Slashdot Mirror

← Back to Stories (view on slashdot.org)

Single-Photon LED: Key To Uncrackable Encryption?

Posted by timothy on from the morse-code-writ-small dept.

nut writes: "The BBC are carrying this story of new type of LED so precise that it can emit just one photon of light each time it is switched on. It has been developed by scientists from Toshiba Research Limited and the University of Cambridge. It is described in the journal Science, although I can find no mention of it on their website. One of the applications of this is supposedly uncrackable encryption, due to the law of indeterminacy. This application is described fully in 'The Code Book', by Simon Singh, although the method was only theoretical at the time the book was first published."

10 of 228 comments (clear)

  1. uncrackable encryption or no, that's just cool by anotherone · · Score: 3, Insightful
    All that I want to know is how exactly they know that it's only emitting one photon.

    And as far as I can tell, this is only a silly little theory. So far they've figured out how to emit one photon, but they don't know how to read it. I'm sure that this is gonna be HUGE...

    --
    Username taken, please choose another one.
  2. law of indeterminacy?? by ZeroConcept · · Score: 2, Insightful

    Are they referring to the Heisenberg Uncertainty Principle? What is the law of indeterminacy??

  3. 1 photon? That doesn't seem like a bright idea. by jdrogers · · Score: 2, Insightful

    Yeah, so we have the law of indeterminacy preventing encryption cracking, blah, blah blah.

    But if we are going to consider laws of quantum mechanics, we only have a finite (less than 100%) chance of detecting the photon. So the LED will have to emmit multiple photon so there is a 100% chance of detection.

    But then the indeterminacy law breaks down, doesn't it?

  4. it's all about the probability by Anonymous Coward · · Score: 2, Insightful
    When M intercepts the photon burst, he naturally modifies it (Heisenburg) before it reaches B. During the verification stage (which takes place over an unsecured line), A & B have a 0.25 probability per bit of detecting that M was eavesdropping. Thus, for an n-bit message, the probability of detecting M's presence is 1 - (3/4)^n.

    If we replace M with E, things become even more dire. Like B, E will choose the wrong detector half the time, but it will choose the "wrong" half ("wrong" according to the verification stage). For a message of length n, there is thus a 1 - (1/2)^n probability that E will not be able to recover the message.

    Note that quantum cryptography is not meant to be used to send normal plaintext messages. It is meant to be used to transmit one-time-pads. Generally you'd want these one-time-pads millions of bits in length.

    Let's suppose you create a protocol to set up an uncrackable, 100% secure channel between yourself (A) and your friend (B). I (M) am a real bastard and want to annoy you by intercepting your key and having lots of fun. You send your friend a one-time pad with your LED, let's say 1kB (8 kbit) in length. Note that this key is thousands of times smaller than your average key would be, but my calcalutor chokes if I don't use an obscenely small number :).

    There is a 3e-1000 chance of me sitting in the middle without being detected (of course this probability is exponential, so a sanely-sized keywould give me very little hope indeed!). So, you send your friend 1kB and darn! someone was eavesdropping. You'd think your application would alert you at this time ("hey! I can say with literally 100% certainty that someone is eavesdropping!"), but lets say your application is terribly stupid. So, you restart and send another key. Same thing! Another few keys, then a few thousand more, then a few googol keys here and there. Damn! You've been trying to get this channel started for literally billions and billions of eons, and still you can't quite connect because someone's eavesdropping! Determined, you keep on plugging away. Millions of universes have expanded and collapsed by this time, but you still it says someone is eavesdropping!

    Of course the prudent thing to do would be to write your application so that it gives up once there has been found an eavesdropper with *100%* certainty. :)

    Anyway, once you finally get a key sent without a man-in-the-middle, you use that key as a OTP for more conventional uncrackable (no probability involved here!) cipher. Presumably with each message, you'd attach and encipher a new OTP along with it (or just use your LED to exchange a new OTP).

  5. PED, not LED by SpinyNorman · · Score: 4, Insightful

    IMO a single photon doesn't qualify as "Light".

    Calling that a LED would be like taking something that emitted single H2O molecules and calling it a tap!

    Bah humbug.

  6. Re:Still Waiting by Effugas · · Score: 5, Insightful

    I have no desire to keep on kooking. :-) That I am utterly convinced of something I cannot adequately argue is driving me *hard* to learn the necessary physics to address the topic reasonably.

    But I'll do a braindump, if only to see your reaction. Warning: Unbridled speculation based off a single plausible postulate follows.

    It's an interesting corrolary from crypto research that you can never be entirely sure a data source is truly entropic, as opposed to the output of even an adequately designed pseudo-random number generator. (Take a look at RC4 -- something that takes that little code to implement could certainly exist as a style of equation for atomic and subatomic scale apparently entropic output.)

    Knowing that one of the least understood but most significant errors in cryptography would be utterly unknown in any other field of research lends some credence to my thinking that at least some supposedly entropic processes are really pseudoentropic. It's not that I think physics people are "morons", like one person mailed me. By the contrary, they're some of the brightest people around. I just think they're underestimating the degree to which psuedoentropy, defined as a stream of "provably random" data derived from a single seed value, can mask actual entropy. GIGO, and all that.

