January 18, 2017 By Tousif Syed 3 min read

Have you seen the Jackie Chan movie “Twin Dragons” or its remake, “Judwa,” with Bollywood star Salman Khan? The story is about twin brothers who are entangled with one another despite having been separated at birth. The entanglement causes each brother to feel and experience the actions and sensations of the other, and the quality of the connection diminishes with increasing distance.

This connection is quite similar to Albert Einstein’s theory of quantum entanglement. In simple terms, here’s how it works: Two quantum particles (atoms, photons or ions) become correlated with each other, meaning that if one particle changes its state, the entangled particle will undergo the same change. Therefore, by measuring one particle, you can also determine the state of the other.

Unlike in the movies, this quantum entanglement phenomenon can occur at any distance — even from opposite sides of the universe. The change of state happens instantly. Without quantum particles, this communication would need to travel many times faster than the speed of light, which, according to the theory of relativity, is impossible. For this reason, Einstein himself rejected the phenomenon as “spooky action at a distance.”

Applying Quantum Mechanics to the Three Pillars of Secure Communication

Researchers are currently studying quantum entanglement for possible applications to secure communication. This type of communication is built on three key principles: nonrepudiation, confidentiality and integrity. Let’s take a closer look at these components.

1. Nonrepudiation

While quantum mechanics can facilitate trusted communications, untrusted transactions still need to ensure nonrepudiation. This means that several different entities must verify the digital signature of the sender. Therefore, a quantum intermediary is still required for untrusted communications in which nonrepudiation is possible and can be exploited. Quantum digital signatures require the message recipient to have a copy of sender’s public key. The exact identity of the recipient is only known to the sender.

2. Confidentiality

Communication through the public key encryption system can only ensure confidentiality or nonrepudiation at a given time. The public key is used to encrypt the message, which can only be decrypted by the receiver’s private key. Although the confidentiality is maintained, the nonrepudiation of the sender cannot be established.

Similarly, when the sender encrypts a message using his or her private key, nonrepudiation is maintained but confidentiality cannot be established. The number of public keys for the distribution of quantum digital signatures must be limited to be secure. If the public key is allowed only one time, then the communication becomes confidential and secure. However, this is a costly solution.

3. Integrity

If an eavesdropper tries to measure the state of a photon, the laws of quantum mechanics cause the entangled particles to lose their magic connection. This property makes the communication secure, since any attempt to eavesdrop would change the state of the particle and thus be exposed.

How does a quantum particle change its state in response to a change in the other entangled particle? What if an organization discovers the mechanism of communication and uses this knowledge for malicious purposes, such as spying on communications? The problem is that the mechanism of communication is not completely known. Particles don’t just magically change states without a medium.

It will take time, but the medium for type of communication will eventually be discovered. The situation is similar to Einstein’s 1916 speculation about gravitational waves, a phenomenon that was first detected nearly 100 years later.

A Bright Future and a Long Road Ahead

The quantum technology used for data security comes with plenty of implementation challenges. The concept is still being researched and use of the technology requires costly infrastructure. In addition, long-distance surface communications are impeded by the Earth’s curvature and the limitations of fiber communication. This means that quantum transactions might require satellite technology to be effective.

On Sept. 29, 2017, the Austrian and Chinese academies of science used a key generated through quantum entanglement to conduct secure communication between two stations 700 miles apart. The successful test augurs well for the future of communication, but there is still much ground to cover when it comes to employing the principles of quantum mechanics to data security.

More from Data Protection

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today