Slashdot Mirror
Making Quantum Crypto Actually Work
There's a piece on the newest breakthrough in quantum crypto on Feed. It goes over some of the background that we've all read before, but the implication of actually making it somethig useful beyond the current short distance is pretty darn cool.
RSA depends on factorization being hard. There exists other public key systems depending on other problems being hard.
Oh and computer science has not proved a link between factorisation and the traveling salesman. Factorization is not known to be NP-complete, although it is known to be in NP.
The danger is that quantum computers will make public key crypto useless, setting us back to a time when useful crypto is reserved for those that can afford symmetric key distribution systems, or quantum crypto, which - if possible - is likely to be incredibly expensive.
Now I would never suggest that we stop research in these areas, but I do think that it gives us a limited window to obtain free communication for all while we still have the tools to achieve it.
--
--
Finally something worthwhile in this discussion. What they don't teach in physics class is that the part beyond the equations is nothing but interpretation.
Sheldon Goldstein has published some worthwhile papers on QM. He's basically debunked a lot of the "superposition of states" crap, and proved that QM can be deterministic with the usual limits on observation. The gist of the argument is GIGO: no accurate position/momentum to start means no accurate position/momentum at the finish. We don't know the definite trajectories of any particles in the universe, so we can't measure any, since we can't put together an reliable measuring tool without this knowledge. So in fact QM does not mean that the universe is non-deterministic; it just means that we're ignorant of a range of phenomena at the quantum level. Enough said.
---- "If we have to go on with these damned quantum jumps, then I'm sorry that I ever got involved" - Erwin Schrodinger
The sender is equipped with a dog locked in a box. A radioactive atom, contained in a special measuring apparatus, has a finite probability of decaying and triggering a fatal dose of poison for the dog. Neither the sender nor, more crucially, the SPCA knows whether the dog is dead or alive when the message is sent.
The superposed live and dead dog is then passed through two slits, resulting in an interference pattern, where dead and live dogs reinforce or cancel each other out. This pattern is transmitted via fiber optics to the receiver, who is equipped with a physics book identical to the one possessed by the sender.
The receiver then passes the beam through an apparatus which contains three doors. Behind one of the doors is a goat. Behind another is a brand new car. After the receiver chooses one door, the host opens the door containing the goat.
Now the receiver guesses whether the dog is dead or alive, and if he is correct, he receives a shiny new car and a year's supply of dog food, signifying that the message has been successfully transmitted!
While this method is correct in theory, no one has yet built an apparatus using this method over long distances. However, scientists are confident that these minor details will be filled in shortly.
---- "If we have to go on with these damned quantum jumps, then I'm sorry that I ever got involved" - Erwin Schrodinger
Someone will correct me if I'm wrong, but I think you're confusing quantum encryption with quantum computing. Both adopt non-"normal" properties of physics at a quantum level (and hard to get a grasp on concepts like entanglement, superposition, infinate # of universes etc.) but they are different.
As I understand it, quantum cryptography involves the fact that a third party observer of information in transit *by definition* alters the content of the message by simply "sniffing" it. A recipient can therefore detect whether or not a message has been intercepted.
Quantum computing, on the other hand, involves setting a number of atoms (each being one quantum bit, or "qbit") in a "superposition" (a state where they're simulateously positive and negative, I think) in accordance with a particular formula (or "program") that corresponds to what you waht the computer to calculate. To determine the output of the "computer," readings are taken from the atoms to determine the probability of the correct solution in our universe.
Somehow or another, quantum computers allow you to do in parallel (because your kind of narrowing down the possible solutions for an infinate number of universes down to OUR universe) what traditionally has to be done sequentially through normal computing. The most obvious application for this is for trying lots of encryption keys simultaneously (or near simultaneously) to find the right one.
Sorry for the vagueness, I'm just trying to get a handle on it myself and I haven't read about it for a couple months so my memory is wearing down. There are lots of good resources and papers on this topic on the web though.
-------------------
-------------------
This is my SIG. There are many like it, but this one is mine.
Quantum computers employ the same method of the uncertainty principle to compute--prerequisite was a badly chosen word, tho.
Their advancement will almost certainly be parallel.
Returned Peace Corps IT Volunteer
Um, are you trying to initiate a flame?
