Figure 5: The digital certificate system.
or passwords. Either of these could result in a breach of the system. The digital certificate system provides a secure method of acquiring a public key. The public key given from a digital certificate source (a third-party certificate server) is basically an encrypted version of the key. The issuers of digital certificates are often referred to as certificate authorities. Figure 5 illustrates the process [ 1].
Here the sender receives a certificate, an encrypted public key, from the certificate source. The receiver gets a copy of the sender’s public key and requests a copy of the certificate. The receiver obtains the encryption key from the certificate source that was used for the sender’s certificate. The receiver then decrypts the certificate with the key and thereby obtains the sender’s public key. The receiver also checks the digital signature to verify authenticity [ 1].
The concepts of asymmetric-key methods provide for services such as secure sockets layer (SSL). SSL is a protocol that ensures authentication, message integrity, and confidentiality for Internet-based transactions in e-commerce [ 1]. Web browsers support the protocol, and when the web address begins with https (http-secure) as opposed to http, SSL is invoked. A closed padlock icon may appear on the browser. SSL works at the transport layer and supports application layer protocols above it such as HTTP and FTP [ 1, 4]. The web browser encrypts the data, using either 40 or 128-bit encryption [ 6]. SSL technology employs a certificate method to ensure authenticity of the communicating parties. For the utmost security, a trusted vendor should be the source of the certificate. While SSL certificates may be generated by any online commercial entity, it is safer to utilize those provided by validated third-party vendors, or certificate authorities [ 6].
Currently implemented computing and communication systems utilize binary methods and manipulations that are based upon prime numbers, modular arithmetic, and the factorization of very large numbers. Computation in this paradigm is carried out via discrete, two-state techniques. While this has served and continues to serve us well in current systems, there are more powerful and promising models on the horizon. One of the more well-known of these is termed quantum computing and its derivative technology, quantum cryptography.
Quantum cryptography is based on Heisenberg’s theory of uncertainty, which is derived from the principles of quantum physics. Quantum physics is concerned with elementary particles on an extremely small scale, and how the behavior of such particles tends to "buck" the classical principles of physics. Matter, for example, can be broken down
to the atomic level, and further into subatomic particles. Light, the basis for quantum computing and cryptography, may be broken down to a basal element called the photon. Photons, and other extremely small-scale particles, exhibit some interesting characteristics. Among these are the uncertainties of state [ 8].
Quantum cryptography could be thought of as an object-oriented method of encryption at a basal and physical level. An object, such as a photon of light, possesses a set of attributes such as polarization or intensity, and these may be altered and manipulated. Quantum cryptography methods seek to capitalize upon those attributes that have a certain property: they cannot be observed without being changed. This represents the basis of quantum technology. Optical quantum cryptography seeks to use the photon’s attribute of polarization to generate a random encryption key. Varying polarization states can create a stream of data that can be digitized. An attribute such as this is of great value in encryption because any eavesdropper will never see the data as it originally existed. Furthermore, intrusion detection is intrinsic to the system [ 8].
Let us consider a simple example of a generic photon-based scheme, as illustrated in Figure 6. A sender, utilizing a highly-precise laser device, emits photons of varying and random polarizations to a receiving device. The photon stream sent represents the key. Once the key is agreed upon by the receiver and sender, there is system-assured secrecy of the key. Assume that the polarization attribute of each photon of light is known in the sender-receiver domain. The polarization of a photon, once “viewed” or measured, is irreversibly changed according to quantum behavior. So, since the receiver can compare the states of the photons on transmission and reception, those that have been altered can be rejected for inclusion in the key on a photon-by-photon basis.
The encryption key, once established as secret, can be used for encrypting data for secure communications with certainty that the messages are indeed secret and impenetrable [ 8].
A quantum cryptography system based on photons would require full optical lines for connection between the sending and receiving laser device nodes. For longer-haul distances, optical repeaters would need to be introduced into the system, and this presents a hurdle.
Figure 6: A quantum cryptography key system.
References:
Archives