Slashdot Mirror

← Back to Stories (view on slashdot.org)

Practical Quantum Cryptography

Posted by timothy on from the next-year-it'll-be-in-wristwatches dept.

Alien54 writes: "Saw this on Eureka Alert: A commercially available system for quantum key distribution and cryptography has been released by a spin-off company from the University of Geneva. The system has been tested over distances up to 70km (from Geneva to Lausanne) through standard optical fiber cables and connects to PCs via USB ports. Transmission rates of about 60 bits per seconds were achieved, sufficient for key distribution. You can see the original abstract here, which also has a link for download of the paper in PDF, Postscript, and other formats."

92 of 164 comments (clear)

  1. All I have to say "neato" by tomstdenis · · Score: 1

    Neato. When we get a "Quantum Crypto IP Backbone" that will be cool.

    Of course QC is really only secure when they are direct connections. So if we want to use routers and switches to make connectivity practical we will lose the security.

    This type of thing would be cool for businesses and such that want a secure connection with other branches or offices. They could do a token ring style idea where they relay from their own branches to reach a wide area.

    Tom

    --
    Someday, I'll have a real sig.
    1. Re:All I have to say "neato" by einer · · Score: 2, Interesting

      I'm obviously missing a great deal of information. I thought quantum cryptography relied on quantum computing, which as of now, doesn't exist. Anyone care to fill in this (egregious) gap of knowledge?

    2. Re:All I have to say "neato" by Carp+Flounderson · · Score: 1

      Quantum computing DOES exists. You can read up on the current state of things here. Quantum computing has been demonstrated with only a few qubits, which is all you need for quantum cryptography.

      --

      Color flashing, thunder crashing, dynamite machines.

    3. Re:All I have to say "neato" by Relic+of+the+Future · · Score: 2
      They're also working on a laser based system (Wired article, Sep) at Los Alamos. For other fiber-based systems, MagiQ is working on a similar system in New York City, while BBN is working on a link in the Boston area.

      The laser-based system hopes to eventually bounce the signals off mirrors on satelites, sending keys anywhere in the world. (For a price... good for diplomats and military I suppose.)

      The fiber systems are still in need of a repeater-like device before they can get more significant distances.

      --
      Those who fail to understand communication protocols, are doomed to repeat them over port 80.
    4. Re:All I have to say "neato" by zer0vector · · Score: 2, Informative

      Some ideas called quantum cryptography, such as using polarized photons (quanta of light) rely on the quantum mechanical properties of the photons, but not necessarily quantum computing. A good overview of how this works is included in The Code Book, by Simon Singh, I suggest you give it a look. Without going into the detail here, I can tell you that if the quantum cryptography he describes ever works it would not only be absolutely secure (this can be mathematically proven) but by its nature you could tell if someone was eavesdropping on the line.

      --

      ----
      Striving to put right what once went wrong, and hoping each time that his next leap, will be the leap ho
    5. Re:All I have to say "neato" by tomstdenis · · Score: 3, Informative

      Quantum Crypto is based on the transmission of photons or somesuch.

      The jist is if I send from

      A =====> B

      and someone traps the bits in the middle

      A ===/C/===> B

      e.g. an eavesdropper than they will change the spin of the photons and B will know [and in turn A].

      So with quantum crypto you can send from A to B without any real crypto and you will be assured that an eavesdropper cannot get the message.

      The big problem is this all requires direct connections.

      Tom

      --
      Someday, I'll have a real sig.
    6. Re:All I have to say "neato" by letxa2000 · · Score: 2
      The laser-based system hopes to eventually bounce the signals off mirrors on satelites, sending keys anywhere in the world. (For a price... good for diplomats and military I suppose.)

      If it's going to be bouncing light off of mirrors on satellites without actually modifying the light itself, I don't see how they can charge. Anyone that points the dish right can bounce it off the mirror. Of course it also seems you'd have no control of where it eventually ends up (since the mirror will be bouncing it to wherever the satellite is targetting it).

    7. Re:All I have to say "neato" by zeno_2 · · Score: 1
      So with quantum crypto you can send from A to B without any real crypto and you will be assured that an eavesdropper cannot get the message.

      I think an evesdropper could intercept the messagse just fine, its just that the reciever would know its been intercepted.. I might be wrong about this, but from what you say here

      .g. an eavesdropper than they will change the spin of the photons and B will know [and in turn A].

      Sounds like to me that they will still be able to look at the data, but they would know.

    8. Re:All I have to say "neato" by oldmacdonald · · Score: 1

      The trick is you send random data instead of the
      real message, so you don't care if someone
      has listened to it. If you find out that no
      one has, then you use the random data as a
      one-time pad.

      Quantum cryptography as practiced is more correctly
      called Quantum Key Distribution for this reason.

    9. Re:All I have to say "neato" by monkeydo · · Score: 2

      You kind of answered your own question didn't you? Sure you can bounce a LASER off of the mirror at random for free. If you want them to target the the mirror so the bounce goes when you want, you have to pay.

