To communicate in secret a cryptographic key is still the most effective means. A cryptographic key is a string of data that is used to lock or unlock cryptographic functions, including authentication, authorization and encryption. This key remains private, which ensures secure communication. In general cryptographic keys are categorized according to their properties and usage. Here a key may have one of three properties: Symmetric, Public or Private. Keys can also be grouped as Asymmetric key pairs, which consist of one private and one public key.
For a cryptographic key to work well it needs to be based on numbers chosen at random without any structure (this is the opposite approach to, say, using a birthdate). For people it is very difficult to choose numbers that are truly random (that is without creating any bias). The semi-logic in humans attempting to assign numbers randomly offers many hackers a route in. To overcome this weakness, researchers from the Université de Genève have come up with a novel approach.
The Swiss researchers have developed a new random numbers generator based on the principles of quantum physics. The theory is that certain physical events occur perfectly at random, making them impossible to predict. The new system allows the user to verify the reliability of the random numbers it generates in real time. The idea is to greatly complicate the tasks of hackers who can no longer exploit the ‘natural’ bias that occurs with human fallibility.
For this, Professor Nicolas Brunner explains: “Send a photon (a particle of light) onto a semi-transparent mirror. Either it gets transmitted through the mirror, or it gets reflected. But it is impossible, even in principle, to predict beforehand which of these two behaviors it will adopt. This is the basic idea behind quantum random number generation.” The outcome of the research is a so-called self-testing” quantum random number generator.
The new approach is published in the journal Physical Review Applied, under the title “Megahertz-Rate Semi-Device-Independent Quantum Random Number Generators Based on Unambiguous State Discrimination.”
In related hacking news, researchers have demonstrated a smartphone vulnerability when the device is charging via a USB cord that can also transfer data. Devices are also vulnerable even without data wires since hackers can deploy a “side channel” cto find out what websites a user has visited while charging a device.