Q-Day, the inevitable point when quantum computers can breach contemporary passwords, looms large over information security, with some suggesting this milestone could be reached within the next decade. Password validation relies on cryptographic one-way functions, which generate an output value from an input, allowing verification without transmitting the actual password. These functions transform the password into an output value that can then be employed to assess its authenticity, such as in online banking. One-way functions possess the unique trait that discerning the input value—the password—from its output remains practically impossible with current resources. However, with the advancement of quantum computers, this may not remain the case for much longer.

In preparation, researchers have been searching for a security solution that can evade the danger of quantum computers. In a paper published in Nature Communications, scientists at ETH Zurich detail a novel cryptographic one—way function unlike other current methods, promising future—proof security. In contrast to conventional arithmetic-based processing, this innovation encapsulates data as a series of nucleotides—the foundational units of DNA. DNA data storage is a hot topic in the world of synthetic biology, falling under the Reading, Writing & Editing DNA track at the Annual Global Synthetic Biology Conference, taking place this May 6-9 in San Jose, CA.

Robert Grass, a professor in the Department of Chemistry and Applied Biosciences, explains, “Our system is based on true randomness. The input and output values are physically linked, and it’s only possible to get from the input value to the output value, not the other way round.”  

“Since it’s a physical system and not a digital one, it can’t be decoded by an algorithm, not even by one that runs on a quantum computer,” adds Anne Lüscher, a doctoral candidate in Grass's team and the lead author of the study.

This novel system holds promise as a foolproof method for certifying the authenticity of valuable assets like artworks and for tracing raw materials and industrial products.

The biochemical one-way function relies on a reservoir of one hundred million distinct DNA molecules, each featuring two segments housing random nucleotide sequences: one for input and one for output. Multiple identical copies of these DNA molecules populate the pool, which can be divided into several identical pools placed in different locations or integrated into objects.

Possession of this DNA pool grants control over the security apparatus. Using the polymerase chain reaction (PCR), a key or input value, represented by a short nucleotide sequence, undergoes testing against the vast pool of DNA molecules. Upon locating a matching molecule, PCR amplifies the corresponding output value from the same molecule, readable through DNA sequencing.

While the principle may initially appear complex, Grass reassures that producing DNA molecules imbued with randomness is economical and straightforward. The production expenses for such a pool are less than 1 Swiss franc. Although DNA sequencing to extract the output value is more laborious and costly, many biology labs already possess the requisite equipment.

ETH Zurich has already applied for a patent for this technology, aiming to refine and optimize it for commercialization. Given its reliance on specialized laboratory infrastructure, the current envisaged applications encompass highly sensitive goods and restricted access facilities. Broader implementation for password verification awaits simplification, particularly in DNA sequencing.

This technology has already been considered for forgery-proof authentication of artworks. For example, an artist could embed the DNA pool into multiple copies of a painting, marking each with a unique identifier. Subsequently, owners can agree on a key and conduct DNA tests, where all genuine copies will result in the same output. Moreover, this technology could tether digital assets like NFTs to physical objects, bringing them into the physical world.

Additionally, it could bolster tamper-proof tracking across industrial supply chains, assuring the authenticity of components in sectors like aviation, pharmaceuticals, and cosmetics. “The aviation industry, for example, has to be able to provide complete proof that it uses only original components. Our technology can guarantee traceability,” Grass says, underscoring its potential to safeguard integrity across various domains.