New Ways to Secure TransactionsNIST Researcher Describes Work on 'One-Shot' Memory Device
Building a one-shot memory device using quantum physics could prove to be a transformative technology in the coming years. But researcher Yi-Kai Liu, a computer scientist at the National Institute of Standards and Technology, says many challenges must be overcome.
Liu is conducting research on the development of a one-shot device that could be well-suited for money transfers or high-valued information, such as passwords for critical systems. The memory or authorization code on the technology could only be read once.
"This is pushing the boundaries of what we know how to do from a technological perspective," he says in an interview with Information Security Media Group (transcript below).
"The second challenge is to take these things we can do in the lab and actually apply them [to] solve real-world problems in a way that is cost-effective," he says. "Many things that we can do right now are still probably a bit too expensive from any commercial application."
Liu explains that a one-shot memory device could contain two authorization codes: one that, for example, credits a recipient's bank account and the other that credits the sender's bank account in the event the transfer is canceled. The memory could only be read once, so only one of the codes could be retrieved, and hence, only one of the two actions could be performed.
In the interview, Liu:
- Explains how security technologies based on quantum physics could work better than those based on classical physics;
- Describes how a one-shot memory device would work; and
- Outlines how the device would be used, for instance, to protect high-valued information.
Liu presented his research in January at the Innovations in Theoretical Computer Science conference sponsored by the ACM Special Interest Group on Algorithms and Computational Theory. He works in NIST's Information Technology Laboratory's Applied and Computational Mathematics Division. Liu, who holds a Ph.D. from the University of California at San Diego, conducted research at the University of California at Berkeley and California Institute of Technology before joining NIST.
ERIC CHABROW: Can you explain how quantum physics could provide better information security protection than what classical physics offer?
YI-KAI LIU: Quantum physics actually has a number of different consequences for information security. My current work is mainly focusing on one aspect, which is physical security - the security of hardware, such as computer memories or data links using optical fibers. One security property that you may want is tamper-resistance. So, for instance, you may want the hardware to somehow resist eavesdropping. If someone tries to tap the optical fiber or you want it to resist unauthorized access, for instance if someone steals your laptop or cell phone, this kind of physical security ultimately comes down to properties of the physical device.
It turns out that quantum mechanics has interesting consequences here because there are fundamental limitations on copying an unknown quantum state. Sometimes this is called the no-cloning theorem, that unlike classical information, quantum information cannot be copied perfectly. This is an example of a law of nature which can have consequences for information security, and we'd actually like to build tamper-resistant devices based on the principle.
Maybe a good way to think of it is that this is an attempt to build hardware based on a physical principle, not just on clever design. Intellectually it's a very interesting question to ask whether you can do this. On a practical angle, it's also interesting because these are the kinds of techniques that could be used to protect high-value data. These are situations where you might actually want the kind of security you can get from a quantum-based device.
Protecting the Hardware
CHABROW: You would be protecting the hardware that would store the password, not the software?
LIU: That's right. We actually want to build some of these security functions into the hardware. In many of these systems it would be a single component of the server, like a tampered-proof chip. You can find components like this today in ... the Xbox or in some kinds of digital E-book readers.
One-Shot Memory Unit
CHABROW: What is a one shot memory unit and how does it work?
LIU: A one-shot memory unit is a device that allows one person to share information with another person in a controlled way. The way it works is, you can imagine two people, Alice and Bob. Alice takes the one-shot memory and programs it with two secret messages that she has, and then she gives it to Bob, and Bob can choose to read either one message or the other. The key fact is that Bob cannot read both of the messages. He can only read the device once and he only gets one of the messages. You can use it to implement something [like] a cashier's check to transfer money, where the banks could program the one-shot memory with two authorization codes, and one of them will pay the money to the recipient of the check and the other code will return the money to the sender of the check. This is a case where having the one-shot memory allows the person to do one of these two actions, but it is important that they shouldn't be able to do both.
CHABROW: What is the logic behind having two options?
LIU: There are naturally two different functionalities that it should have. It should either do the transaction, or it should be able to roll it back. The person who bears this one-shot memory should be able to have some choice in what they wanted to do. It should be restricted by some rules of the game.
CHABROW: We're talking about maybe a chip in this case? Is that correct?
LIU: That's right.
CHABROW: Where would the software be stored?
LIU: This would be used in a situation where, say, you're transferring the money from one bank to another where they don't have a direct connection between their networks. I guess on both sides of the transfer there will also be software that can first write the authorization code and then read them, but there is not actually a direct connection that allows them to do the whole thing electronically. That is why it would go through this kind of secure hardware.
Providing IT Security
CHABROW: If one day this theory becomes practical, how would it work to provide IT security?