Not to say that your points aren't generally valid, but, I hate to tell you, but Big Brother is already sending private messages back and forth that we can't read. Remember, the gov't (well, the military) has the patience and need to use OTPs. OTPs always win.
The more serious problem is that a prerequisite for quantum crypto is stronger quantum computers. Stronger quantum computers can breeze through current crypto mechanisms with startling ease, dramatically raising the bar of what is a 'secure' keylength. Start thinking 4096bit, buddy. Gov't needs privacy, they have it and will keep it. Citizens also need privacy, we can have it sometimes, but might be about to loose all possibility of it.
All that being said, c'mon. We know we're not gonna stop technology, so we need to start thinking seriously about how to address the implications. We're not the RIAA here, we know the light is a train, and we're smart enough to find a side-tunnel to not get killed.
Returned Peace Corps IT Volunteer
The article focuses on one piddly part of quantum crypto. It's more powerful than it reveals, as this /. thread and it's related article discuss.
Returned Peace Corps IT Volunteer
Actually, it is. Is this a real surprise? It's word magick, sort of like "organic carrots". Well, I suspect that carbon molecules are in there somewhere.
We tend to say "security by obscurity" when we are talking about weakly obscure matters. And we tend to say "real security" when we are talking about more obscure matters. The importance of quantum transmissions is that they provide the potential for "almost complete obscurity". But...
Here's an interesting question, suppose you could show that every message that you could send with a code had a sensible translation involving all the same information as the intended translation that could be determined in less time than the intended translation. I tend to suspect that we are approaching this point. How could this be proven correct, or incorrect?
If such a code were created, could anyone ever know what was meant by a message sent in it?
Now I posit that, given certain assumptions, English is such a code. (It's mostly not intentionally designed to be obscure, but the development was a rather random process, and complete accuracy of interpretation of message transmissions was not at the top of the agenda.)
If you think that English is precise, and that you know what an English sentence means, then I invite you to express it in C, Lisp, Python, or one of the other truly unambiguous languages. (OK, there do exist sentences that can be so translated. But the majority of them cannot.)
How will this help? It may be one step toward systems which can understand natural languages. (It's rather of a sideways step, but the existence of encryption techniques tends to inspire the existence of decryption techniques, which may be what is needed.)
Caution: Now approaching the (technological) singularity.
I think we've pushed this "anyone can grow up to be president" thing too far.
As a "real" physicist can you tell me if the whole being able to transmit information from entanglement is really possible, because a few years ago I had a respectable physicist tell me that it was simply a slight of hand trick and nothing practical could really be done with it, sorta like that experiment mentioned a while back about info in light leaving a tube before the original light should have. Or has more proof of its reality come out in the last few years?
This is a very weak interpretation of the EPR experiment: there is no reason to believe that "physics is fundamentally nonlocal" in the sense that you're talking about - especially when it comes to the interpretation that it will produce "instant" anything.
The hardest part of quantum entanglement to understand is the fact that Nature is both fundamentally local and nonlocal at the same time. Yes. You heard me. That's exactly what I meant.
Interactions are local: a particle at point B ten light years away from a particle at point A can only interact with an on-mass-shell particle intermediating the two. That is, for an electron which emits a photon which is reabsorbed by a particle ten light years away, the photon is on-shell - or VERY nearly on-shell: q^2 = 0. They can't exchange an off-mass-shell particle, because it would need to live too long. What does this mean? It means that space essentially determines the momentum scale of an interaction - i.e., interactions are fundamentally *local*.
Particles, however, are fundamentally *nonlocal*. As D. Griffiths might have put it in his wonderful QM text, "Even God doesn't know the exact location of an electron" - because the concept of an "exact location of an electron" doesn't exist. Yes. That's right. It's not an inherent limitation in humans, or the Universe, or God in this case. It's the way electrons are. If you asked God what the exact location of an electron was, he'd look at you as if you were stupid, because you'd be asking a complete nonsense question. Asking "where is an electron?" is nonsense. The concept of "where" doesn't exist quite as firmly for an electron as we think it does for us.
So, how do you reconcile the concept of the EPR experiment? It's because the concept of the "location of the photon" is not real. The photon is located along the entire spread of its worldline, as is its pair photon with opposite polarization - or at least, the photon's polarization is (talking about the "location of a photon" is, as I said, meaningless). Same for an electron/positron pair in the classic EPR experiment. When you measure the polarization (or spin) of the photon (electron), you're measuring the polarization of one part of the *combined pair*.
Of course, once you do that, you localize each portion of the state: interactions are fundamentally local, after all.
You said it yourself. All that exists are particles and their interactions. Particles don't provide the structure of spacetime - their interactions do. You can't have instantaneous changes in position because that would suddenly cause all the interactions that those particles were undergoing to become nonlocal.
The only way you can have "instantaneous changes in position" is if you physically make the space close - i.e., a wormhole - then all the interactions stay local. They're then in a multiply connected topology, but there's nothing wrong with that. However, good luck actually predicting the dynamics of creating a wormhole. We don't have math for 'breaking' a continous object and then 'reforming' it again (see also waves crashing). Might be possible, might not.
But in any case, "instant" communication is insane without invoking the concept of a multiply connected universe.
Wow. That link is by far the worst example of idiot math I've ever seen in my life. Has the author ever *read* a relativity textbook?
What is claimed in the link:
Motion is impossible because a component of the "4-velocity" created by "dx/dt" is a "unitless" number.
OK, so why is this stupid?
The position of a particle, x, is defined as
x = (ct, x, y, z) in some reference frame - it is NOT (t,x,y,z): that's *stupid*: space is space, time is time. But when you consider that there is a common velocity throughout all space and reference frames - the speed of light in vacuum - then 'time' has to be linked to 'space' somehow - and it's linked through the speed of light in vacuum, c. You can work this out on a sheet of paper using the Pythagorean theorem.
OK. So even the 'simple' 4-velocity dx/dt now looks like dx/dt = (c, dx/dt, dy/dt, dz/dt). Nothing's unitless - everything has dimensions of distance/time. Thus, we have already disproven the statement in the above link. So, we can stop here.
Motion in spacetime is simple - it works exactly as it does in Euclidean space/time. Want to create motion? Just shift to a reference frame that is moving at a different 3-velocity using Lorentz transformations. Boom. You've got motion in spacetime - you can then follow the object's position as it moves through spacetime.
I don't know about the time paradox (relativity only says physical objects can't move faster than light, AFAIK). But suppose it was possible, you would have a "subspace (TM)" communications system. So shouldn't SETI be listening for this, instead of some alien civilization's TV reruns?
"Because entanglement degrades over time, it's necessary for long-distance communication that a pair be as perfectly entangled as possible to begin with. Zeilinger's proposed mechanism, a polarized beam splitter (PBS), is a little cube of gas that generates highly entangled states in photons that are only weakly entangled, making them robust for long-distance communication."
Whah??? So if you "cook up" an entangled pair of photons, don't you have to then send one to the recipient? How does the recipient get their photon? Or does, through the magic of QM, the entangled photon just "appear" at the other side?
Forget encryption: if we can transmit information simultaneously (in the very physical definition of the term), that itself is an AMAZING feat. You could basically have all the information in the world replicated *instantaneously* everywhere. What's stopping me from generating billions and billions of "bits" of entangled photons, and just using them for massive storage and "free" simultaneous communication?
It's 10 PM. Do you know if you're un-American?
I could well imagine big businesses that invest in quantum technology and then provide encryption services to anyone for a fee.
The notion that this technology should be ceased because it will cause harm seems absurd to me.
Quantum scrambling of communication is cool, and indeed may provide an unbreakable code protocol, but the kind of unreserved exuberance in the article might be unwise.
The essence of public/private key crypto (which is what we use today for key exchange) is the putative difficulty of prime-factoring a very large number. Our confidence in this sort of algorithm stems from centuries of direct investigation of this problem and corresponding centuries of failure to accomplish a solution in a reasonable time order. The problems involved in solving this problem is so well understood that mathematicians have even been able to generalize this problem to a class of seemingly unrelated problems in the NP set. I won't pretend I understand NP at all, but any discipline that can draw a parallel between prime factorization and problems like the traveling salesman is obviously deeply researched and well developed.