      --
      Si vis pacem, para bellum
      The only thing more annoying than a Libertarian is an (un|mis)informed Libertarian
    10. Re:All I have to say "neato" by Qcrypt · · Score: 1

      In fact, this swiss team is the leading (civil?) team in the world for practical cryptography through fiber. It was also the first one to use the fiber of an actual telecomunication network, is the first one to actually sell something, and to do it over such a long distance (67 km) Disclaimer: I work in the field of quatum cryptography (but not in Gisin's team)

    11. Re:All I have to say "neato" by Hater's+Leaving,+The · · Score: 1

      Can you use the same fibre for this quantum secure 60bps channel for your standard traffic too, or would they interfere?

      If you could do both in parallel, I can see this being a very tasty system indeed, being only the cost of the more expensive part (slow/secure vs. fast/not-secure).

      THL.

      --
      Keeping /. cynic density high since the fscking Kwhores/trolls arrived.
    12. Re:All I have to say "neato" by Qcrypt · · Score: 1

      >Can you use the same fibre for this quantum secure 60bps channel for your standard traffic too, or would they interfere They would dramatically interfere, the scattered light from the "normal" channal would blind the single-photon detectors of the "quantum" channel. Quantum cryptography will therefore remain expensive for a long time, since you really need a specific direct point to point connection.

    13. Re:All I have to say "neato" by Bluejay42 · · Score: 1

      Some posts seemed to be indicating that with quantum cryptography no encryption was necessary because the sender and receiver would always know if someone was intercepting the message.

      I thought that quantum cryptography was a means towards creating a reliable and truly random one time pad (quite unlike the previous claim posted on Slashdot). So A would send a stream of photons to B... B would measure the photons with one of two different measuring templates.... The eavesdropper could also try to measure the photons.... but she only gets one chance.... Now A and B talk on a public line. A asks B, how did you measure the first photon? If it is different than how A intented it to be measured... it is thrown out.... The ones that are left after this process create a random number that both A and B have.

      This random number can then be used for the OTP...

    14. Re:All I have to say "neato" by Hater's+Leaving,+The · · Score: 1

      Ah, OK. I was hoping that the two chanels could have been stuck on wildly different wavelengths.
      Ne'er mind.

      THL.

      --
      Keeping /. cynic density high since the fscking Kwhores/trolls arrived.
  2. Spin-off company by Anonymous Coward · · Score: 5, Funny

    Was it a spin-off company, or perhaps just a spin-up or spin-down company?

    1. Re:Spin-off company by saveth · · Score: 1

      It's a very strange, charming company, actually.

    2. Re:Spin-off company by 56ker · · Score: 1

      Wasn't that the same place that managed to transfer information faster than the speed of light using a quantum pair a while back?

      --


      Video Game cheats, hints a
    3. Re:Spin-off company by Qcrypt · · Score: 1

      >Wasn't that the same place that managed to transfer information faster than the speed of light using a quantum pair a while back? Yes and No : they never managed to transfer information faster than light, because it's impossible, but they made experimental tests of EPR correlations, which ivolves "faster than light" correlations in quantum pairs.

  3. I'm not so sure about practical... by Mithrandur · · Score: 4, Insightful


    As nice as this scheme might be compared to previous quantum cryptography schemes, there are still fundamental problemns with implementing quantum cryptography. First off, you need a single, otherwise unused optical fiber to connect the two boxes. This means running your own cable. There's really no way around that. You're not going to find unrepeated, unused fiber just lying around.

    --
    vi is my shepard, I shall not font.
    1. Re:I'm not so sure about practical... by Ozan · · Score: 2

      This means running your own cable. There's really no way around that. You're not going to find unrepeated, unused fiber just lying around.

      Actualy between 1998 and 2001 comapnies spent 500 billion dollars for fiber optic lines, analists aproximate the surplus of fiber optic bandwith at 95%. Unfortunately I have no english sources for the figures.
      Anyway the system is not supposed to be used by every internet user, I think at first the embassies in capital cities will be connected with it.

    2. Re:I'm not so sure about practical... by shibut · · Score: 2

      There is a lot of dark fiber out there (definitely in US, but also elsewhere), the problem is that it is not where there is likely to be demand for this type of crypto. The large urban metros (read: where gov'ts sit) are congestion points in general.

    3. Re:I'm not so sure about practical... by tomstdenis · · Score: 2, Insightful

      Yeah but QC mandates that this is point-to-point connections. You cannot use repeaters, routers or switches.

      So the type of networking fiber that telco's do and the type that QC requires are not compatible.

      [well the cables are the same, I meant the way they are laid out and used]

      Tom

      --
      Someday, I'll have a real sig.
    4. Re:I'm not so sure about practical... by Qcrypt · · Score: 1

      >meaning that any disruption of your connection for more than a few seconds causes you to completely distrust that fiber. No, and that is, the keypoint of QC : you suppose that a spy is actually tapping the fiber, trying to get as much information as physically possible. But you can measure the disturbance during the transmission, hence deduce how much information a perfect spy could have. After that, you can use mathematical techniques ("privacy amplification") to be sure the dpy doesn't know anything useful. In short: QC allows you to know wether a spy is here or not, and how good this spy can be, and you do NOT have to trust your fiber. Disclaimer : I work in the field of quantum cryptography and my opinions about it can be biased

  4. Commercially Available Product Link by slugfro · · Score: 4, Informative

    The conclusion of the article states that the system is currently commercially available. Here is a link to the QKD System.

