“You can’t cheat physics”: Artur Ekert explains why only quantum cryptography can ensure security

07-07-2025
This year’s John von Neumann Lecture explored “Privacy for the Paranoid Ones”, but paranoia isn’t really the point. The point is to win an ancient game.
Illustration of a strong link between two separate particles
Entanglement is at the heart of quantum key distribution – a technology that promises a guarantee of information security.

Forget the proverbial lightbulb: how many academic domains does it take to change the game of cryptography? It’s not a joke; in the quantum era, designing absolute security might come from drawing on a rich variety of specialisms. That’s what makes the field so fun, according to eminent cryptographer and quantum computing pioneer Artur Ekert.

“As a child, I was interested in cryptography as a mathematical puzzle,” he says. “Then, public key encryption came along. Until then, number theory had been considered pure mathematics, something that couldn’t be tainted with applications; and here comes crypto using it for secure communication! And then there’s the connection with quantum physics: pure randomness, and combining that with mathematical tools was so cool.” 

That became Artur’s specialism “just for fun”, he says. “It was my PhD, but I never thought it would be practical. At the time, nearly 30 years ago, quantum technology was not so advanced. But it dragged me along: beautiful number theory, and the most interesting part of physics!”  

The intersections of diverse disciplines so often provide rich ground for investigation, but the structure of academia can make it difficult. 

“We specialise. And we institutionalise the specialisations. So you have departments of physics, mathematics, biology… That was a productive way of doing things, except that by doing this, we push our knowledge in several directions. And that leaves gaps. If you can connect it all, if you can go outside the silos and use a different set of tools, there is room for learning a lot about the world.”  

Science by walking around

It just so happens, Artur says, that being at Oxford provided an advantage here. 

“You’re a member of a college, with colleagues from all possible disciplines. You can talk, over lunch, to someone who’s in medieval literature, or archaeological representations of pregnancy in southern Africa… Everything is there!” All these easily available connections helped Artur to follow up on ideas outside his core discipline. “Maybe they didn’t know the answers to my questions, but they could tell me about interesting developments and point me towards other people to ask. A lot of my career was just about asking the right people the right questions.”

Professor Artur Ekert
Professor Artur Ekert

Artur describes himself as a nomadic scientist, dividing his time between Oxford and Asia (he was a founding director of Singapore’s Centre for Quantum Technologies, and is now an adjunct professor at the interdisciplinary Okinawa Institute of Science & Technology). Who needs a fixed office anyway? 

“I don’t know how to have an office. My office in CQT was full of diving equipment, it wasn’t very presentable. And if you have an office, people know when you’re not there!” But the café lifestyle clearly also suits his preferred way of working by connecting with people, over lunch or otherwise. It suggests an analogy with the MBWA management approach: call it science by walking around. 

“It’s very difficult to promote interdisciplinary work in a top-down way,” says Artur. “Maybe you could achieve an effect similar to the Oxford college system through architecture, with a well-placed cafeteria or something. Just put a bunch of interesting people together and give them coffee.”   

This social instinct, the productive desire to share ideas, is of course also one of the main reasons we need encryption.   

“Our lives are increasingly online. Formerly you might use a safe to protect your valuables, but now it all goes through the internet. Cryptography stands in for locks and safes and walls,” he says. “As human beings we are social. We like sharing. But as an individual, there are some things that make you you, that you want to protect.

“Personally, I’m not so bothered about people trying to hack my inbox. But cryptography interests me as an academic exercise. In professional life, when you want to design something that absolutely secures security in communication, it becomes a game. You imagine that everyone is against you. Then you can design a system that will give you a degree of perfection with minimal assumptions.”

An ancient game in a new era

This game of cryptography, played out between code makers and code breakers, is perhaps at an inflection point. To understand why, we need to remember that information is physical. 

“The consequences of this are not trivial,” says Artur. “Every single bit of data has a physical representation. Something is charged or not charged, representing a zero or a one. So computation is a physical process: it works according to the laws of physics. No matter what, you can’t violate those laws. But when we discover new laws, we have a more interesting set of tools to play with. Every single time we make progress in physics, we can also make progress in computation, because we can compute in a different way.”

This is the crucial point. Quantum computing is often talked about as essentially a question of power, and that is a threat to cryptography – an exponential increase in the computational power of devices means that previously very hard problems become trivial. So, if the security of your code rests on a problem being hard to crack, then it is doomed once computers get powerful enough. 

“Problems like factoring play an enormous role in cryptography. They are difficult to solve, but easy to check,” explains Artur. In effect, that means creating a lock that is hard to crack: the brute force solution, computing every possible answer and trying them one by one, simply takes too long… at least, using currently available technology and mathematics. 

