QSAlpha, a San Francisco based phone designer, is in the midst of raising money to build a heavily fortified smartphone that it claims will be impervious to the snooping and identity theft of black hat hackers. The company plans to release the Quasar IV some time next year and claims the encryption techniques on the device are completely unbreakable.
“It is literally impossible,” says CEO Steve Chao. QSAlpha’s fundraising goal of $3.2 million on Indiegogo has struggled to hit $50,000 as of this week but Chao says QSAlpha will plow ahead with the phone even if they don’t reach their goal.
Time will tell on Chao’s claims. Security experts usually scoff at the idea of unhackability. The very word is blood in the water. Every lock has a key, the thinking goes, so to say that some security measure can’t be broken or solved is simply an impossibility.
Traditional encryption is based on complicated math, the idea being to scramble messages and information into nonsense that can only be decoded with specific mathematical “keys”. The arms race is in the ability to factor very large numbers at high speeds. RSA, as one of the more widely used algorithm is known, (the initials of the three cryptographers who developed it) pits the good guys’ computing power against the bad guys’. The idea is that if the good guys can create fantastically complicated math problems, all the computers on earth couldn’t crack the answer, even if they were given a billion years.
But that still leaves the door open for some unforeseen development in the way we advance computing power or process mathematics — not to mention hackers finding some other side channel in — to throw all that out the window.
So that’s left scientists and cryptologists looking for alternatives. A promising source of security is in light. Quantum encryption uses photons, sent via millions of specific pulses, to communicate between two points. One of light’s funny properties is that it can’t be observed without disrupting it — a result of Heisenberg’s Uncertainty Principle. So in theory, a signal can’t be intercepted without breaking the message or the sources knowing.
Umesh Vazirani, director of UC-Berkeley’s Quantum Information and Computation Center, explains that faith in quantum cryptography does not rely on predicting the future, like traditional cryptography, but on trusting the past. Developed correctly, quantum cryptographic techniques would be based on proofs that rely on established laws of physics and chemistry set forth over the last century by such minds as Werner Heisenberg and Niels Bohr.
To date, that hasn’t happened. But if it does, and hackers were still able to crack a quantum encryption, they would overturning decades of established physics lessons.
“It doesn’t matter how much computing power there is,” he says, echoing other luminaries in quantum physics. “Here’s a theory that has been worked on by all the greatest minds in physics for over a century.”
Quantum encryption has been deployed in some instances like high security banking. But those systems are extremely expensive so whether less sensitive communications, like a basic ecommerce transaction with Amazon, need such complicated security — from both a cost and implementation perspective — is a key question.
So far quantum encryption has worked between just two computers, limiting the scope of applications. But in September a Nature paper from a group at Toshiba outlined how such encryption could be deployed across a network of 64 computers. The company also announced a sensor that can count up to a billion signals of light a second.
But even if the beams of light are secured by the laws of physics, quantum encryption systems still have skeptics. Edward Felten directs Princeton’s Center for Information Technology Policy and questions quantum cryptography because of simple human error. People build the sensors and devices that transmit the photons. The required precision to prevent “leaking” or errors in processing the signal are almost impossible.
“Small deviations from mathematical design leads to insecurity,” he says.
Not to mention, cryptography protects information in transit, but that still leaves the end points vulnerable to hacking, before and after the data is encrypted.
“None of these things are insurmountable in theory, but they are in practice,” Felton argues.
So, in the end, perhaps the real trick is locking up the idea of “perfect” security at all.