The Nazis knew secret communication was the key to world domination. Their prize technology was the electromechanical Enigma machine, an encryption device that allowed German tank divisions, embassies and even submarines to send scrambled radio messages to the Reich during World War II. They believed their system was unbreakable. It was—until a young British mathematician named Alan Turing realized that the signal could be unscrambled if he could create a machine to systematically try thousands of key combinations that would eventually hit upon an intelligible message.
The result was the world's first computer. Britain's ability to read Germany's secret codes was a crucial factor in the Allies' victory.
Now, thanks to a technology called quantum encryption, the dream of perfectly secure communication is real. It could help free the world from online fraud and identity theft, hacking attacks and electronic eavesdropping. It could also enable terrorists and criminals to communicate with absolute secrecy—and governments to hide their secrets without anyone ever finding out. In a world of unbreakable encryption, all human electronic communication could become entirely private—with mind-boggling consequences, both good and bad, for cybersecurity.
On September 29, that world came significantly closer to reality. A team of cryptographers and physicists from the Chinese Academy of Sciences held a half-hour video call with their counterparts in Vienna using quantum encryption, a technology that makes it impossible to hack or overhear communications.
The new encryption standard "is what has me most excited, and most worried, of all recent technological innovations," says a senior U.K. intelligence official not authorized to speak on the record. "It's a world-changer." And at the moment, experts say, while the major technical innovations in quantum technology are still being produced in such Western institutions as IBM in Armonk, New York, the University of California (backed by Google) and the Delft University of Technology in the Netherlands (backed by the European Union), it's the Chinese who are far ahead in terms of implementation.
The Beijing-Vienna call was made over a conventional Skype-type internet connection—but what was revolutionary was a secure encryption key generated in a quantum device mounted in a Chinese satellite. And, crucially, the quantum physics that created the key means any attempt to break the code can be immediately detected. "Quantum crypto is as close to unbreakable ciphers as one can possibly get," says Artur Ekert, a professor at the University of Oxford and inventor of the model on which the Chinese based their system.
Ekert's encryption method is based on an extraordinary effect known as quantum entanglement. The phenomenon is so bizarre and inexplicable that even the man who discovered it, Albert Einstein, was baffled. In 1935, he described the effect as "spooky action at a distance."
Here's how it works: Two particles of light—known as photons—in separate locations can be made to precisely copy each other's behavior even when separated by vast distances. Exactly how this happens is still not understood, but the phenomenon was demonstrated in lab conditions back in 1984. What's remarkable about September's Beijing-Vienna experiment is that scientists were able to use quantum entanglement to make a secret key composed of a string of data bits appear simultaneously in different corners of the Earth.
What's more, the Chinese team, led by physicist Jian-Wei Pan, has built an entire real-world quantum-encrypted communications system. The Chinese have linked base stations, satellites and thousands of miles of fiber-optic cable to transmit the quantum keys across the country. "It didn't require the discovery of a new physical principle," says Charles Clark, an adjunct professor at the University of Maryland's Joint Quantum Institute who pioneered quantum communication over distance. What's impressive is the scale and distance over which the Chinese have made their system work.
"It's a spectacular demonstration," Clark says.
Until now, all cryptography had basically relied on creating mathematical puzzles that were beyond an enemy's technological capabilities to solve. Today's standard for encryption—so-called public key technology, which is the basis of all internet authentication and supposedly secure communications applications, such as WhatsApp—is much more complex than Enigma. But it relies on the same principles. The key that both users need to encrypt and decrypt the signal is generated by a computer and distributed to both parties. But given enough computing power, someone can potentially crack the key. Quantum encryption replaces that technology race with a completely different paradigm—one that no amount of computing power can break. "Unlike mathematical systems...quantum crypto relies on the laws of physics, which cannot be broken," says Ekert.
Quantum key distribution devices—as the generators of these unbreakable keys are called—have the potential to transform the world's e-commerce and data protection for the better by eliminating hacking and identity theft. But it's no coincidence that the biggest investors in quantum encryption have been the world's armies and spooks—notably the Chinese People's Liberation Army (PLA) and the U.S. Department of Defense. "The motivation for quantum, as in all things good and beautiful, is military and intelligence," says Clark. Any nation that masters the technology first will have a "major short-term advantage" in the strategically crucial world of communications.
