As reported in the journal Optica this week, researchers from the Netherlands have found a way to apply quantum physics to create a method for authenticating a physical “key” that is virtually impossible to break.
The new method is called Quantum-Secure Authentication, and can be used to confirm the identity of any person or object, including credit cards, even if the object has been stolen. QSA uses the unique quantum properties of photons of light to create a secure question-and-answer exchange that cannot be copied.
Enhancing security with quantum physics
Given major problems with fraud using stolen credit cards, banks have begun using “smart cards” that include a microprocessor chip to authenticate and enhance security. The problem is that no many layers of security you provide, an attacker who gets ahold of the data stored inside the card can copy or emulate it.
This new quantum physics-based security method avoids this risk by using the quantum properties of photons that allow them to be in multiple locations at the same time to convey the authentication questions and answers. The strange quantum properties of light make it possible to build a fraud-proof Q&A exchange which can be used for credit card transactions.
“Single photons of light have very special properties that seem to defy normal behavior,” explained Pepijn Pinkse, a physicist from the University of Twente and lead author on the paper. “When properly harnessed, they can encode information in such a way that prevents attackers from determining what the information is.”
You apply a specific number of photons onto a specially prepared surface on a credit card and then analyze the pattern they make. Given that a single photon can exist in multiple locations in the quantum state, you can create a complex pattern with a few photons.
The best part is that any attempt by a hacker to observe the Q&A exchange (for example, intercept the online data exchange) would collapse the quantum nature of the light and destroy the information being transmitted. This means that Quantum-Secure Authentication is theoretically unbreakable despite any future developments in technology.
How the technology works
QSA would involve applying a paper-thin section of white paint including millions of nanoparticles. Individual photons of light are projected into the paint where they rebound off the nanoparticles until they escape to the surface, and in doing so create a pattern that authenticates the card.
If the security measure only involved normal light, an attacker could measure the pattern of photons and recreate the response pattern. The bank would not be able to see any difference between the real card and the counterfeit signal projected by the attacker.
But if a bank sends a pattern of “quantum” photons into the paint, the reflected pattern would appear to have more information than the number of photons projected. An attacker attempting to intercept the “question” would inevitably destroy the quantum properties of the light and only get a fraction of the information required to authenticate the transaction.
“It would be like dropping 10 bowling balls onto the ground and creating 200 separate impacts,” said Pinkse. “It’s impossible to know precisely what information was sent (what pattern was created on the floor) just by collecting the 10 bowling balls. If you tried to observe them falling, it would disrupt the entire system.”