"Quantum crypto" as the article calls it, is not based upon this sort of deep understanding. Far from it; instead, it is based upon our somewhat naiive observation that particles flip in unison "like magic" when they are quantum-associated. While certainly QM is also a complex field of study with just over a hundred years of development, I don't think anybody out there can make any kind of definitive statement or even guess about why quantum binding happens or how it works.
Given this, how can we be confident in an algorithm founded upon what is basically our collective ignorance? Surely there is some kind of fundamental law or reason behind quantum binding, and when we come to understand it (string theory?), perhaps the "magic" of QM will suddenly seem kind of prosaic and even influenceable. There really is no way of knowing because even the most skilled practictioners of the science bicker about the exact cause and mechanism.
Not to be a damper - I would love to see this system working - but we need to be honest about our ignorance and how it could hurt us in the long run.
-konstant
Yes! We are all individuals! I'm not!
-konstant
Yes! We are all individuals! I'm not!
It isn't an intrinsic property per. se., but it always exists (in the lingo, it is called decoherence). Entanglement is a state of two (or more) particles that have some correlation between them. However, since they are seperated, random environmental/thermal fluctuation affect each particle differenly, randomizing the relative phase between the particles and causing the pair to become useless.
Photons only interact weakly with matter, so they tend to be pretty stable, but if you have entangled atoms, for instance, a slight difference in the local electric field can quickly destroy your carefully prepared state. This is the fundamental roadblock on the way to medium scale quantum computing -- QC involves entangled states of many many particles (~5000 to factor 1024 bit RSA, IIRC) over a relatively long period of time (a second or so). The larger a system, the harder to prevent decoherence, which is why every bit is a challenge.
Yeah, that is more or less how things work. generally, you use the key as a one time pad -- XOR it with your message. As long as you never reuse key bytes, you are fine. The evesdropper is checked for by using checksumming over the key data, rather than encoding a test message.
You can't really transfer information with entanglement (that I know of). In general, doing so would violate causality by transfering information faster than light. What you can do (and QC does) is exploit entanglement to agree on a set of (random) data that it is physically impossible for an eavesdropper to measure w/o disrupting it.
This random data can be used as a OTP to send real information.
You can tell only whether there was an eavesdropper after you compare notes with the person on the other end -- using classical light-speed limited communication.
Physically, the effect of the eavesdropper is to destroy the polarization correlation between the two photons. The way you determine this is if Alice and Bob compare checksums of their bits in some fashion. If they have the same results, nobody tampered with the data stream.
[in PDF format]
http://babbage.sissa.it/pdf/quant-ph/0012026
Bennett et. al. and Ekert et. al. proposed
the idea of using entanglement for key distribution more than five years ago. It has many advantages over the other quantum scheme proposed by Bennett and Brassard in 1984/86 and its refinements, theoretically speaking, but implementing it experimentally is much harder since entanglement is involved. I think
the point here is that Anton Zeilinger has an idea
about how to generate entangled particles in real life more efficiently. This is not easy. Theorists can assume they have a perfectly entangled state and do all kinds of operations on them in their minds and notebooks but even the most simple of these are extremely hard to implement in practice!
Yes your right, well sort of.
This could fall to the man-in-middle attack[1], but this can be avoid by using the conventional solutions to this attack, an interlock protocol[2] is one, signed public keys in a key public repository are another.
[1]This attack, works by intercepting the key exchange between Alice to Bob and replacing them with new keys. The message is also intercepted decrypted using the private partner of the public key we sent to Alice or Bob , and re-encrypted using the public key sent by Alice or Bob. We have the text, and Alice and Bob have also successfully exchanged the message without noticing.
[2]The interlock protocol (now this is complicated so read carefully) The key exchange occurs normally, assume 'the man' intercepts them. Alice and Bob now exchange alternate bits of the cipher text, in two parts. This is when 'the man' has a problem, he attempts to decrypt the first half, he fails, because he cannot decrypt half the message without the other half, he cannot receive the other half before he returns something. Therefore re-encrypt the true message is impossible, he has to simulate and forwards it. The second half is then exchanged, in order to ensure that his duplicity is not revealed, and his compromise is compromised. He would now need to generate the second half of the cipher text such that the total cipher text results in the same plain text. This is a computational problem of the same order of complexity as brute forcing the original key, it certainly cannot be performed during the normal latency of such a system.
Correct me if I'm wrong. I'm neither a physicist nor a computer scientist, but I have read about the stuff. First of all, the key is generated on both sides by reading a random string of photons. Quantum entanglement causes this to happen simultaneously at both ends. Because this stream of photons is truly random, the key is truly random, and there is no "Moore's law crack" possible. You can trivially generate a megabyte-long key if you want to. Good luck trying every combination. Then a test message is encrypted with that key and sent over ordinary communication channels. If the recipient is able to decrypt the test message with the key he received, then it follows that he has the correct key. Therefore, the key was not snooped, because Heisenberg says if the key was observed in transmission, it would have come out garbage at the other end. On the other hand, he might try his key and get garbage. Then he knows the key was snooped in transmission; he simply tells the sender there's a problem. Nothing has been compromised, the spy has only seen a test message. If his key is working, then the real data is encrypted with the key and sent, also over ordinary communication channels. It no longer matters if the link is being snooped, because the key has already been sent securely.
--
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
I was under the impression that once Quantum cryptography and computing became a reality, that conventional means would just fall to pieces....but all this looks like is a way to transmit binary data via photons...and then you're sure it wasn't observed cause it's not tampered with...that isn't really the best way that I can imagine to ensure eternal security and vigilance against the forces of evil..
Sounds like security thru obsecurity to me, ("my password is asdfasdf, but we're secure because no one observed it being transmitted and no one observed our message...woo hoo!!!!" - oh, what's that? TEMPEST attacks?...never mind)
----------
ah honey, we're all resplendent - Bill Mallonee
On time pads are very secure and if used correctly, are very difficult to break. The issue with one time pads is the distribution and mangement -- with quantum crypto you don't need this and it cuts down on overhead.
In my opnion this overhead is the real reason why we do not see cypto adopted for business use on a wide scale -- can you imagine the same folks that need to get toner in the copier being responsible for the distribution of one time pads!
The more serious problem is that a prerequisite for quantum crypto is stronger quantum computers.
Umm...no. The quantum cryptography this article talks about involves tricky arrangement of photons that makes it essentially impossible for transmissions to be intercepted. This does not require quantum computers at all.
Please read the article next time.
Somewhere in the fifth dimension, a copy of you will have just won.
Bill, wondering how long it would take to phone all these copies.
I still have one question: how can I tell if an evesdropper has been looking at my particles? It seems to me that if I can tell, I can construct a Faster Than Light communications device as follows:
1) I generate a stream of entangled particles.
2) For each pair, I send one particle towards Alpha Centuri, and preserve the other particle in my local ring buffer.
3) To transmit an FTL bit, I evesdrop on (observe ) a set of 7 year old particles in my local buffer.
4) The receiver on Alpha Centuri instantly detects that evesdropping has taken place, and thus gets the FTL bit of info.
Where did I go wrong?
Due to the highly sophisticated nature of this technology, the hardware required to transmit and receive messages using quantum encryption will be out of the price range for all but the largest governments and businesses. While the potential for increased privacy among all citizens exists, it's prohibitive cost will keep it out of most of our hands.
For this reason, quantum encryption will do nothing to benefit the average privacy-conscious citizen, and at worst, will in fact decrease our level of security. If governments and corporations have the ability to send secret messages behind the backs of the populace, greed and corruption will become even more rampant than it already is, and the rights of the average citizen will be trampled for the sake of Big Brother. This is precisely why we need to take measures to prevent this technology from being fully developed, and to keep these encryption devices out of the hands of the world's superpowers. We've got nothing to gain and a lot to lose from this, and must take any necessary steps to prevent it from becoming a reality.
-atrowe: Card-carrying Mensa member. I have no toleranse for stupidity.
For quantum cryptography to work properly I suggest everyone close their eyes and/or avoid looking at any related apparatus.
--
--hongpong.com
Believe me, she's wrong on this one. It's an easy mistake to make, but a mistake nonetheless. It's most easily explained if one says 'hidden variables' (the answers were there all along, and deciding what to measure doesn't change anything). Unfortunately this is statistically distinguishable from a genuinely non-local interpretation, and experiments clearly favour the nonlocal theories. Lots of very careful experiments show that we're stuck with a nonlocal theory in which it is still impossible to send information faster than the speed of light.
