Using lightbeams to defeat hackers

The clock is ticking on the Philippine Cybercrime Law, the temporary restraining order on which will expire in February 2013. Meanwhile, the Philippines has yet to come out with decent alternative to this law to be able to protect the rights of netizens.

But Scotland-based physicists have found a smart way to tackle cybercrime —using quantum physics. Their research shows how photons, fundamental light particles, can be used to verify the authenticity and security of online transactions with a “quantum digital signature.”

Heriot-Watt University (Edinburg, UK), and University of Strathclyde (Glasgow, UK) studied light particles to ”Create a new way of verifying electronic messages and transactions as authentic, helping address the huge cost of e-crime,” AllMediaScotland.com reported.

According to the report, UK retail sector alone lost £ 205.4 million (P13.71 billion) from 2011-2012 because of cyberfraud.

“The systems which currently underpin the security and authentication of internet transactions - founded on complex mathematical formulae - can be cracked and are therefore vulnerable to e-crime, such as fraud,” said Dr. John Jeffers of University of Strathclyde in a statement.

“Our research represents a major breakthrough by demonstrating - via the laws of quantum physics - how the security of online transactions and communications can be virtually guaranteed,” he added.

Digital signature

A digital signature is traditionally a mathematically-verifiable "stamp" that helps prove the authenticity and authorship of digital content. As such, it is invaluable for helping detect forgery and tampering —especially in online banking, e-shopping, online voting, and other transactions.

But according to the Heriot-Watt study, “with traditional online security, these signatures are based on mathematical formulae and can be cracked, potentially leading to fraud and other online security breaches.”

Some computer viruses are designed to attack the codes assigned to these signatures, potentially hacking the accounts, and crippling the system.

Quantum digital

But quantum digital signatures are hijack-proof, said the researchers.

“Our new approach, using quantum mechanics rather than just maths to create signatures for multiple recipients (or customers), and could make hacking, fraud and theft near-impossible,” said Heriot-Watt University professor Gerald Buller in a statement.

According to the study, any “eavesdropper” or third party listener cannot fake a message with a quantum-based secure signature.

Here's how it works:

The sender writes the signature with encoded light particles and sends it to the receiver.

The receiver cannot yet read the signature. However, it can be sure it received an authentic signature To confirm a message is authentic and to also read it, the receiver has to receive both the message (the “signature”) plus additional information required to decipher it The multiple receivers confirm that they have received identical signatures. Only then does the sender provide the additional information required to read the signature This process takes place without the user (e.g. a shopper) being required to do anything differently to current security methods.”

UK Engineering and Physical Sciences Research Council funded the research. This study is published in the journal Nature Communications.

— TJD, GMA News