adoption; and every member of the network must have a pair of entangled photons generated for them to use for each encrypted session of data exchange, incurring significant entry cost in terms of equipment needed. This is a good example of William Gibson's observation that, technologically speaking, the future is already here but it's unevenly distributed.
Encrypting Data, Breaking Codes
Innovations in encrypting and hacking into data tend to leap-frog each other in the history of cryptography. And because who controls each innovation impacts everyone who creates and exchanges data over publicly accessible channels, keeping up on the latest innovations becomes any individual's or organization's vested interest.
The lesson seems to be that the security of any software product comes down to how carefully the keys to the system are guarded. As with any kind of business and social interaction, establishing trust often comes down to reputation; and this is so much more the case when it comes to data security and choosing to purchase technology instead of creating it yourself. That software products for polling network devices carefully adhere to the standard in implementing SNMPv3, for example, importantly indicates that the security features operate as expected.