Several Slashdotters have pounced on her statement. Sorry, guys. She got it wrong. I spent two years listening to seminars on Quantum Crypto, while studying third and fourth year Quantum Mechanics, and I did a project during my honours year on the Einstein Podolsky Rosen Paradox (and Bell's Inequality), which cover precisely this.
I bet Zeilinger (the researcher) shuddered when he read the FEED article. My impression is that the article author failed to understand Quantum Cryptography, never mind understanding what the new theoretical advancement was. I know I couldn't tell from the article what the advance was; probably the device generating entangled photons, but that was only identified by a TLA.
Quantum Cryptography is all about generating a One-Time-Pad key. It uses two channels; the Quantum one, where the eavesdropper can be detected, and the public one, where we don't care about eavesdroppers. (say an ssh connection? There's no sense advertising that you have something to hide. It can be broken, but nothing useful can be stolen.)
Quantum cryptography uses four polarisation states of a photon. Electrons have spin. Photons have polarisation. (This can be circular polarisation, leading to some confusion. Other confusion can arise from the fact that Quantum discussions might use either. Quantum Crypto is invariably photons, however; electrons, being charged, interact with everything and so can't travel through matter (excepting superconductors) without losing their coherence.)
Four polarisation states; usually described as - | \ / (horizontal, vertical, left, right), although left and right circular could be used. The crucial thing is that we have two orthogonal pairs, and if we make a measurement in one pair, we have no idea what the result of a measurement in the other pair is. Whatever it might have been - it isn't anymore. (The photon entanglement is gone for all subsequent measurements.)
The two people on each end of the link choose randomly which signal to measure from their entangled photons, and compare notes over the insecure link. Alice might measure her photon in \/, and Bob might measure his photon in -|, and when (over the insecure channel) they compare measurement types, they'll ditch that information. When they use the same measurement type, they'll keep that information.
They'll compare some of those measurements over the insecure channel to see if anyone's eavesdropping. They'll get a higher error rate if anyone is, and then they'll panic. Otherwise, they'll exploit some fancy error correction algorithms to eliminate the errors that do get through, without compromising their data. (This involves discarding at least half of it. They can agree on which half over the insecure channel without compromising things.)
In the end, they have a one-time-pad. They use it once to transmit a secure message over an insecure channel. Then they start over.
Sociological implications? I don't know. Except that the method is easy to misunderstand. And this doesn't solve every privacy problem there is; its strength is solely in the detection of eavesdroppers and the generation of One-Time-Pad keys.
Rachel
Nuclear Physics PhD Student
You can't leverage a small set of secret bits into a large number of secret bits over an insecure line (well... there was that recently suggested method of overwhelming any eavesdropper's storage capacity by sending mostly garbage data, but for most purposes that is even less practical than traditional secure key distribution). There is a class of encryption algorithms that work like this, using a fixed-size key and a carefully designed psuedorandom generator to generate pad data, but they can be broken with sufficient computation; they don't have theoretically perfect secrecy. At best, they are impractical to break, like any fixed-size key encryption.
There is no way to skimp on OTP without breaking it.
--
People are comparing this to traditional encryption methods, when it really has nothing to do with them.
What we're really talking about here is not encryption, but a means of establishing a physically secure connection.
By its nature, it will never be a way of communicating over the internet or any other network, though it may very well be used between nodes of a network. If any datum is merely physically read by any node, to be cached, routed or whatever, that is the end of the line for the security afforded by the quantum method.
Incidentally, you need a shared secret to know that you're talking to the right person. Otherwise, it's subject to a man-in-the-middle attack. Furthermore, data from the shared secret is compromised every time a man-in-the-middle attack is foiled, leaving you with a fairly intact key-distribution problem. Also, natural noise is indistinguishable from eavesdropping.
--
Namely, that there is only one hidden variable for spin and it is an actual direction. A more complex hidden variable scheme, in which there is no relationship between measures of spin at 0 degrees, spin at 90 degrees, and spin at 45 degrees is unaffected.
