3/22/2022

Two years ago, a twist of fate turned an expert on classical cryptography into a budding leader in quantum cryptography.

3/22/2022

Two years ago, a twist of fate turned an expert on classical cryptography into a budding leader in quantum cryptography.

As the new world of quantum information science comes into being, it’s showing enormous potential to solve old challenges in novel ways—and cybersecurity is one realm in which quantum promises to shake things up in a big way. Partly through serendipity, IQUIST’s Dakshita Khurana has suddenly found herself exploring an especially exciting piece of that fast-developing scene: quantum cryptography

Until two years ago, Khurana, an assistant professor in Computer Science, had spent her research career working on non-quantum, classical cryptography—the study of ways to communicate and compute securely despite the presence of adversarial activity—with a focus on understanding and reasoning about adversarial behavior.

Khurana explains that her work has involved understanding how to build provably secure systems. “Suppose we have a set of *n* different parties that each have private inputs. And they want to compute a joint function of these inputs.” For example, she says, imagine a set of hospitals that could benefit from having certain kinds of information about all the patients across all the hospitals. They can’t simply share their databases of patient medical records with each other, because such data must be kept private. Is it possible for the individual hospitals to pool their data for common computational analysis, without making any hospital’s data visible to the other hospitals?

“It turns out that you can do this,” says Khurana. “It’s possible to evaluate any general function on a set of distributed private inputs, without having to share those inputs. My work focused on building such protocols and also analyzing them to prove security. In the hospital example, this involves demonstrating that no patient data from one hospital was leaked to another."

Before 2020, Khurana had never studied quantum information science, let alone pursued research on them. But her research agenda took an unexpected turn after she participated as a Fellow in a semester-long cryptography program at UC Berkeley’s Simons Institute for the Theory of Computing. Her program focused on understanding classical cryptography based on specific mathematical structures called “lattices.”

In a fateful coincidence, it happened that the Simons Institute was concurrently running a program on quantum computing.

“Researchers from both classical and quantum backgrounds were visiting the Institute,” recalls Khurana; and indeed, “there are natural connections between the two topics. I’ve been interested in exploring quantum information for a long time but never really had a chance to do that.” Simons presented Khurana with a unique opportunity to co-organize a reading group called “Quantum for Crypto Dummies,” with the goal of teaching classical cryptographers concepts in quantum information.

“Quantum experts were generous enough to devote their time and attention to educating us. There were also opportunities to collaborate with amazing researchers with complementary expertise. That was what kick-started my journey into quantum information.”

The inherent properties of quantum phenomena provide opportunities for keeping information secret; indeed, with quantum cryptography, one can achieve cryptographic goals that would be unattainable in classical cryptography. For example, Khurana hopes to use a quantum information approach to achieve “provable deletion,” which would be impossible outside the quantum context.

Khurana explains, “If I gave you some classical information—which would typically be represented as a sequence of bits, or written on a piece of paper—I can never *provably* force you to delete it. You could return the piece of paper I gave you, but you could have made any number of copies, and there’s no way I can check that you actually deleted all your local copies.”

Khurana points out that it’s a real-world problem; think of all the companies out there that have sensitive information about you, and don’t necessarily purge it when they no longer need it.

“It turns out that quantum information behaves differently,” says Khurana. “Quantum mechanical laws say that you cannot copy an unknown quantum state. So, if I give you a quantum state, which is the quantum analog of writing on a piece of paper... you can keep it with you, but you cannot actually copy it. And moreover, there are ways that I can ask you to return it to me, and I can even check that you deleted it.” That is, there are protocols that can be used to enforce the deletion of quantum states. As Khurana puts it, “this is really cool from a privacy point of view!”

More generally, provable deletion can be used for secure computation on distributed data, such as in the hospital example. “It turns out there are ways to encode private inputs into quantum information, then transmit and compute jointly on this information to recover an output, and then, finally, make sure that all private records were deleted. In principle, this is a new way to collaborate on private data, without actually revealing it.”

“In this way, quantum information gives us an edge over what classical information can achieve,” concludes Khurana, “just because it makes deleting things possible. And some of the techniques that I’ve developed, building on prior seminal work in the area, pertain to the use of quantum information to enforce deletion in the context of privacy-preserving computations."

Khurana has received numerous accolades in her still-young career, including recognition in 2020 as one of *Forbes* magazine’s “30 under 30,” which showcases young innovators who are expected to be thought leaders from now into the future. She was selected from over 15,000 nominees.

She thinks the honor reflected some of her prior, classical work on the data-sharing problem in the hospital scenario. Specifically, she developed a way to avoid extensive back-and-forth communication while allowing multiple entities to perform computations on their aggregate data without making any one entity’s data visible to the other entities.

“That’s important in a practical context... If every hospital has to talk to every other hospital back-and-forth several times, this consumes a significant amount of bandwidth,” she says. “My work showed that you can actually securely compute with low interaction, sometimes just one or two messages exchanged between all participants.”

“It’s a really exciting field,” says Khurana. “I would definitely encourage young researchers to explore quantum cryptography, because... it’s relatively new, and when a field is new, there are so many exciting problems to solve, so many exciting questions that we haven’t even thought about yet. There is scope for research that could one day have a major impact on society.”