To meet the increasing popularity of using mobile phone apps to pay for purchases, researchers from the University of Oxford in the UK have developed a method for transmitting quantum keys at a high enough data rate to ensure data security while compensating for moving hands.
The handheld device, which the researchers say could be miniaturised for use in a mobile device, will help ensure consumers’ personal financial information is safe from cyber-attacks.
As described in Optics Express, the prototype system uses ultra-fast LEDs and moveable mirrors to send a secret key at a rate of more than 30 kilobytes per second over a distance of 0.5 metres.
‘The idea is that this gadget would be a mobile object that talks to something that is fixed,’ said Iris Choi of Oxford University, one of the paper’s authors. If integrated into a cell phone, for example, the device could allow secure links to near-field communications mobile payment systems and indoor Wi-Fi networks. It also could improve the security of ATMs and help prevent ATM skimming attacks, which are estimated to cost the industry more than $2 billion annually.
The technology is a quantum key distribution system. Quantum key distribution relies on characteristics of a single photon to provide a bit - a 1 or a 0 - to build up a cryptographic key that can encrypt and decrypt information. Quantum keys are considered secure because if someone intercepts the quantum bits and then passes them on, the very act of measuring them will alter them.
‘When an eavesdropper attempts to tap into the channel, it will change the content of the key,’ Choi said. ‘We’re not saying this technology can prevent being eavesdropped on, but if you do eavesdrop, we know you’re there.’
The system contains six resonant-cavity LEDs, which provide overlapping spectra of light. Each of the six is filtered into a different polarisation, split into pairs to represent 1s and 0s – horizontal or vertical, diagonal or anti-diagonal, circular left or circular right. The circularly polarised LEDs provide the bits for the key, while the other pairs are used to measure the security of the channel and provide error correction. Every four nanoseconds, one of the channels produces a one-nanosecond pulse in a random pattern. On the other end, six polarised receivers pick up the light from their matching LEDs and convert the photons into the key.
It’s important not to let a potential hacker know which channel has which polarisation, because this would reveal which bits were being sent. However, there will always be slight variations in the wavelength emitted by each LED, which could allow the hacker to identify the polarised channel and thus break the code.
The researchers solved this problem by equipping both the transmitter and the receiver with filters that select only a portion of the light, so they all shine with the exact same colour, regardless of which polarisation they produce.
A quantum key must be long enough to ensure that an adversary cannot hack it simply by guessing randomly. This requires the system to transmit a large number of bits in less than a second. Achieving such a high data transmission rate in turn requires that most of the photons get to where they’re supposed to go.
As a result, the prototype’s most important innovation is the steering system, Choi said. Even if someone tries to hold their hand perfectly still, their hand will still move slightly. The research team measured this motion by looking at how the spot of a laser pointer jittered as a person tried to hold it steady. They then optimised design elements of the beam-steering system, such as bandwidth and field of view, to compensate for this hand movement.
To help the detector properly align with the transmitter and further correct for hand movement, both the receiver and the transmitter contain a bright LED with a different colour than the quantum key distribution LED that acts as a beacon. A position sensing detector on the other side measures the precise location of the beacon and moves a microelectromechanical systems (MEMS) mirror to align the incoming light with the fibre optics of the detector.
The team tested their idea with a handheld prototype made from off-the-shelf equipment. Choi said the design likely could be easily miniaturised in order to turn the system into a practical component for a mobile phone from brands such as Nokia, which participated in the research. Improving the protocol while keeping the same hardware could also increase the transmission rate, and other changes could be made to let the device work over longer distances to, for instance, connect with a WiFi hub.