Reading the spin at 0 degrees, and that at 45 degrees, they deduce the spin at 90 degrees, but is this deduction accurate? Only if spin is a simple matter of direction and magnitude. This is something untestable without quantum-entangled triplets at the least.
--
The experiments have been done. For electrons the left polarizer is set at 45 degrees and the right one at zero degrees. A beam of, say, a billion electrons is measured to determine Number(right spin-up zero degrees, left spin-up 45 degrees). The polarizers are then set at 90 degrees/45 degrees, another billion electrons are measured, then the polarizers are set at 90 degrees/zero degrees for another billion electrons.
It's even dumber than I thought. They're not inferring C from A and B. They're taking a sample of A1~B1, then a seperate sample of B2~C2, and yet another sample A3~C3, and combining these entirely seperate numbers to find that A1~B1 + B2~C2 >= A3~C3 doesn't match up. This isn't remotely the same thing as A1~B1 + B1~C1 >= A1~C1 not matching up.
Ugh. Either this is just a terribly inaccurate explanation of the experiment, or someone needs to give these physicists a smack upside the head.
Anyone else remember how for years biologists consistently miscounted the number of chromosomes?
--
You forgot to mention the quantum-entanglement of a pair of dogs.
They must be created as structured pure energy, which spontaneously splits into a dog and anti-dog in a box and anti-box with a radioactive sample and radioactive anti-sample; all with identical traits down to a quantum level, guaranteeing identical behavior.
To keep them identical, they must be flash-frozen into "dogsicles" before delivery. However, the recipient must send back only whether he has checked that the dog is dead, or if it has thawed.
This is one of the many pair of dogsicle traits of quantum mechanics.
--
Einstein hated the way people talk about this stuff, because he believed in the hidden variable explanation. This makes perfect sense without action at a distance if you imagine that the information exposed by reading was set at the time the particles became quantum entangled and carried by both particles all along.
The common explanation (the one taught in universities) is that the data of quantum state is created (purely randomly) at the moment it is read. Hence spooky action at a distance when you read one entangled particle, because it creates the same data in its partner, no matter how far away. The Einstein/hidden variable explanation is that the data is read from hidden variables (which are changed by the reading, in chaotic ways we don't have a model of, and so can't predict, thus creating apparently random new settings for the variables); there's no spooky action at a distance because "quantum entanglement" simply means that they somehow have the same hidden variable settings.
The justification for going with the spooky explanation is that it is "simpler" and thus preferable by Occam's Razor. To me, this is just bad philosophy, and a misunderstanding of the uses of Occam's Razor. For one thing, it throws out determinism, saying that not only are the reasons for things we can't predict hidden, but there are no reasons for them at all! For another, it tells people to stop looking for the hidden variables and the rules that create the apparently random values, because there are no hidden variables and quantum state is truly random.
It's not a difference in actual predicted results, it's a difference in philosophy. Einstein preferred the theory which admitted its gaps over the one that pretends things don't exists whenever you can't see them.
It's a common theme in his work: his theories suggest things beyond those fully predictable by his theories (such as black holes), thus spurring new research. If relativity was dominated by the same bad philosophy as quantum mechanics, it would claim that the interior (beyond the event horizon) of a black hole does not exist because we apparently can't observe it, just as it claims that the internal state of a quantum particle doesn't exist.
Favoring a "complete theory" is pure hubris, and has contributed to the stagnation of quantum theory.
Respect Einstein, give hidden variables a chance!
--
"How is this useful in transporting a message? Could someone either explain what I'm missing"
You're not missing anything, that was my first thought as well. The current analysis of "spooky action at a distance" implies that while there is a statistical correlation, it is insufficient for transmitting data. That fact is something sorely lacking from this Science, and I would like to have it addressed. Spooky interaction of electron spin is not sufficient for communicating a message, though it may be useful for verifying a message. What gives?
Check out the heading "Putting Entangled Photons to Work" here for more info. There's a lot missing in this quantum encryption proposal mentioned in the article...
Did you guys catch the really cool part about this proposal? Entangled photon pairs react in such a way that when the state of one photon is changed, the other is changed instantly. Therefore this is not just quantum encrypted communication, but quantum encrypted communication faster than the speed of light.
