According to Dale over at Samizdata quantum computing is here. Now I don’t want to entangle myself in all the details but just one consequence.
Quantum computing kills stone-dead RSA style encryption. Through the long history of human sneakiness there has been a war between cryptology and cryptanalysis. RSA was (is) a decisive victory for cryptology. It can be broken but only with a certain tonnage of super-computer. But that is not all that makes RSA so useful. It is a form of public key cryptography so the not inconsiderable problem of distributing keys is not an issue. If you want to send an encrypted message to someone you use their public key and they then de-crypt with their private key. It’s an asymmetric cipher using a different key to encrypt as is used to decrypt. Neat, eh?
So, what is left if you want to send secret messages? Well, oddly enough it really is back to the future time! Your options are:
One time pad ciphers. Now these date from 1917 and Claude Shannon subsequently proved them uncrackable if used correctly. The problem here is that the “if” there is a big one. To all intents and purposes the pad which is the key has to be distributed physically. This means a lot meeting in parks and feeding the ducks before handing over a USB stick on the sly or posting a DVD-R with “Jane and Bob’s Wedding” written on it and hoping nobody checks. It also of course means keeping all that data safe at the other end. And it goes without saying that when the length of the messages reaches the length of the pad getting a new one. The practicalities of the OTP are very tricky. It is impossible to imagine such cryptography being of any real use for most banking or for a military in the field.
Book codes and ciphers. Now we really are going back in time. The problems here are almost insurmountable for the sort of way in which we use cryptology in the internet age. Book codes in which entire words are substituted are deeply impractical unless your book contains all the ones you need. Book ciphers which use individual letters are more practical but generally less secure than book codes which can be very strong indeed. An example here are the infamous Beale ciphers some of which remain uncracked. I honestly can’t see book codes and ciphers despite their romance being of much use.
What I find really interesting – it’s the new/old physical element here. The secret to your nefarious communications will actually be an object. A thing. In order to defeat electronic surveillance of your communications you will have to have something on your person or in your home. It wouldn’t surprise me if security organisations are trading in their laptops for lockpicks in the future. If two suspected agents are both discovered to have on their book shelves some rather obscure text for example then bingo!
There is of course an alternative to codes and ciphers which is also of great antiquity – steganography. The art of hidden writing. In a modern context this wouldn’t be the old invisible ink or whatever. Perhaps one of the most unusual ways of doing it was a wheeze of an ancient Greek general or such who had the head of one of his soldiers shaved, a message tattooed there and then waited until the hair grew back. Obviously not a man in a hurry! No, I’m thinking of hiding messages in media files and that sort of thing. The possibilities are endless. Steganographic techniques also mean there isn’t a message that clearly you want to keep private. An encrypted message on the other hand is obviously encrypted.
So, yes, we live (perhaps, there is some quantum uncertainty here – some of the commentators on Dale’s post doubt this is a true quantum computer) in interesting times. There is of course the possibility of the ultimate encryption. Quantum encryption (not really related to the computation – yet another thing da Quantum does!). Lots of people are working on this because it can’t be cracked in principle. Unfortunately it’s not very practical. You need a direct fibre-optic or possibly a line of sight laser link. Oddly enough, just like the old skool methods I discussed above the encryption has physical – in the sense of “stuff” – requirements. Information may, if RSA can be routinly cracked retain it’s nature as a sort of quintessence but not if you want to keep it secret.
PS. I have discussed this in terms of espionage and stuff. I do appreciate the issue of digital security applies to you and me as much as to Smiley’s people but it’s just the way the words came out.