Storing Randomness in Glass: Better One-Time Pads

One time pads are neat, but they turn a crypto problem into a key exchange problem. Encrypting 1GB of data requires 1GB of key material. They’re therefore only for situations where you can securely exchange a large volume of data every once in a while, but have to communicate over an insecure line on a regular basis.

(and, of course, if we take the Heim theory approach mentioned previously, they might be breakable if Eve can manipulate or ascertain the higher dimensional conditions that existed at the time of key generation — the “picking favorite numbers out of the hopper” WWII problem from one of the cyberpunk thrillers. But that’s beyond the scope of this discussion.)

As it happens, there’s a clever shortcut to storing random data. If your source of randomness is the storage medium itself, you can pack significantly more volume of it into each mm³ than you could with regular, “store just the bits I ask in the way I tell you to” types of media. One example of such a medium is glass. The amorphous crystalline structure creates a tremendously complex volumetric structure.

If you pass light through it (particularly monochromatic light) the wave fronts reflecting off each inclusion will interfere with each other and exit the other side, producing an image called an “interference pattern.”

The brightness of each point in the resulting image will be related not just to the brightness of the light entering the glass at each point, but to the position — measured to a resolution of tens of nanometers — of nearly every inclusion in the entire slab of glass.

There’s no way to write a particular pattern into the glass, and reading out the position of all the glass inclusions with enough precision would in theory* be impossible to do in a timely (e.g surreptitiously feasible) fashion. Key exchange is as simple as generating “public one time keys” from a meeting of both parties… and generating new keys is as simple as reheating the glass until the crystalline structures reform.

* I suspect you could just make a hologram of the glass slab, creating a “virtual slab” through which Eve can then shine the appropriate pattern of light.

“Whenever a set of random digits is stored in an electronic memory, there is always a small but finite chance that it can be quickly copied and stolen.

Today, Roarke Horstmeyer at the California Institute of Technology in Pasadena and a few buddies say they’ve solved this problem. Their solution is based on a special kind of one-time pad that generates a random key through the complexity of its physical structure.

Instead of creating and storing the one-time pad as a random sequence of 0s and 1s, Horstmeyer and co generate a random signal by passing light through a slab of diffusing glass that scatters it randomly.

The security of the system depends on the physical complexity of the glass. Horstmeyer and co say that that this complexity means there is no way for an eavesdropper, “Eve,” to copy the glass without anyone noticing.

That cuts out the need to store the key electronically and entirely removes this vulnerability to copying. “We describe an encrypted communication principle that can form a perfectly secure link between two parties without electronically saving either of their keys,” they say

And even if Eve steals the glass, they estimate that it would take her at least 24 hours to extract any relevant information about its structure.

This extraction can only be done by passing light through the glass at a rate that is limited by the amount of heat this creates (since any heating changes the microstructure of the material). And the time this takes should give the owners enough time to realise what has happened and take the necessary mitigating actions.

The protocol for sending secret messages between “Alice” and “Bob,” say, is straightforward. To start off, both Alice and Bob must have their own slabs of diffusing glass and must physically meet to create a key for encoding a message later.

They create this by sending the same random pattern of light through their diffusing slabs and then adding the results to create a combined key.

They then publish this combined key and the pattern used to create it.

To send a message, Alice sends the pattern through her slab to generate her half of the key and then adds it to her message. She can now send this without fear that Eve can decode it.

It’s important to remember that Alice’s random key is a component of the publicly available one. But Eve cannot use the publicly available key to work out what Alice’s key is.

Bob has to go through a slightly different set of steps to decode this cyphertext. First, having received the cyphertext, he adds it to the publicly available combined key.

Next, he re-creates his own component of the publicly available key by sending the publicly available pattern through his slab. He then adds this to the result of the previous step to reveal the message.

As long as both diffusing slabs are physically held by Alice and Bob, the cyphertext cannot be decoded by Eve.

Of course, this process can be used only once. But Alice and Bob can generate a huge volume of combined keys by passing different random patterns through their slabs when they meet.”

%d bloggers like this: