DUBAI: Scientists from one of Saudi Arabia’s most prestigious academic institutions are part of an international chip-designing team that is spearheading efforts to put hackers out of business.
The goal of the KAUST team is to design an optical computer chip that can withstand security threats from quantum computers, which many believe will be able to crack existing communication methods in the near future.
The optical chips enable information to be sent from one user to another via a one-time, unhackable mode of communication in “perfect secrecy.”
This allows confidential data to be protected more securely than ever before on public classical communication channels.
The scientists’ proposed system uses silicon chips containing complex structures that are irreversibly changed to send information in a one-time key that can neither be recreated nor intercepted by an attacker.
The results, published in the scientific journal Nature Communications, open a new route toward implementing “perfect secrecy” cryptography on a global scale whose costs are economical too.
“This new technique is absolutely unbreakable, as we rigorously demonstrated in our article,” said Andrea di Falco, a professor with the School of Physics and Astronomy at the University of St. Andrews and first author of the study.
“It can be used to protect the confidentiality of communications exchanged by users separated by any distance, at an ultrafast speed close to the light limit and in inexpensive and electronic compatible optical chips.”
Although not used yet, the scientists have filed a patent besides the paper in “Nature Communications.”
They are now in discussion with companies in the UK and US, in addition to being in contact with a company in Saudi Arabia.
“It could help governments as well,” said Dr. Andrea Fratalocchi, associate professor of electrical engineering at KAUST and co-author of the research paper.
“This technology, if implemented on a large scale, can put hackers out of business because it will create an impenetrable layer that no one can break.”
With the right funding, prototypes can be deployed with high technological readiness within a couple of years.
Current standard cryptographic techniques allow information to be sent quickly, but chances are they will be hacked by future computers and quantum algorithms.
Redha Al-Ibrahim, a 24-year-old Saudi Ph.D. student at KAUST, said the drive to produce smaller and more efficient chips to enable powerful computing in small devices has led to the development of quantum computers.
"Today, tech giants possess the resources and talent to build quantum computers and use them to perform tasks (earlier) believed to be impossible even with the world's most powerful machines," he told Arab News.
"Some of these tasks involving breaking today's most powerful encryption codes used by everyone daily to keep their information safe and their resources secure."
The research team said that their new method for encrypting data is unbreakable and uses existing communication networks, plus takes up less network space than traditional encrypted communications do.
The chip can be used by private customers who perform bank transactions, for instance, or in the military field, among others, which uses confidential information.
“It’s based on integrated chips used on the sender and receiver,” Fratalocchi said.
“The chips allow the exchange, on a public channel, of a key between the two people. The key is random; it’s different every time and no one can infer it from the communication exchanged between the two.”
With this key, users can encode information in a way that no other user can decode. The security of this scheme is of the type “perfect secrecy,” a security that can be mathematically proven to never be broken — not by any user nor by technological advance.
Fratalocchi said that three models of security are commonly used currently, adding that it would become possible to decrypt encrypted messages using a protocol called “mathematical security” in a few years.
“This type of security is the one used in many symmetric key cryptographic protocols, such as the one used by the United States to encrypt confidential information,” he said.
“Another security protocol is defined as ‘probable security,’ which is employed in many public key cryptographies, such as in bank transactions.
“All these paradigms are not based on unconditional proofs and are vulnerable to technological development.
“No one can anticipate the technology of tomorrow. An attacker can just save the data of today and wait until the right technology is available to decrypt the information.”
Fratalocchi’s research belongs to the third category, ”perfect secrecy,” which is the sturdiest of them all.
Developed by Frank Miller in 1882, during the age of telegraphy, and patented in 1919 by Gilbert Vernam, it is called the one-time pad (OTP) or the Vernam cipher.
At the time, Vernam claimed it was unbreakable but could not prove it mathematically.
The proof became available in the late 1940s.
“What we did is to create a physical implementation of the Vernam cipher and experimentally prove it,” Fratalocchi told Arab News.
“With the advent of more powerful and quantum computers, all current encryptions will be broken in very short time, exposing the privacy of our present and, more importantly, past communications.”
Fratalocchi said that an attacker might store an encrypted message sent today and wait for the right technology to become available to decipher the communication.
“Implementing massive and affordable resources of global security is a worldwide problem that this research has the potential to solve for everyone, and everywhere,” he said.
The new method uses the classical laws of physics — the second law of thermodynamics in particular — to protect the messages.
Keys generated by the chip, which unlock each message, are never stored nor communicated with the message, nor can they ever be recreated, even by the users themselves. This adds an extra level of security.
“A novel form of security must be made available for the future, when current technologies becomes obsolete, making everyone's information vulnerable,” Al-Ibrahim told Arab News.
“This research introduces a new form of security, which depends on a random, unpredictable physical structure that is made uniquely for each individual.”
Fratalocchi said Saudi Arabia is an interesting country for researchers of his ilk because its informatic infrastructure is quite advanced.
“Here, you can perform almost any task online or from any ATM, ranging from any type of government service to paying fines,” he said.
“In Europe, cyber development in the government sector is not as advanced. Saudi Arabia would be an excellent user of this perfect secrecy system for securing any type of communication.”
The team is currently working on developing commercial applications of the patented technology, a fully functional demo and user-friendly software for the system.
“We are confident of our results,” Fratalocchi said.
“The work took a very long time. I started the idea of using a complex system for communicating security in my post-doctoral research, which was funded from an award that I won from the Enrico Fermi Center for Study and Research in Rome.”
When he moved to KAUST in 2011, Fratalocchi worked on it with Valerio Mazzone, his Ph.D. student, and their collaborators in the UK and the US. It took about five years, with trial and error, to discover the correct system.
“The main difficulty was to find a system that would scale up and could be used on users separated by arbitrary distances,” Fratalocchi said.
“The most important experiment happened around three years ago, when we found the correct configuration in a scalable system that wasn’t too expensive.”
Looking to the future, Dr. Aluizio Cruz, co-founder and CEO of the Center for Unconventional Processes of Sciences (CUP Sciences) in California and co-author of the Nature Communications report, said: “This system is the practical solution the cybersecurity sector has been waiting for since the perfect secrecy theoretical proof” by Vernam.
Cruz added: “It will be a key candidate to solving global cybersecurity threats, from private to national security, all the way to smart energy grids.”