With Recent Social Media Outages, Can We Rely on Big Tech to Keep Our Communications Truly Secure?
(Sponsored from Terra Quantum) By Markus Pflitsch
Monday, 4th October saw Big Tech companies suffering outages for nearly six hours. The consequences of the outages are more dire than one might initially assume.
Many people who use Big Tech’s functionality to sign into many other apps and services were suddenly locked out of their online shopping accounts and unable to control the smart devices in their home. Businesses who rely on them to sell their products and services lost significant revenue.
As the outages illustrated, a simple mistake or an act of internal sabotage can lead to the largest social media platforms on the planet going offline for extended periods of time. It’s indicative of how vulnerable and centralized our global communications really are.
Can we fully rely on Silicon Valley?
Big Tech companies spend large sums on securing their devices and they frequently tout their strong privacy credentials. Yet, in 2019, a high-profile security team released details of a sustained hacking effort which possibly affected thousands of users.
The attack demonstrated that even Big Tech can’t guarantee true “end-to-end” encryption – reigniting a prominent theme of discussion in tech circles on whether we can trust Silicon Valley to keep our global communications secure.
We currently keep our information safe by relying on Symmetric Cryptography algorithms such as the Advanced Encryption Standard (AES). The sender and receiver use the same secret key and cryptographic algorithm to encrypt and decrypt data. However, the shared key needs to be kept secret when distributed over public networks, leading to the development of Public Key Cryptography (PKC).
The security strength of these asymmetric cryptosystems is based on the difficulty in tackling incredibly complex math problems, such as prime number factorization (RSA) and the discrete logarithm problem. Even with the most powerful supercomputer today, deciphering classically encrypted information is near impossible.
The future of quantum and encryption
There are data harvesting organizations who continue to collate encrypted information (cipher text). They’re conducting this seemingly futile exercise because they are awaiting the arrival of large-scale quantum computers.
Quantum computers promise the capability of deciphering classically encrypted data, whether it be health records or banking information. Although the threat is real, quantum computers haven’t yet reached sufficient scale for application, so these organizations are awaiting that innovation which is expected to occur in the next three to five years.
Quantum Safety and Quantum Key Distribution
We should be trying to find ways to shift to a decentralized security of networks and social platforms. Quantum Key Distribution (QKD) is a secure communication recipe for providing, in principle, an all-encompassing method of securing sensitive information. “Since quantum key distribution offers for the two communicating users the unique ability of detecting the presence of any third party trying to gain knowledge of the key, through QKD, we could make unconditional security real and enable truly quantum safe communications. Information secured through QKD cannot be deciphered because the security level is not exceptionally based on extremely difficult mathematics equations. Rather, the encryption and threat detection harness the rules of quantum mechanics” says our Head of Growth, Karan Pinto. “Even the most powerful quantum computer would not be able to decrypt information secured through QKD.”
That being said, most existing QKD methods have been limited in their practical applicability. This is because the hardware is immature, transmission distances are very short, and implementation requires upgrading our telecoms infrastructure. They also require “trust” in intermediary equipment run by third parties for transmission. This makes specific points along the long line such as signal amplifiers, susceptible to security breaches in the form of interceptions and local rerouting. Consequently, QKD protocols have only been established over short distances (<1000km), hindering its widespread adoption.
Terra Quantum’s breakthrough QKD method
Terra Quantum’s approach to QKD enables unconditional security, including from quantum computers. Building on the fundamental principles of quantum mechanics, we created this unique protocol based on the physical control of the information transmission line. Our approach utilizes the quantum discreteness of the propagating signal which enables full protection against interceptions and hacker’s intervention at intermediate points of communication lines hence enabling the safe transmission across global distances. Importantly, our protocol can be implemented on existing telecoms optical fiber infrastructure and uses no “trusted nodes”.
Crucially, it’s implementable at scale today, has no loopholes or trap doors, and it does not need a significant shift for mass adoption. As our Director of Strategy, Vishal Shete says, “We’re already working with financial institutions and telecoms companies, deploying our QKD protocol to secure their networks. Our customers are also interested in securing communications for 5G & wireless devices using quantum cryptography.”
We are beginning to enter a new era of technology, ushered by the tremendous strides made in quantum computing innovation. In a post-quantum world, we will no longer need to rely on big tech to ensure our communications are secure.