To ensure that secrets stay secret, information should flow easily in one direction but not in the reverse. Researchers at Massachusetts Institute of Technology in Cambridge suggest that using the speckle patterns that arise when a laser beam shines through a transparent inhomogeneous substance may provide this asymmetry. The result, according to the MIT group, is an authentication key that is secure, accurate, tamper-resistant and inexpensive.Random speckle patterns offer a physical one-way function for the production of secure cryptographic keys. A 1 x 1 x 1-cm cube contains on the order of 1 Tb of structural information; an image of the speckle pattern created by a laser beam passing through the cube contains 1 Mb of intensity information. Applying a Gabor transform to the intensity pattern yields a 2400-bit code key. Courtesy of Ravikanth Pappu. Modern cryptography depends on one-way functions such as the multiplication of two prime numbers to encode information for secure transmission. Factoring the resulting large number to extract the original primes is extremely difficult, but increasing computing power makes this one-way ticket to security precarious.The researchers suggest tackling the problem from another direction. "Remembering that information is physical often allows us to do things in surprising ways that could not be done using digital systems alone," said Ravikanth Pappu, a member of the group who has gone on to help found ThingMagic LLC, a research and development firm, also in Cambridge.They have developed and demonstrated a physical one-way function in which the 633-nm light from a HeNe laser passes through a transparent 10 x 10 x 2.5-mm box filled with 500- to 800-µm-diameter glass spheres. The average spacing between the spheres is approximately 100 µm. The interaction of the beam and the spheres produces a speckle pattern that depends on the construction of the box, and on the wavelength and angle of the beam. A 320 x 240-pixel CCD camera records the pattern. By filtering that pattern with a Gabor transform, the researchers derive a unique 2400-bit key that can be The method is secure, highly reliable and resistant to attack. For example, reading the information that has been scrambled in this manner requires the physical token itself, and altering or tampering with the token destroys the key. The team estimates that it costs a penny in materials to produce a bead-filled box.Although the technique has been demonstrated only in a laboratory setting, a device based on it might be ready for production in one to two years, Pappu said.