I’ve been fascinated with cryptography since I first used PGP – and more fascinated still since Cryptonomicon explained to me how cryptography worked. I’ve never read a book that gave me more information on contemporary cryptographical techniques – which is probably why it was classed as a munition for a while in the US (and therefore couldn’t be exported).
Today there’s an article on BBC News (Light Holds Key to Uncrackable Codes) which reveals that significant progress has been made on Quantum Cryptography – the most significant benefit of which is that if a decryption key is intercepted, then the act of observation changes it. This means that it’s immediately apparent to the ‘legitimate’ parties that the key should be changed.
But to a certain extent, the article confuses me. I had assumed that most people and governments would be using some variation on public key encryption. This kind of encryption works on the assumption that it’s much easier to multiply numbers together to provide a huge key than it is to work out from that key what numbers were multiplied together. Because factoring is so difficult mathematically, it’s also pretty much the holy grail of contemporary cryptanalysis.
With public key encryption, each person has two keys – a public one that can be disseminated freely which is used to encode messages that can subsequently only be decrypted by the private key. Think of it this way – the process of encrypting is like the process of multiplying together two large prime numbers – quite easy. But the process of decryption is like trying to work out what those original numbers were – a process which takes such a huge amount of computer time that it’s functionally impossible to figure out (without the private key). Which such a system there’s no benefit in keeping the public key secret, and no reason to circulate the private one. So I suppose I’m curious as to the benefits of Quantum Cryptography in it’s current form. Quantum Cryptanalysis, on the other hand….