    --

    -- Find the Truth...
  5. Re:Why quantum key distribution? by Hiro+Antagonist · · Score: 1

    I'm going to go out on a limb here and guess that the result of that equation is the number of times you've been turned down for a date?

    --

    --
    I Hit the Karma Cap, and All I Got Was This Lousy .sig.
  6. U.S. restricted? by drenehtsral · · Score: 1

    I wonder if it's legal to import these things to the united states?

    --

    ---
    Play Six Pack Man. I
    1. Re:U.S. restricted? by the_consumer · · Score: 1

      Unlikely, since it's being worked on here already.

      --
      "If you're thinking what I'm thinking, you're right." -
  7. What exactly IS quantum cryptography? by Hemos+(editor) · · Score: 1, Informative

    I found a site that explains why classic cryptography suffers when compared to the benefits of quantum cryptographic methods.

    The site is located at http://www.qubit.org/intros/crypt.html, and is part of the Center for Quantum Computation (Oxford University).

    Here's a nice basic overview of QC from the site mentioned above: "While classical cryptography employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, in quantum mechanics the information is protected by the laws of physics. In classical cryptography an absolute security of information cannot be guaranteed. The Heisenberg uncertainty principle and quantum entanglement can be exploited in a system of secure communication, often referred to as "quantum cryptography". Quantum cryptography provides means for two parties to exchange a enciphering key over a private channel with complete security of communication."

    Linux > Help > About

  8. A little background on QC by guest · · Score: 5, Informative
    Quantum Cryptography can be a bit hard to get your head around, if you're interested at all in the topic you can take a look at this page for the some of the basic ideas and history behind QC.

    --
    pw:secret
    1. Re:A little background on QC by TheLibra · · Score: 2, Funny

      Sounds like an interesting cryptography technique, and I'd be really curious to see how Quantum Cryptography compares to Biomorphic Sequence Generators such as the Bodacion.

      If the reader just blinked at that question, there's an article that explains it somewhat.

      http://www.suntimes.com/output/zinescene/cst-fin-e col16.html

      The Libra
      "I am Homer of Borg. Prepare to be...Oooo! Donuts!"

    2. Re:A little background on QC by TheLibra · · Score: 1

      I read it... okay, well, here's a brief explaination of both, as far as my uneducated mind can assess them. Please excuse the spelling, as they didn't teach us grammar or spelling in the GT classes...

      QUANTUM CRYPTOGRAPHY: Uses the Heinsberg Uncertainty Principle to create cyphers that are more or less random. Somehow light patterns were involved, using filters that polarize the light, then repolarize it... about this time I lost interest. Not because it wasn't a great article, it just got a bit deeper that I care to read about right now.

      Biomorphic Sequence Generator: Uses patterns of colony-growth to create hundreds of thousands of algorithmns, each one growing and shrinking like a colony of bacteria. Sort of similar to the old DOS-based "Life" game, where you create bacterial colonies and then see whether they thrive or die, or create neat recurrent patterns.

      How exactly do these two types of cryptology start off from that to becoming a cypher that can be read by the needed parties, but not by others is far beyond me... and is probably a secret anyway.

      The Libra
      "We're heading deep into the center of the Earth where a race of mole-people are working 24 hours a day to debug the latest version of Internet Explorer" - Three Dead Trolls in a Baggie

    3. Re:A little background on QC by curb · · Score: 2, Informative

      or this

    4. Re:A little background on QC by nazgul000 · · Score: 1



      Seems this page is a Slashdot victim due to Tripod's bandwidth limits...

      Google's cache of the page is here.

  9. The RIAA Should Fund Quantum Research by PhysicsGenius · · Score: 5, Funny
    I like my free MP3s, so don't spread this too widely: I've figured out a fool-proof method that the RIAA can use to "digitally manage" their intellectual property by using quantum computers.

    You probably recall how quantum computation works: essentially you shove all the extra computation off into parallel universes and then get the answer back when it comes. Why not expand on that idea and use quantum file storage? The RIAA can create CDs where only part of the audio track exists in our universe and the rest is retrieved from parallel universes by your quantum audio system. This makes file copying mathematically impossible.

    Now someone is probably going to pop up and say "well, I can pirate the signal after it has been revirtualized from the quantum foam". I'm glad you brought that up because it leads right into phase two of my idea. In order to listen to music, all consumers would be have sound-decoding chips implanted in their brains. The music would be beamed directly into your head from your audio system.