If you want to read a to read a far less pseudo-science description of this phenomenon, may I suggest the unisci article. There's a good article on the whole entanglement phenomenon at Daily Insight here.
p.s. "spooky action at a distance" was Einstein's phrase for it...
First, I'd like to point out that quantum computation and quantum encryption are two almost completely separate concepts. Quantum encryption is based on the fact that quantum states cannot be measured without altering. The most common example is the polarization of a photon, but it will work for any quantum state, so long as there exist, effectively, two unique states that can transmit the data.
Quantum computation, however, is much more complex and much more interesting. Quantum computers are based on the concept of quantum entanglement, the ability of a quantum state to exist in a superposition of all of its mutually exclusive states: It's a 1 and a 0. However, this is not as easy to use as one might think. While it's true that if you have n quantum logic gates you have the ability to input 2^n data values simultaneously (as opposed to only 1 piece of data if you have n digital logic gates), this is not going to be the end of classical computing for a few reasons. First, quantum computers have to be perfectly reversible. That means for every output there's an input and vice versa. And there has to be no way of knowing the initial states of the data. You don't process data, you process probabilities in a quantum computer; if you know exactly what any one value is throughout the computation, you can find out all of the values: the superposition ends and you're stuck with a useless chunk of machinery. This means YOU CAN ONLY GET ONE RESULT FROM ANY QUANTUM COMPUTATION, THE END RESULT. You can't see what the data in the middle is or the computer becomes useless. (Landauer's principle makes heat loss data loss. When your processor gets hot, it's losing data. If the same thing happened to a quantum computer, it wouldn't be quantum anymore.) Decoherence is what happens when you randomly lose data to the environment by design, not by choice, and the superposition ends. This is bad for Q.C. Oh, and quantum computers can only do *some* things faster, like prime factorization and discrete logarithms. Not multiplication or addition. Plus, the circuits that would do basic arithmetic would be bigger and slower than what you've currently got.
So what does this all mean? It means that quantum computers are going to provide some advantages (real quick big number factorization), and some disadvantages (that whole RSA standard). The most realistic initial use of quantum computers will be as add-ons to existing super-computers to resolve certain types of NP-Complete headaches that regular math can't simplify yet. At best they will someday be an add-on to your PC; but they will never replace the digital computer.~
If you want more info, check out http://www.qubit.org, it's got some decent tutorials.
Quantum Cryptogrpaphy, or maybe better Quantum Key Distribution (QKD), is already much more advanced than many people think: there are already groups working on devices that might become really small and cheap in a few years from now.
These devices allow their users to establish a secure key, which might be used as a one-time pad. Secure means in this context, that any eavesdropping strategy allowed by the laws of physics can be detected, and, to some extend, corrected. The latter means that even tough an eavesdropper might have gained partial information on the key, Alice and Bob can amplify the security of that key by (essentially) discarding some of the key bits. This method also helps against the "noise-introduced-by-the-channel-cannot-be-disting uished-from-an-eavesdropper" - issue.
However, all those devices for practical QKD have two problems: Absorbtion and decoherence. Both scale exponentially with the length of the quantum channel used. This is the reason why with current technology it is difficult to go to distances between Alice and Bob which are larger than, say, 100 km.
In order to help against these difficulties (which prevent you from going to large distances in QKD), there are two solutions known (at least, to me): the first is of rather theoretical use: Quantum communication can be thought of as a (rather trivial) special case or quantum computation, and for quantum computation there are codes known (so-called concatenated codes) which allow you to to continue your quantum calculation with polynomial cost. This solution, while elegant from a theoretical point of view, has the disadvantage, that quantum communication becomes techically as difficult as fault-tolerant quantum computation.
The second is the so-called quantum repeater (see http://xxx.uni-augsburg.de/abs/quant-ph/9808065 and the references there in). The quantum repeater is based on entanglement purification and entanglement swapping. Now, the entanglement purification part has been thought to be the more difficult one, as it requires the so-called CNOT gate, which is really difficult to implement for qubits carried by photons. And exactly this part has (at least in theory) been solved by the Zeilinger-group.
What does this mean? Well, it means that quantum communication scaleable to large distances (with ploynomial overhead) might become available in the not-so-far future. At least one of the obstacles on the way to this goal semms to have vanished.