LIU: To explain this maybe I should go over what quantum bits and qubits are, and what a quantum computer is. You could think a little bit about what a classical computer does. So [there] is software in its operating system, and when you go all the way down to the most basic level, it's all electric circuits that are bits, that stores zero's and one's, and it has logic gates that compute logical functions like and, or, and not. This is what a classical computer is at the most basic level. Quantum computers can do everything a classical computer does, but it can also do more than that. So quantum mechanics allows systems to be in two super positions of different space, and a qubit can be in a super position of zero and one.
LIU: Simultaneously, yes. These super-positions state they are inherently a quantum phenomenon, in that they can do things that are simply not possible using classical probability theory. So there is, in fact, a precise mathematical description of what this means. You can have these super position states, and they are quantum gates and measurements that operate on them. This is a natural physically motivated model of a computer, which is quite a bit more powerful than what you can get from classical physics. In particular, there is a phenomenon called entanglement, where two different qubits can be correlated with one another in a way that is stronger than is possible in classical physics. Intuitively that is where a lot of the power for quantum complication comes from.
What I've been working on is using qubits to build the one-shot memories I described earlier. There is a natural technique for this called conjugant coatings. The basic idea is to encode two messages into the same string of qubits and you can do this in such a way that given these qubits you can different kinds of measurements on them, and depending on what measurements you do, you either get back the first message or the second one and you can choose which one you want. This sounds sort of like a one-shot memory, but there is a catch. It turns out that if you have the ability to use entanglement when you do your measurements, you can get back both messages at once, and therefore the conjugant coding scheme is not secure. Analogously with the one-shot memory, this would be like being able to extract all of the information from the memory whereas you should only be able to get part of it. It would be like violating the access controls on the memory, and so this seems to be a problem.
My work has been about just trying to make the scheme work, by making one more clever observation. Remember that entanglement plays an important role in the security of the scheme, and it appears that [by] using entanglement, someone can break the security of the scheme. But perhaps if they didn't have the ability to use entanglement, it would still be secure. My work has been focused on the idea of using physical systems where it is difficult to create entanglement. These systems can actually show that conjugant coding is secure. More precisely, what I've done is propose a theoretical model of physical systems where entanglement is not easy to create, and this model is called the Isolated Qubits Model. I am able to actually prove that conjugant coding is secure in this setting. This lays the theoretical groundwork for constructing one-shot memories using qubits, provided that you choose the right physical system. There is a natural candidate for these physical systems called Nitrogen Vacancy Center, and these are a kind of solid state qubit which has been implemented in the lab. If engineered properly, these qubits [are] the properties that we need to build one shot memory.
Challenges to Overcome
CHABROW: How far away are we from seeing such a device that you describe coming to reality, and what are challenges that need to be overcome to reach that state?
LIU: There are some pretty serious challenges with this approach. One of them is that all these quantum technologies are quite sophisticated, so making them work is not easy. Already, many of the things that people are doing in the lab today would have been miraculous 30 years ago. This is pushing the boundaries of what we know how to do from a technological perspective. The second challenge is to take these things we can do in the lab and actually apply them [to] solve real-world problems in a way that is cost effective. Many things that we can do right now are still probably a bit too expensive from any commercial application. If you look at where we stand today, there are really a variety of different quantum-based technologies that are relevant to information security. Some of them are actually commercially available today. For instance, Quantum Key Distribution exists as a commercial product. You can buy it, it's not even terribly expensive, and some of those products are becoming quite mature. In particular, there is a push to standardize technologies for Quantum Key Distribution so it will be easier for companies to buy them, and easier for people to integrate them into their existing set up.
Existing Computer Incorporation
CHABROW: Is this something that would be incorporated into existing computers, or would we have to build a whole new type of computer?
LIU: Most of the current products are designed to be incorporated into an existing network, so it would replace an existing data link with this quantum secure data link. Physically, the product actually just looks like another server box that you put into a rack and it just sits there along with your other hardware. It plugs directly into your existing network [and] it knows how to talk over IP and it fits right in with what you have already.
CHABROW: Do you think a product would come out of the research you're conducting in the format you just described?
LIU: I would hope for that. For the stuff that I'm doing, these one-shot memories, I think we are a little ways out from making it commercially practical. The technology itself could be available in five to 10 years. And we would hope that maybe it would take the form of a chip or a small hardware device the size of a hard drive. But we still have to do some more thinking about exactly what niche it would hope to [fill] in computer security. It would probably be used to protect some kind of high value information, maybe administrative passwords for some critical system. We would hope to find some application where the value of the information is sufficient that it would motivate the need for a quantum-based technology and justify some of the additional expense with deployment.
There are some big challenges with building quantum devices and computers, but little challenges have actually been getting knocked away one by one over the years. The long-term vision for this field is to build quantum computers. That is still some ways away, but there is progress on that front also. I guess it's dangerous to speculate about this, but there is a good chance that we might see some kind of interesting quantum computer [developments] during the next five to 10 years. It's not exactly clear how much we will be able to do, but we should be able to do things that at least go well beyond what we can imagine today. There is a lot of good work happening in this field, and it is starting to produce real results.