Using a system based on quantum physics, dubbed Quantum Secure Authentication, it will soon be possible to make credit cards and ID cards fraud proof, say researchers from Eindhoven University of Technology and UT research institute MESA+.
According to the scientists, who published their study in the journal Optica, they have developed a method which can authenticate physical objects that are impossible to copy.
Banks, government departments and hundreds of thousands of companies globally are fighting a continuous and some would say losing battle against hackers who try to gain access to card data and break the codes of a number of devices, such as car locks.
Even bank cards, which have switched from magnetic stripes to a chip with a small microprocessor, are vulnerable. Clever hackers have found ways of copying them and getting hold of their accompanying codes.
Sophisticated car thieves armed with just a laptop, following a ‘question’ & ‘answer’ process, are becoming increasingly successful at unlocking digital door locks.
The research team has developed a method that makes it impossible for those with malicious intent to hack cards or mimic their properties, even if they have all the required data at their disposal, such as the complete structure of the card.
Photo from the cover of the journal Optica.
Photons are in multiple locations simultaneously
Their method uses the quantum-physical fact that photons, i.e. light particles, can be in several locations at the same time. Something we know today from the famous double-slit experiment that forms the basis of quantum physics.
Dry white paint containing millions of nanoparticles are added to the card. If you shoot a light particle into the paint it will bounce around between the nanoparticles until it escapes, like a ball in a pinball machine.
If the financial institution sends a complicated pattern of light dots that is unique for each transaction (a ‘question) into the thin layer of paint, a new unique pattern of escaping light particles (the ‘answer’) is detected at the surface.
The card is only approved if this unique pattern of dots is correct.
As a photon can be in more than one place at the same time, it is possible to send a pattern into the paint that is made up of fewer photons than light dots. Because there are not enough photons in that case, an attacker can’t measure the entire pattern, and won’t know what ‘question’ the bank is asking, meaning he or she won’t have a clue what ‘answer’ to send back. The bank, on the other hand, can check the answer with even just one photon.
Photo: University of Twente.
Study leader, Dr Pepijn Pinkse, says it is a unique way to provide security suitable for say credit cards, ID cards, government buildings, bank cards and cars.
Dr. Pinkse said:
“The best thing about our method, which we’ve called Quantum Secure Authentication (QSA), is that secrets aren’t necessary. So they can’t be filched either.”
QSA is easy to use in a wide range of situations, because it uses simple and inexpensive, readily-available technology.
The cheap layer of paint is easy to apply, while the read-out equipment consists merely of a simple laser, like one you would find in a CD player, a basic image sensor and an image-forming chip that every modern projector has.
Citation: “Quantum-secure authentication of a physical unclonable key,” Sebastianus A. Goorden, Marcel Horstmann, Allard P. Mosk, Boris Škorić, and Pepijn W. H. Pinkse. Optica, Vol. 1, Issue 6, pp. 421-424 (2014). http://dx.doi.org/10.1364/OPTICA.1.000421