That's exactly what Pan has done, persuading the Chinese government to invest several hundred million dollars—the exact cost of the project is unknown in the West—in putting a quantum apparatus into space, as well as installing enormous infrastructure on the ground. Pan's equipment is mounted in a satellite called Micius—named after a Chinese philosopher in the fifth century B.C.—and is in low-Earth orbit at an altitude of 300 miles. Pan also built base stations at Ngari in northwestern Tibet, at an elevation 15,000 feet to minimize signal loss from Earth's atmosphere, as well as in China's westernmost province and a third at Xinglong, near Beijing. The quantum codes simultaneously generated in the base stations and the Micius satellite are linked to users in Beijing and Shanghai along a 1,200-mile-long, land-based fiber-optic cable.
According to a senior security source with direct knowledge of China's encryption efforts, at least 600 top Chinese ministers and military officials use quantum-encrypted links for all confidential communications. "China has strategic vision going forward decades," says the security source, who asked not to be named because of the subject's sensitivity. Quantum encryption "is the future. The PLA has the resources and the vision to master this technology."
Micius's low orbit means that users not linked to China's fiber-optic system have to wait until the satellite comes overhead in order to receive the secure quantum key that allows them to initiate communication with the other key holder back in China.
Within five years, Pan told Science and Technology magazine in August, China will launch a new satellite orbiting at an altitude of 20,000 kilometers and covering a much larger part of the Earth's surface. A Chinese manned space station, planned for 2022, is scheduled to carry an experimental quantum-communications payload that human operators can maintain and upgrade. The ultimate goal is a set of geostationary satellites that span the world.
So far, only China has invested the billions of dollars needed to bring quantum encryption to real-world use. "The barriers to entry are quite high—basically, it needs a state-level entity," says Clark. Ringing Earth with quantum-enabled communications satellites "is a moon-shot, Manhattan-project scale project," says one senior Western cybersecurity expert and government adviser, referring to the major technological effort required to get men on the moon and develop the American atom bomb. "And today, we [in the West] just don't have politicians with the vision to commit resources on that scale to any kind of long-term scientific program…. That's why the Chinese are leading the game." (The official did not wish to be quoted, by name, criticizing his employers.)
The U.S., China and Russia are engaged in a huge, hidden arms race for mastery of cyberwar weaponry, from viruses capable of hijacking phone and electrical systems to the old-fashioned spies' game of stealing the enemy's secrets. In the short term, the new era of quantum encryption won't plug the world's main vulnerability—which is not inadequate encryption but a jaw-dropping lack of basic internet security. Systems as sensitive as those of the Democratic National Committee and even the White House were protected by only the flimsiest passwords and feeble antivirus software—vulnerabilities famously exploited by Russian-backed cybercriminals in 2015-16 in a series of election-related hacks.
And, as former National Security Agency contractor Edward Snowden's disclosure of large-scale data mining by the U.S. government showed, the current goal of most Western intelligence gathering is not data—as in the actual content of emails and phone conversations—as much as metadata, or information on who is talking to whom and when. Even in a quantum-encrypted world, that metadata will still be available. And, equally important, "end-to-end encryption still has an end," says Emily Taylor, associate fellow of the London-based Institute of Strategic Studies and editor of the Journal of Cyber Policy. "That is where vulnerability is." In other words, regardless of how perfect the quantum encryption system is, two humans still have to send and receive their messages on electronic devices at each end that can be overheard.
Still, quantum encryption is a profoundly disruptive technology. If the basic building blocks of global communication are made secure, "then a major systemic risk to our global information and communication infrastructure, upon which we depend for just about everything, will be off the table," says Michele Mosca of the Institute for Quantum Computing at the University of Waterloo, Ontario. "This doesn't mean we [will be] perfectly safe online, or entering an era of unbreakable online security"—but great areas of potential cybervulnerability, such as credit card transactions, databases and every form of electronic communication, could potentially be plugged by quantum encryption.
That could also help terrorists and criminals. "Everyone wants their own secrets safe, but in the business of gathering intelligence, it's very inconvenient if others are using unbreakable encryption," says Taylor.
What is clear is that the Chinese team has proved not only that quantum key distribution works but that any nation serious about establishing fully secure communications needs to commit vast sums to the project. "There is no secret sauce," says quantum pioneer Norbert Lütkenhaus, a professor at the University of Waterloo. "Western countries could easily follow." If they have the vision to do so.
"Whoever controls information controls the world," says Ekert. By that logic, the future belongs to Beijing.