    Thus we see that file copying can be made impossible by those that are willing to pay the price of our freedom. The only solution is to keep quantum computers from becoming a reality

    1. Re:The RIAA Should Fund Quantum Research by gumby42 · · Score: 1

      again, if you can hear it, you can record it...you won't get a perfect signla, but you'll be able to get a fairly good signal...then once it's out there, people can use quantum cryptography to keep the RIAA from seeing what they are doing....that which giveth taketh away

    2. Re:The RIAA Should Fund Quantum Research by jeffy210 · · Score: 1

      I know this is satire and I find it quite funny, but i like to play Devil's Advocate...

      What if someone manages to get ahold of one of the chips that goes in your brain... after all, it's only electronic impulses.

      --
      ------
      "And may your days be long upon the earth."
    3. Re:The RIAA Should Fund Quantum Research by Quixadhal · · Score: 1

      Well, there are an infinite number of parallel universes, and so presumably there would be one where the 3viL haX0Rz have already written a client that will spawn multiple connections to universes with different quantum levels until it gathers all the song data back together (and boy, that conversion from anti-matter to matter before the recombining was a pain!).

      So, given that it isn't written in the United States (where export of encryption is illegal overseas, and punishable by death across universe boundries), we should be able to just download it from an IRC server in one of the parallel Finlands.

      Of course, having to wear a metal bowl on your head to pick up the signals as they're rebroadcast might make you looke kindof silly...

  10. Not secure by Henry+V+.009 · · Score: 1

    Not nearly secure. Physics protects this communication from straight interception. However, it does not protect it from interception and then retransmission. But cool buzzwords. They'll make a little bit of cash before the con is up.

    1. Re:Not secure by sfeinstein · · Score: 5, Informative

      Actually, quantum physics protects key distribution from retransmission. One of the fundamental benefits of quantum cryptography is the reliance on the principle that measurement affcts that which is being measured. In short: it is possible for the sender / receiver to determine if their key was intercepted by using unsecure communication of other information that doesn't benefit anyone else that may happen to see it. For a great explanation of how to protect your key distribution in this way, see this article in the New Scientist.

      --
      "Whether or not you believe me, I'm right" -RWF
    2. Re:Not secure by Henry+V+.009 · · Score: 1

      Wrong. Read the article. In order to use this method, they each need to know each other's polarizer settings. Which means they have to share some key. (01110 might mean 45 90 90 90 45 degrees or somesuch). Which means you need a key to transmit your secure key. Anyone with access to the first key can retransmit the key that you are trying to send.

    3. Re:Not secure by Henry+V+.009 · · Score: 2

      Post Script To clarify. The polarizer settings can be shared afterwards, but not in a manner secure from interception and then alteration to make it look like like the photons were not intercepted.

    4. Re:Not secure by NoMoreNicksLeft · · Score: 2

      Wrong. The beauty of it, is that the settings don't have to be known. You call up over the phone, and check against each other... and the info you exchange in the phone call isn't the settings, just what you observed. If both observations match, then it wasn't intercepted. In this way, it's impossible to know the settings... without those, retransmission will fail.

      Still doesn't prevent truly paranoid stuff, like someone installing BO on your computer, and eavesdropping on the unencrypted stream.

    5. Re:Not secure by Lemuel · · Score: 1
      They don't need any key to share their polarizer settings. They can put the settings in the newspaper if they want. By the time an eavesdropper would get the settings it would be too late to use them.


      No key exists until the sender tells the receiver which of the receiver's settings were correct. Both sides then use some agreed-upon approach to turn the readings from the correct settings into a key. The only step at that point is to have both sides compare a subset of the resulting key to check that the data stream wasn't corrupted by an eavesdropper.

    6. Re:Not secure by God!+Awful · · Score: 1

      Wrong. The beauty of it, is that the settings don't have to be known. You call up over the phone, and check against each other... and the info you exchange in the phone call isn't the settings, just what you observed. If both observations match, then it wasn't intercepted.

      Unless the man in the middle intercepts your phone call. Sound implausible? He intercepted your data traffic somehow, didn't he? Or you can put an ad in the paper. But what if the man in the middle calls up the paper as well to correct a 'mistake' in the ad you posted. Or you can post to a newsgroup, but so can he. You can't beat the man in the middle without a shared key of some kind.

      -a
      --
      How to rationalize theft.
    7. Re:Not secure by NoMoreNicksLeft · · Score: 2

      This doesn't work either. The man in the middle might try this, but he will be revealed when the two participants check their observations against each other. Remember, this isn't encryption itself, so much as a way to securely distribute keys.

    8. Re:Not secure by God!+Awful · · Score: 1


      This doesn't work either. The man in the middle might try this, but he will be revealed when the two participants check their observations against each other. Remember, this isn't encryption itself, so much as a way to securely distribute keys.
      Non-sequitor. How do the two participants check their results against each other? That's the problem. I write encryption software for a living, so I'm not just babbling here. The quantum key distribution is analagous to a Diffie-Hellman exchange. The principle advantage is that the DH is subject to cryptanalysis and brute-force cracking, whereas the quantum key exchange is not. However quantum KE, like DH, is not secure without proper authentication.

