Security experts fear Q-Day, the day when quantum computers become so powerful that they can crack today’s passwords. Some experts estimate that this day will come within the next ten years. Password checks are based on cryptographic one-way functions, which calculate an output value from an input value. This makes it possible to check the validity of a password without transmitting the password itself: the one-way function converts the password into an output value that can then be used to check its validity in, say, online banking. What makes one-way functions special is that it’s impossible to use their output value to deduce the input value – in other words, the password. At least not with today’s resources. However, future quantum computers could make this kind of inverse calculation easier.
Researchers at ETH Zurich have now presented a cryptographic one-way function that works differently from today’s and will also be secure in the future. Rather than processing the data using arithmetic operations, it is stored as a sequence of nucleotides – the chemical building blocks of DNA.
Based on true randomness
“Our system is based on true randomness. The input and output values are physically linked, and it’s only possible to get from the input value to the output value, not the other way round,” explains Robert Grass, a professor in the Department of Chemistry and Applied Biosciences. “Since it’s a physical system and not a digital one, it can’t be decoded by an algorithm, not even by one that runs on a quantum computer,” adds Anne Lüscher, a doctoral student in Grass’s group. She is the lead author of the paper, which was published in the journal external pageNature Communicationscall_made.
The researchers’ new system can serve as a counterfeit-proof way of certifying the authenticity of valuable objects such as works of art. The technology could also be used to trace raw materials and industrial products.
How it works
The new biochemical one-way function is based on a pool of one hundred million different DNA molecules. Each of the molecules contains two segments featuring a random sequence of nucleotides: one segment for the input value and one for the output value. There are several hundred identical copies of each of these DNA molecules in the pool, and the pool can also be divided into several pools; these are identical because they contain the same random DNA molecules. The pools can be located in different places, or they can be built into objects.
