In 2006, years before Edward Snowden leaked government secrets, a retired AT&T communications technician blew the lid on an NSA spying program. As a part of a class action lawsuit filed against his former employer by the Electronic Frontier Foundation, Mark Klein, the technician, reported that a secret room overseen by the NSA was being built next to the international telephone switches at an AT&T facility at 611 Folsom Street in San Francisco. “While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet (AT&T’s internet service) circuits by splitting off a portion of the light signal,” Klein wrote in a statement.
By tapping into the fiber optic backbone of AT&T’s network, the NSA could snoop on every packet of data being sent through the switches next door. Unencrypted data would be plainly visible, and encrypted data thought to be secure could be saved and possibly decrypted at a later time. All data that went through that room was saved and copies were sent to the NSA.
Until Klein came forward, none of AT&T’s customers—or people who corresponded with those customers—likely knew about the NSA’s efforts to eavesdrop on their data and communications. But in the near future, if a new technique published in the journal Nature this week pans out, people like you and me will known when the NSA—or anyone else—is listening in.
Decoding encrypted messages is dependent on a key. If you don’t have the key, decoding the data can be incredibly difficult, if not practically impossible, depending on the cryptographic technique. Encrypted communications begin by two users exchanging this key.
The breakthrough isn’t a new encryption method, but a way to alert both parties that their key exchange is being snooped on. Here’s John Markoff, writing for the New York Times:
The key exchange is usually protected by the use of mathematical formulas based on the challenge of factoring large numbers. In recent years public key cryptographic systems have been improved by lengthening the factored numbers used in the formula. That, in principle, would require vastly more computing resources to break into the system.
Quantum cryptography relies instead on encoding the key in a stream of quantum information — photons that are specially polarized. If a third party eavesdrops on the communication, the fact will be immediately obvious to the parties of the secret communication.
The technique, known as quantum key distribution, relies on the fact that measuring a photon can change its orientation. If specific photon orientations are a part of key exchanges, the receiver of a key can easily detect any abnormalities and the key can be discarded before any encrypted information is sent.
Quantum key distribution has been expensive to implement because the equipment it relies on isn’t cheap. But this new method devised by researchers at Toshiba’s Quantum Information Group in England allows up to 64 users to share the equipment, significantly lowering costs. Today, only banks, government institutions, and other sensitive organizations can afford to use quantum key distribution and other quantum cryptographic techniques. But someday soon, even your computer may be able to spot a snoop before it’s too late.