      To do authentication, you need some kind of key. The "key" does not have to be a literal string of bits. If you phone the other guy and you recognize his voice and you believe that the man in the middle could not possibly intercept the call and fake your friend's voice, then you could consider your friend's voiceprint to be a form of key.

      -a

      --
      How to rationalize theft.
    9. Re:Not secure by NoMoreNicksLeft · · Score: 2

      If you're talking about some Col Waresque plot that involves a Russian KGB agent who has trained 20 years just impersonating your friends voice, and he is perfect, and also has the tech to intercept and then retransmit, well then I suppose you're screwed.

      But if you're that paranoid, what's to stop some psychic or savant from somehow guessing the key? Miss Cleo might not be able to testify against you in court, but if she could decode your trade secret for the competitors...

    10. Re:Not secure by God!+Awful · · Score: 1


      If you're talking about some Col Waresque plot that involves a Russian KGB agent who has trained 20 years just impersonating your friends voice, and he is perfect, and also has the tech to intercept and then retransmit, well then I suppose you're screwed.
      FYI, we already have multiple cryptographic techniques for key exchange. For example, there's the Diffie-Hellman protocol that I alluded to earlier. With DH, you can still do all the same paranoid stuff you can do with quantum key exchange, such as publishing your vectors in a newspaper or on a newsgroup or phoning the guy and analyzing his voiceprint. But in practice, no one does that, because people use RSA for authentication, and you only have to exchange the RSA keys once. Of course, the weak link in the chain is now the authenticity of the RSA key, which you now have to publish on a newsgroup or webpage, or distribute through PGP web of trust.

      So what is the advantage of quantum key exchange over DH? Well, if someone listens in on the DH exchange, they can store the keys and then crack them 10 years from now with their $100 billion brute force cracking machine or their quantum computer. Before they do this, they have to intercept your keys, which means that they are probably either the government or AT&T. In either case, what's so improbable about them intercepting your phone call?

      Also, note that you currently have to have a dedicated fibre line connecting you to the person you want to talk to, but for some reason, you didn't want to just meet with them ahead of time to decide on an authentication key. Now who's talking KGB plot?

      -a

      --
      How to rationalize theft.
  11. NSA by gumby42 · · Score: 1

    put that one in the NSA's pipe and smoke it.

    1. Re:NSA by Rhinobird · · Score: 1

      They probably already have a full blown QC communication system deployed. Also probably already have a working quantum computer or two in thier basement decoding everybody's cyphered transactions in real time. Probably have a profile on you and knew you were gonna say that before you did.

      --
      If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
    2. Re:NSA by erlenic · · Score: 1

      The goal of QC is to distribute a ONE TIME PAD, which makes it different than what you are saying, and in fact makes gumby42's comment make sense, and your's look foolish.

  12. Just in time... by NOT-2-QUICK · · Score: 3, Funny

    Great...all my encryption problems are solved!!! And not a moment too soon, either...

    After all, I was getting a bit nervous with respect to my encryption needs in light of the retirement of further development of PGP and the possible inadequacies of GnuPG... :-)

    --
    Beer is proof that God loves us and wants us to be happy. -- Benjamin Franklin
    1. Re:Just in time... by killmenow · · Score: 2

      Not to mention: all your keys are insecure
      ...or should I say, all your keys are belong to us?

  13. What's quantum cryptography/key distrobution? by moniker_21 · · Score: 3, Informative

    Well, I wasn't too sure, so I dug up some links to try and help myself and others understand this:
    http://research.microsoft.com/~gottesma/QKD.html
    http://www.qubit.org/intros/crypt.html
    http://www.ecst.csuchico.edu/~atman/Crypto/quantum /quantum-index.html

    The last link is particularly +1 insightful about the basics of quantum cryptography.

    --
    I posted to /. and all I got was this stupid sig
  14. The company is: by Alien54 · · Score: 4, Informative
    The Company is: ID Quantique.

    Home Page here:

    www.idquantique.com/index.html

    --
    "It is a greater offense to steal men's labor, than their clothes"
  15. Pay attention, you dolt by Anonymous Coward · · Score: 1, Funny
    From the original and highly innovative post:

    Now someone is probably going to pop up and say "well, I can pirate the signal after it has been revirtualized from the quantum foam". I'm glad you brought that up because it leads right into phase two of my idea. In order to listen to music, all consumers would be have sound-decoding chips implanted in their brains. The music would be beamed directly into your head from your audio system.

  16. Re:Ah but once you know the key... by zer0vector · · Score: 2, Insightful

    Thats a very good point. Quantum cryptography is essentially a form of One-time pad cryptography, which is an algorithm that uses a completely random assortment of characters as the key, and each key is used only once. This type of cryptography is said to be absolutely unbreakable, and in a realistic sense this is true. However, using brute force one can decode the possible message, but included with that you will get every other possible message that is of the same length as the encrypted message. This is what makes quantum cryptography so secure.