“For mathematicians, factoring is embarrassing, because we just don’t know if it’s actually difficult or not,” Artur comments. “Many people have tried and failed to find an efficient algorithm for factoring, but that doesn’t mean it doesn’t exist.”

So quantum computing isn’t the only threat to secure systems based on factoring; there is also the risk of a mathematical breakthrough. But while that may never come, we now assume that the quantum threat is only a matter of time; which means that right now, the code breakers seem to have the upper hand.

“In 1994, Peter Shor came up with an efficient algorithm for quantum factoring. That means that once we build a quantum computer, we can destroy the public key systems which are in use at the moment.” 

In response to this risk, “post-quantum” cryptographers (“probably the worst possible name for it”, grumbles Artur, but the most common) are looking for alternative mathematical systems that could build security on more difficult problems. As with factoring, though, there is a vulnerability around knowing how difficult those problems really are. 

“The American National Security Agency (NSA) held an open competition to establish the new standard in post-quantum cryptography. And it turned out that some of the shortlisted proposals were in fact broken – even on classical computers. So that showed how difficult it is to make an assessment of whether something is secure or not.”

A new standard was chosen, based on lattice problems, but will they really prove to be quantum-resistant? “It’s not at all clear to me whether that kind of province will always be immune to quantum attacks. Most likely, but it is certainly possible that we will find a quantum algorithm that can break them. In which case we just have to revise the whole post-quantum cryptography system.”

Is the end in sight?

This is the newest version of a very old cycle in the game of cryptography: the code makers propose a system that sooner or later gets broken. But with quantum cryptography (not post-quantum, or quantum-resistant!), that cycle is set to end. Because you can’t cheat physics. 

The thing about quantum computing is that it contains classical computations, but adds new, more powerful possibilities. Remember Artur stressing that information is always physical? In building quantum devices, we can exploit quantum physics. That means the game is no longer just about computing power: it’s about fundamental laws.

“In terms of Bell’s theorem (borrowed from fundamental quantum physics), computer scientists started representing this as a non-local game, with two players in distant locations given challenges from a third party. We can show that quantum resources give an advantage: they are more likely to win if they can use entanglement.”   

So with entanglement, pure randomness can be used to create secure systems – free will makes this possible, as unpacked in Nature article that Artur co-wrote with ETH’s Renato Renner. (If fundamental physics, cutting-edge mathematics and computer science weren’t enough for quantum cryptography to build on, with game theory and free will, economics and philosophy are now added to the mix.) 

The other advantage that quantum physics gives us is making it possible to know when security has been breached. As with Schrodinger’s cat, observing the situation changes it; so Artur proposes using Bell inequalities (a concept borrowed from fundamental quantum physics) to show us when eavesdroppers are on the line.

“Eavesdropping is dangerous because you don’t know that someone is listening in. My proposal allows you to estimate how much is being leaked. We can do a statistical test that gives you a measurement; if you get the maximum number, you know there was no eavesdropping whatsoever. With lower numbers, maybe there was eavesdropping or maybe it’s just noise, but you can estimate the worst-case scenario. You can never be fooled.”

Only physics is truly future-proof

We are not yet in the quantum computing era, and that means that quantum cryptography is still largely theoretical. As cryptographers race to design systems that will withstand quantum-powered attacks, the mathematical approach has immediate appeal: it’s easy to plug new software into old devices, but much much harder to build entirely new devices based on quantum mechanics. This reliance on new hardware may also mean that quantum cryptography has limited applicability, besides being more expensive. The physics-based quantum cryptographic domain, however, is the only one that has potential to offer truly future-proof security, resisting both mathematical and computing breakthroughs. 

“Historical studies of cryptography show that no matter how clever you are, and what kind of clever system you invent, sooner or later there will be someone, not even clever, who can break it,” Artur points out. “But with quantum crypto, we are coming to the end of that. Because in this case, the protection is coming from the laws of physics itself. Maybe we’ll discover new physics, we’ll come into a new physical paradigm, but things based on the old laws will still be secure. Discovering quantum physics didn’t make it any less safe to fly an airplane.” 

In the ancient game of code making and code breaking, we may finally be close to declaring a winner.

The annual John von Neumann lecture is organised by the NCCR Automation and the University of Zurich’s Zurich Center for Market Design. Since 2020 we have invited leading researchers in game theory, computer science and other fields in which Von Neumann was a leader. You can find previous interviews here: 

Eva Tardos (2024)
Yurii Nesterov (2023)