This article is reproduced with the permission of New Scientist for exclusive use by Nova users.

'Quantum ATM' rules out fraudulent web purchases
10 November 2007
From New Scientist Print Edition.
Duncan Graham-Rowe

Enlarge ATMs go quantum

A woman walks up to an ATM, types in her PIN number, holds her cellphone up to the screen for a few seconds and then walks away. Not very exciting, you may think, but with those simple actions she has set in motion an elaborate quantum protocol that will allow her to shop online with complete confidence.

Thanks to a "quantum ATM" system under development at HP Labs in Bristol, UK, this is now all it will take for two parties to share a secret string of bits via a quantum key distribution (QKD) protocol. That string of bits will be used to verify your identity when you use a credit card to buy something over the internet or by phone, making it impossible for someone to use your card or card number to make fraudulent purchases.

QKD systems are sold by several companies worldwide, including ID Quantique of Geneva, Switzerland, MagiQ Technologies in New York, and SmartQuantum in Lannion, France. Their customers are restricted to governments, banks and large companies, which use the system as a means for two parties to agree on a secret key, with which they encrypt subsequent information. Until now, the feeling was that QKD would never be available to consumers because these systems require lasers and pricey light-polarisers as well as photon detectors and dedicated optical fibre networks - pushing the price up to many tens of thousands of dollars.

Now a team of researchers led by Keith Harrison at HP Labs and John Rarity at the University of Bristol, UK, have built a QKD device the size of a sugar cube. It costs just $10, can be added to a cellphone and will transmit a quantum key over short distances, so there is no need for dedicated optical fibres. Although the system will mean upgrading ATMs to the tune of $10,000 each, the team says that banks may consider this a worthwhile investment, eager as they are to cut down on fraud.

"It's interesting because there was this general understanding that quantum key distribution had to be expensive," says Grégoire Ribordy, co-founder of ID Quantique. The price is likely to come down further as quantum ATMs are mass-produced, adds Jo Duligall of HP, one of the system's creators.

The aim of all quantum key systems is to enable the sender, traditionally dubbed Alice, to transmit a secret key to a receiver, Bob, without allowing a malevolent eavesdropper Eve to listen in. In one version, Alice generates a random string of 1s and 0s and encodes them using a photon polarised in either the rectilinear "basis", in which 0 and 1 are represented by vertical and horizontal polarisations or the diagonal basis, where 1 and 0 are represented by +45° and -45° polarisations.

Not knowing which basis Alice has used to encode each bit, Bob randomly measures the photons he receives using either the rectilinear or diagonal basis and then tells Alice which basis he has used, but not the values he detected. Alice then tells him to discard the bits he detected on the wrong basis, which should be roughly half. The rest form the secret key, which they now share and can use to encrypt data sent over a public channel.

The point of this elaborate set-up is that if Eve tries to intercept the photons, Alice and Bob will know about it. The nature of quantum mechanics ensures that if Eve tries measuring any of the photons before they reach Bob, she will destroy Bob's ability to read many of those that he might otherwise have read correctly. This higher portion of unreadable photons alerts Bob to Eve's presence. If the correct proportion of photons can be read, Alice and Bob know that the information channel is secure.

Until now, the key has largely been used to encrypt information, safe in the knowledge that it is impossible for anyone else to crack the code and decipher the data. In the new system the shared key will instead be used to confirm someone's identity when they make a purchase over the internet (see Diagram). This will be similar to the way that the 3-digit security code on the back of some credit cards is used to authenticate users today, except that with the quantum ATM a different part of the key is used for every purchase, and then scrapped. This means users will have to "top up" their phone with new keys periodically by going to the ATM. Unlike the security code on a card, the key can't be reused in a transaction if the phone is stolen. Even if someone steals your phone as well as your credit card, they would still need to know your PIN to use the key.

To make the quantum ATM system cheap enough for widespread use, the researchers decided that the cellphone should act as Alice, because the photon emitters that she requires would be easier to miniaturise and make inexpensively than the detectors needed by Bob. The ATM then acts as Bob.

Wireless and cheap

They also opted for photon transmission through free space, avoiding the need for dedicated, high-quality fibre-optic networks. Wireless QKD has been done before, but over large distances, which required expensive lasers. In contrast, for the quantum ATM, the link need only work over 1 metre, making it possible to do both wirelessly and cheaply.

A key discovery was that a cheap LED could be made to emit single photons by carefully controlling the pulsed current that powers it. Previously single-photon LEDs were custom-made and therefore expensive. But in the sugar-cube device, four such LEDs are programmed to randomly emit one photon at a time. Each LED has a different "mask" in front of it, which polarises any photons it releases in one basis of the four that are possible. The photons are then sent out and detected by the ATM. Although the ATM is constantly being bombarded by photons from its surroundings, the machine can pick out the quantum ones by their distinctive energy and amplitude and the pre-programmed time gaps between subsequent photons.

The next challenge was reducing the size and cost of the computing - photon emitters in today's commercially available systems run on large computers. The team discovered they could use ready-made, inexpensive computer chips, saving them the cost of making their own. These field programmable gate arrays will run almost any software and have recently been miniaturised.

Alice uses one FPGA, as well as some other chips, to run the software that triggers the LEDs, record which basis is used for each bit, and then compare it with what Bob has received. "We are now down to a design where the technology in Alice is less complicated than what goes into an average camera chip," says Duligall.

The team have used the device to successfully share a secret key with a photon detector, which could be built into an ATM. They hope the quantum ATM will be rolled out for consumers within five years.

Its main application will be to secure phone and internet transactions. These often only require a credit card number, making them easier to carry out fraudulently. They are now one of the fastest-growing forms of fraud in the developed world.

In future, secret keys created at quantum ATMs could also be used as a replacement for public keys. These are used in many cryptographic systems today, including digital signatures. If quantum computers become more powerful, however, they will be able to crack public keys and there will be a need for an alternative.

From issue 2629 of New Scientist magazine, 10 November 2007, page 30-31

For the latest from New Scientiist visit www.newscientist.com