    --

    ----
    Striving to put right what once went wrong, and hoping each time that his next leap, will be the leap ho
  17. Sneaky by africanswallow · · Score: 1

    Are those spelling mistakes OCR typos or a secret embedded message? Oh well, noticed it now, I guess the gig is up.

  18. baryon with me for a minute by s4ltyd0g · · Score: 1

    It only comes in three colors.

  19. Not exactly... by mbessey · · Score: 2

    What makes the transfer secure is that the two parties involved don't reveal their polarizer settings until AFTER the bits have been transferred. By which time, it's too late for the "man in the middle" to go back and change his answers.

    It's really quite clever...

    -Mark

    1. Re:Not exactly... by Henry+V+.009 · · Score: 2

      I know. You missed my postscript.

  20. more reading here... by bje2 · · Score: 3, Informative

    if anyone wants to read more look for this book which covers the history of cryptography from ancient egypt to quantum cryptography...i read it, and it was extremely interesting from a mathematical and computer point of view...it includes a whole section of the theories behind quantum computing and quantum cryptography...

    --

    "Facts are meaningless. You could use facts to prove anything that's even remotely true." - Homer Simpson
  21. Doh! by CaptainPhong · · Score: 1

    And I just bought a newtonian key distribution system! The vendor told me quantum mechanics was nonsense.

    --
    ... "Give me a woman who loves beer and I will conquer the w
  22. Re:Money isn't everything... by Bearpaw · · Score: 1, Offtopic
    If the tax tables were uniform then the "rich" would still pay more money.

    Still pay more money? [laugh] "Only the little people pay taxes."

  23. QC solves confidentiality, but not authentication by The+Pim · · Score: 3, Interesting
    I've heard it said that, if QC proves practical, the code-makers will have a final victory over the code-breakers. This seems true at first: there is absolutely no way, in theory, for anyone but the recipient to receive the message.

    But how do you know who the recipient is? QC offers no authentication. If you have to use public key for authentication, what advantage is gained by using superior methods for confidentiality?

    The only one I can think of is that, with conventional cryptography, you can capture the data stream and crack it "off-line". I suppose that this is significant: with QC you only have to worry about whether they've cracked your private key (that you will use for authentication) already, not whether they can in 100 years (because you've used it for encryption).

    Another argument might be that it is easier to eavesdrop on a channel than to redirect it. But that seems like a dubious assumption, if the enemy is determined.

    Thoughts?

    --

    The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
  24. Those light-beam duplication experiments? by Arakonfap · · Score: 1

    A while back there was all these studies and experiments about duplicating light beams. I recall mentions of quantum entanglment and such (stuff that's used in these secure quantum transmision schemes).

    Could one of these duplication beams be used w/out being detected? I know normal reception and retransmission IS detectable.

  25. Re:quantum = lame by Kenja · · Score: 1
    Now hear this, secure comunication is usless.

    "this is useless you linux fags!" They have linux on packets of cig's now?

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  26. M$ also announced a competing product... by feloneous+cat · · Score: 1

    However, like many of their announcements, they couldn't place a time or date when it would be released...

    --
    IANAL, but I've seen actors play them on TV
    1. Re:M$ also announced a competing product... by GMFTatsujin · · Score: 1

      More likely they either knew what they were releasing, or when they were releasing it, but not both at the same time...

      GMFTatsujin

  27. Re:Next comes the mindset by mmacdona86 · · Score: 2

    I certainly hope not. Most of the philosophisizing about quantum mechanics that makes its way into popular books is crap. They miss the crucial distinction between "unknown" and "indeterminate," and in so doing give quantum mechanics some spooky relationship with consciousness or a universal oneness that it just doesn't have.

  28. We must thank the cat by r_j_prahad · · Score: 5, Funny

    Schroedinger's cat may have sacrificed its life to make this product a reality. Or maybe not. Only Heisenberg knows for sure.

  29. Re:60 bits/second doesn't seem useful by rusty0101 · · Score: 1

    Using a 60bps channel to send a 3600bit key would take one minute. Encrypt the data to be sent via conventional high bandwidth transmition with that 3600bit key for one minute, meanwhile send another 3600bit key via the 60bps channel. Or if 3600 bits is not secure enough for you, use an even larger key, sent over a longer period of time.

    Alternatively, send a 60 bit key every second for a 8092 bit key embeded in the high bandwidth data stream, use the 8092 bit key to decrypt the next second's block of data.

    The important part is to understand that only the sender and the recipient have the keys. As I understand it the process itself is generating non-crackable keys.

    Then again, I could be wrong.

    -Rusty

    --
    You never know...
  30. So Funny! by sweatyboatman · · Score: 5, Funny

    Man, you made my day. This may lead some to wonder how boring my day is. It's pretty boring.

    "RIAA can create CDs where only part of the audio track exists in our universe..."

    I would bet this appeals a lot to RIAA. But why stop there? From what I understand they're looking for a way to sell you the CD so that there's actually no music on it.

