Note: I will be presenting this work at APS Global Summit at Denver next month
I’ve been incredibly fortunate to work in places where I’ve been able to do some pretty cool things. But the work we’re releasing today may be the coolest thing I’ve ever done, and it captures perfectly the kind of research I’ve been drawn to lately.
I spend most of my time mediating between two very different worlds. On one side is the strange world of quantum physics: states without definite existence, uncertainty baked into the rules, atomic length scales, and times measured in nanoseconds and microseconds. On the other side is the world of technology, where we’d like to use all that weird physics to actually do something useful. My job is to pull these two worlds closer together.
The paper we’re releasing today is nearly fifty pages long, but its core message is remarkably simple: this brings quantum computers closer to cybersecurity.
For over fifty years, modern cryptography has been built on a small set of foundational assumptions. At the heart of almost every cryptographic system lies a mathematical problem believed to be hard. These are called one-way functions: operations that are easy to perform in one direction but prohibitively difficult to reverse.
But what if that wasn’t true? What if you woke up one morning and discovered that true one-way functions don’t exist? After all, the one-way-ness is a mere assumption.
This scenario isn’t as far-fetched as it sounds. RSA, the backbone of much of today’s global cybersecurity, is already known to be vulnerable. While we are actively searching for post-RSA alternatives, several candidate schemes have been found to be inadequate (Rainbow being one example). But is there another way? Could you do cryptography in a world where you don’t have to assume one-way functions?
The answer, it turns out is yes. Instead of relying on mathematical assumptions, you can build cryptographic protocols based on physical laws, using the structure of quantum mechanics itself to guarantee security. The catch? Most such protocols require the ability to transmit fragile states, essentially a high-fidelity quantum internet. And that infrastructure simply doesn’t exist yet.
That got us thinking. Is there an intermediate ground? Can we design cryptographic systems that rest on more fundamental assumptions than classical hardness but without requiring quantum communication? This work is a step in that direction.
Two important things about our protocol for digital signatures:
- Is the protocol secure? We can’t offer a traditional mathematical proof – this is one of those cases where proofs may simply be impossible. But the evidence we’ve gathered so far seems to suggest that it is.
- Is the protocol feasible? We show using experiments that we can implement the essential building blocks of this protocol in hardware available today!
The net result is the foundation of cryptography that rests on different assumptions than what is used traditionally.