    That being said, that I'm only slightly familiar with the apparently disproved "hidden numbers" theory that believes it directly addresses this line of thought has given me a great deal of humility. My hope is that the argument against hidden numbers tends to focus on easily detectable randomizers and is overapplied to higher level processes.

    Both Quantum Intrusion Detection and Quantum Entanglement, of course, make quite a bit of sense with a PRNG in place. Of course two particles can get entangled; if both can be forged with the same seed, they'll vary with exactly matched entropy. (We use this exact property when we use RC4 as an encryption system: By XORing against matched entropy, a sender can transmit to a receiver using what is indistinguishable from pure noise to anyone without the seed value.) But what would the "seed" be? Surely not position and velocity, even if it is tempting to discretize by Planck Length. I nominate direction, defined as degree of relative dimensional translation, but then I don't have much of a place to nominate anything :-)

    Whatever the seed value might be, once two particles match in any way, any subsequent measurements of both relative to eachother would tend to be uncomfortably related, even if analyzing each bitstream directly would evidence perfect entropy. And that's what we find from what little I know about the entanglement experiments. (Why yes, I'm throwing doubt on my own words to prevent other people from kooking out on my own gnawing musings.)

    As for Quantum Intrusion Detection, a correction that makes perfect sense, the presumption is that it's impossible to duplicate the seed values that give rise to the sender/receiver relationships. But entanglement is all about duplication of seed values, as for that matter is photon transmission through a non-vacuum. You can't hide the fact that states are related by simply saying that entanglement implies "states may change". Spins aren't just changing; they're changing in a manner predictable to one another. If that's possible, it's difficult to out-of-hand conclude that a supposedly intrusion-proof photon couldn't itself be split, and have its entangled partner measured upon the original having its state set. You could claim the newly split pair couldn't possibly have the same seed value -- but that's more of a technological challenge than anything else. Especially if direction is a seed value, four ninety-degree bounces would equalize direction.

    There's other stuff on my mind(most notably, some annoyance with the anthropomorphized concept of "observation" and "measurement" that could be abused to presume that the "observation" of dinosaur bones sent a signal sixty-five million years previous to establish the birth and death of dinosaurs in general and that specimen in particular), but I think I'll stop playing public kook for now. :-)

    Yours Truly,

    Dan Kaminsky
    DoxPara Research
    http://www.doxpara.com

  7. Umm.. not impossible by cybercrap · · Score: 1, Insightful

    You can spoof bob to alice and alice to bob and just intercept the signal and then resend it. FYI, alice= sender, bob= receiver. This encryption stops you from listening in, but you could just receive the signal, ie block it from bob and make alice think you are bob and then regenerate the signal and send it to bob and he would think you were alice. Or atleast so I would think.

  8. missed the point? by kresmoi · · Score: 2, Insightful

    I have read "The Code Book" but don't have my copy with me, so please correct me if I am wrong. The impression I got from the section on Quantum Cryptography was that single photons would be used to securely transmit a full length random encryption key, where an eavesdropper could be detected and/or avoided. This key could then be used in a type of encryption known as a Vigenere Square, which (according to The Code Book) has been mathematically proven to be unbreakable when used with a full length random key. In this way, the LED in the article could be one component of a truly uncrackable encryption system. You still need a viable means of long range transmission and detection to make it practical though...

  9. Random number generation by nairolF · · Score: 2, Insightful

    This SPED (single photon emmiting diode - we may expect this name to become nearly as commonplace as LED one day) also provides a cool way to implement a true random number generator.

    The basic idea is that, as far as we know, the only TRUE source of randomness in nature is the collapse of a quantum wavefunction. Basically, the state of a quantum system is really the superpostion of several "pure" states. When the system is measured (I won't go into what constitutes a "measurement", that's a never-ending debate), this superposition collapses into one of these pure states. Which state this will be is, as far as we can tell, entirely random. Only the probability of each outcome is known in advance. Besides this, all other physical processes seem to be deterministic. So any true randomness in nature must have its origin in the collapse of some wavefunction.

    How do we exploit this? Fire a single photon at a beamsplitter, then measure whether the photon has been transmitted or reflected. The outcome will be random in a true sense, the probability of each outcome will depend on the beamsplitter. But, importantly, there will be no correlation between successive outcomes if the transmission : reflection ratio of the beamsplitter is 1:1. If our two detectors (one for transmission, one for refection) aren't perfect and lose a photon, we can always fire another photon, so this should even work with imperfect detectors, like a CCD.

    This can now be implemented, all we need is a SPED, a beamsplitter and two CCDs. These can all be made pretty small, so might even fit on a chip, and hey presto! You got yourself a little hardware random bit generator. The only problem left is that the thing must be cooled to some pretty low temperaure.

    I've always been of the opinion that a random number generator should be hardware, not software.

    --
    "...Look on my works, ye mighty, and despair!"
  10. Re:color by AndrewRUK · · Score: 2, Insightful

    I think it may have a colour (but see below for why it may not). The wave-particle duality says that the photon has a wave associated with it, and that wave has a frequency given by dividing the energy of the photon by Plank's Constant (E=hf, or f=E/h) Whether it actually has a colour will surely depend on what that frequency is. If it is ouside the visable part of the e-m spectrum, it has no colour, in the same way that, for example, a radio wave has no colour.