    Perhaps just a recording of one of the executives in charge saying "Thank you for purchasing this digital music container device. We assume that you have a computer and have downloaded countless megabytes of our copyrighted material. Therefore, we have pre-removed the equivalent amount of data from this CD. Enjoy." Followed by 71 and 3/4 minutes of silence.

    Sweat

    --
    It breaks my pluginses, my precious!
  31. Similar thing happened to a friend of mine. by Rhinobird · · Score: 1


    yeah, I know a guy that got fired from his job at Boeing for proving that his anti-gravity system worked. Boeing wanted non of it, told him that 'This company obeys the laws of physics'.


    Can you direct us to a page with his proof on it? From what I've seen if Eve is trying to listen, then both ends know about it and can send a bouncer type to go kick Eve's ass off the line...If your friend can provide an example of how QC can be broken then I think all of slashdot would like to hear it. (the rest of the world is unimportant)

    --
    If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
    1. Re:Similar thing happened to a friend of mine. by micromuncher · · Score: 1

      On a serious note...

      I really want to be specific. The problem is, and this isn't a cop out, we all signed serious non disclosure agreements. If I disclose specifics about the technology we worked on, or how we got ourselves fired, our former client would immediately know who we were and I have absolutely no doubt I'd have the wrath of a public company on my ass claiming massive damages.

      Let's just put it down to me being clueless and obviously not understanding how it works. "It is easier to discount than to disprove."

      Have you ever noticed how many companies involved in security have more lawyers employed than software developers?

      M.

      --
      /\/\icro/\/\uncher
  32. Re:Next comes the mindset by thornist · · Score: 1

    Some philosophizing is that crass its true, but if you actually read Penrose or Zohar they're not playing off on the "indeterminacy" "mystical" cheap shot, they're actually examining how the underlying reality model of quantum physics does encourage a more holistic interconnected view of things where multiple effects are complexly related to multiple causes, at some times unbounded by traditional constraints on space and time.

    To me it works against mysticism by drawing into rational frameworks of thought phenonema like consciousness which are impossible to analyse comprehensively within the framework of Newtonian mechanistic physics.

    Like many "alternative" things being forced to exist on the fringes of mainstream thought attracts the kooks who habituate those fringes. So yeah some of its crass - read the good stuff.

  33. VB35 VL563OG G36JL5JV 6L45J3LN by circletimessquare · · Score: 2

    F4RVVMI0-4MV4K3-GNJWRLNVUWILSNVH47 TP9MTJ894PW3MJSK4L;M49TIMAJK TMVAKL;TMAW4K950[MAWVK9T[MK9PUD56MO/8NK 4SW-90A-94 8I3E-90 9Y5-4]Y59S,BOKSY;'5GB L; YL;SE,L YR;E'KAO P34[I693 A[90[ ZGFKGL;/ ,GL;D'F KGLSDF;'G DSFG,DFLG;D L; C3D1JKCN00892N5VFKLMD31NOV VTN5UIONT

    And that completes our tour of Hilbert Space. Any questions?

    Oh for crying out loud! Who let that cat in here? Now I don't even know what i said. That's one dead cat if I ever get my hands on it.

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  34. Re:Money isn't everything... by FrostedChaos · · Score: 1

    Let me be honest as well, then. It is human nature for government bureaucracies to be sluggish, inhumane, and extremely corruptible. Why should the government of the good old US of A be any different? Your assumption that money would be better off in the hands of the government than in the hands of the people who made it is ridiculous.

    A lot of government money ends up spent on socially destructive programs like welfare, or given out in "pork-barrel" contracts in order to strengthen some politico's bargaining position. And a lot of the government programs that are worthwhile, like NASA, get almost nothing.

    So think before you call for bigger government. Most of the "big" governments of the twentieth century have not been nice places to live... or die, as the case may be.

    --
    "Any connection between your reality and mine is purely coincidental." -Slashdot
  35. Re:Ah but once you know the key... by AndroidCat · · Score: 1

    And what happens when someone sends you a message about the health of your cat?

    --
    One line blog. I hear that they're called Twitters now.
  36. Re:Ah but once you know the key... by FrostedChaos · · Score: 1

    understand you not speech mine? Electron probability mass function finding quantum receive construct indicates packet dependency allows.

    --
    "Any connection between your reality and mine is purely coincidental." -Slashdot
  37. Re:Money isn't everything... by ncc74656 · · Score: 2
    If the tax tables were uniform then the "rich" would still pay more money.

    Still pay more money? [laugh] "Only the little people pay taxes."

    Hmm...so if the top 1% of income-earners pay more than a third of all income tax revenue, the top 5% pay over half, and the top 10% pay nearly two-thirds, how do you arrive at the conclusion that "only the little people pay taxes?"

    (Source: http://www.atr.org/talkingpoints/012202tp-2.htm)

    --
    20 January 2017: the End of an Error.
  38. Re:VB35 VL563OG G36JL5JV 6L45J3LN by Vintermann · · Score: 1

    Hmmm, your encrypted data does not look statistically random to me :-) Try this instead ...

    qANQR1DBwE4DmBod8oWMnB5+t0opVD15zJPHNvLYF1MxaUOy 3K KqtXZb3ljA/oM98PLKjfAhfRqbo1JqO4UUYUu25djiS7Ove45l pmoaSycP8T+usdqcJFtNwUrTelCNEUe9dJPbXGuGgR7JjzA9Xx 6dzu76z3XH/rf51Tx1iM8bI7EcT1ijfWt8s59J/JZpHbxJ1Vxa PHYchy

    --
    xkcd is not in the sudoers file. This incident will be reported.
  39. The mandatory swiss joke by stud9920 · · Score: 1
    Only those knowing the Swiss' reputation will get it, but here it's :
    Transmission rates of about 60 bits per seconds
    Well that's pretty fast for the swiss...
  40. Re:60 bits/second doesn't seem useful by SIGFPE · · Score: 1

    It might not be useful to you. But can you speak for the needs of everyone in the world out there who needs to send information securely?

    --
    -- SIGFPE
  41. Re:Easy to break. by micromuncher · · Score: 1

    If I may cut and paste a bit o' text:

    "Los Alamos quantum cryptography uses photons randomly polarized to states representing ones and zeroes. Polarization refers to the direction of oscillation for the electromagnetic wave of a photon. These polarized photons are transmitted between sender and receiver to create a random string of numbers known only to the sender and receiver. This string of numbers becomes a quantum cryptographic key that locks or unlocks the encrypted messages that are sent via normal communication channels. Because the photons cannot be intercepted without tipping off the receiver, the quantum cryptographic key is secure and the data is secure."

    So, what is the crux of the security... "Photons cannot be intercepted without tipping off the receiver..."

    Really? So man in the middle cannot happen; let's just accept that on blind faith, and quantum cryptography will work. Now, never really believing in blind faith, lets think about how we can be man in the middle without tipping off the receiver, or how about who cares if we do. Don't think about the theory; its not as important as the application.

    I drop fibre between A and B for key generation. I turn the magic switch and let the no key sync take place. WTH I just noticed my data is bad. A and B reset. How do I know I am still directly communicating? I jump through a bunch of hoops to make sure my twin is who I think it is and not some doppleganger... now the security is in your authentication/restart procedure, not the theory.

    --
    /\/\icro/\/\uncher
  42. Re:60 bits/second doesn't seem useful by mike_g · · Score: 2, Interesting

    The 60 bits/second is only used for the key exchange. The key is for a ordinary symmetric cipher, such as RC5, DES, AES, or Blowfish. For example a 64 bit key for RC5 would take slightly over a second to transfer. And our friends at distributed.net have been working on breaking a 64 bit RC5 messages for the past four years and still have not exahausted the keyspace. Symmetric ciphers have many more valid keys per bitsize than asymmetic ciphers, giving you stonger protection. Keys for symmetric ciphers don't need to be as large as those for asymmetric cipers, 60 bits/second is a little slow, but definitely adequate.

  43. Re:QC solves confidentiality, but not authenticati by moyix · · Score: 1

    Redirection isn't a problem either; to redirect the stream you'd have to observe it, and by observing it you will change it, and make it impossible to view the messages.

    I guess you could always kill the recipient and read his messages, but any form of cryptography short of biometric (and others have pointed out the flaws in that) will be vulnerable to that attack.

  44. My day must be more so by raahul_da_man · · Score: 1

    Because I found your comment amusing. The only problem with the 71 and 3/4 minutes of silence is that before long people will clamouring for those CDS. What is preferable, N'sync or 72 mins of silence?

  45. Re:QC solves confidentiality, but not authenticati by The+Pim · · Score: 2
    Redirection isn't a problem either; to redirect the stream you'd have to observe it, and by observing it you will change it, and make it impossible to view the messages.

    I mean interception, not man-in-the-middle. I cut your fiber and read your photons, without trying to pass them on to the intended recipient. Then, when you try to contact the recipient over some "conventional" channel for phase two (comparing the polarities on the two ends), I intercept that, and we discuss the polarities I intercepted. You require that my messages be signed by the intended recipient, of course, but I've broken RSA, so no problem. Then, you send the message xor'ed with the random bits, and I intercept that. I've stolen the message, and you're none the wiser.

    --

    The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
  46. Information Security magazine article on quantum c by dejesus · · Score: 1

    Here is an article in Information Security magazine explaining how quantum cryptography works and why it is significant:

    http://www.infosecuritymag.com/articles/august01 /f eatures_crypto.shtml

    "Don't touch anything."

    --
    The Law of Falling Bodies
  47. Re:Money isn't everything... by GMontag · · Score: 1, Offtopic

    Because he is parroting leftist "ideas" using the interesting vehicle of quoting from a convicted, wealthy, tax evader. From one example he supports his whole "theory."

    Gives some insight to what /.ers percieve as truth, since everything with a valid point was modded down and his crap keeps a 2.

    Thank you for the real stats, but I am sure you will be attacked for not being specific enough, or one of the AC chickens will be pouncing on your syntax.

    --
    Eve Fairbanks says I drive a hybrid!LOL