Slashdot Mirror
Quantum Cryptography In Action
Whitney Wyatt writes: "Discover magazine outlines the first successful laser photon communication utilizing Quantum Cryptography. Called 'Perfect Encryption,' quantum encryption sends the key with the message, however it is impossible for an eavesdropper to intercept the message without changing it. One can only wonder what the FBI will do."
One can only wonder what the FBI will do.
Why, outlaw quantum mechanics, of course!
Quando Omni Flunkus Moritati
My quantum computer is going to show both Intel and AMD who's boss!
They won't know why to do with their piddly little silicon processors after they experience the speed at which my quantum computer will work.
Now I find out that I will be able to send encrypted messages that not even the FBI and intercept. Gotta love quantum theory!
Could states outlaw this?
Or is this so complicated that only states and not criminal indivduals can use it?
Martin
They'll simply declare that, like plutonium and surface-to-air-missiles, it's something that they can't abide the public owning, and will outlaw it. What else could they do?
Now that we have quantum cyptography it looks like we finally have reached the "uncrackable" code.
This is not a sig
wht not just intercept the message and process it, then send out the same thing that came in, rather than just relaying it along and ampliphying it like a normal way of intercepting messages, sure there would be a slight lag(whatever the distance in the circuit is devided by the speed of light), but i doubt you can timestamp every photon..
The Truth: There is no string:)
We should all realize by now that words such as "never" and "impossible" do not exist in technology's dictionary.
.. means nothing. Research, research, research. We will get there, especially with government dollars backing it.
So, right now we can't eavesdrop without modifying
Jason
This stuff is getting pretty heavy, but it seems the technology to break this type of cryptography is already in early stages of research. Check out this New Scientist article.
As the article says, it cannot be read without changing it (eavesdropped upon, rather). Then how can you send it anywhere? I think that a minor disturbance would cause just enough change to make it unreadable. If you can't send it anywhere, then how can it be useful?
It's an interesting article that outlines many of the considerations and hurdles one encounters in this field, but there's no breakthrough here. We haven't had a breakthrough since December, 2000 when researchers at UCSB built their latest prototype capable of consistently detecting such photons. We're bound to make some more breakthroughs soon, it's premature to say we already have recently.
If you're still not clear on the whole quantum cryptography deal, idquantique.com has a good introduction (pdf, of course).
Guys, this isn't something that will be showing up in our homes - or even large corporate offices - for years. Decades, maybe. Once this moves out of Los Alamos and into what I will call, for want of a better term, the "real world", there may be export restrictions on this, just as with PGP. That's all, I'll bet. And for now, I doubt there will be *any* legistlation.
I'm the stranger...posting to
Look how far we go to avoid trusting one another...
It's a fallen world...
...and has so for the past 2000 years.
It's called a one-time pad.
So, before everybody and their brother starts talking about how the NSA can already break this, remember that you can, quite easily, build a 'uncrackable' cypher.
And it'll never be breakable, provided you take some sort of security measures. But if you're paranoid, you already do most of those.
Sorry, this is just a preemptive strike against 'the government can monitor my thoughts" crowd.
Back to your normal high S/N ratio.
What this means is that the message can only be read once, not that the message is impossible to decrypt. The government still has the same job it's always had.
Plus the distances involved are microscopic. For this to matter much to the government the single quanta of data has to last long enough to travel a significant distance.
Sorry to bring bad news, but quantum cryptography is unlikely to become available to the likes of us. The reason:
Alice and Bob have a length of optical fibre running between them, and are using quantum cryptography. Eve attempts to evesdrop, but is unable to do so without changing the information in the signal (polarisation etc). Eve is foiled. Hurrah!
Now imagine that Alice and Bob are mere mortals and get to use the phone network like the rest of us.
The system they use is a standard fibre & router system, but the actual fibre is encrypted. What is Eve to do?
Answer: She installs a tap on the repeater, because quantum crypto only works over single lengths of fibre.
As if by magic quantum cryptography only becomes useful to people who get to dig holes in the road, such as phone companies, big business and the government. We little people don't even get to play the game.
No, as far as i understand you can only read the message if you have the key. And you have only one chance to try.
Quantam computers are the only ones which have the processing power to break what is in essance, the one time pad used by light (quantam cryptography). When computers came along at the end of WWII, we could start stabbing at one time pads and Zeta functions, which are almost as difficult to crack. Now, we are back at that pre WWII stage where Pads are near impossible. Now, quantam cryptography on its own is vulnerable to brute force cracking, as all encyption is. What makes it secure is the fact that you can't intercept it. And already some universities have been plying with induction-based pickups for fiber optics.
Sig (appended to the end of comments you post, 120 chars)
Liquid helium and quantum boosters that are only about a decade away... Why not post a story about personal rocketships whisking us away to the surface of Mars?
First, I'd like to point out that quantum computation and quantum encryption are two almost completely separate concepts. Quantum encryption is based on the fact that quantum states cannot be measured without altering. The most common example is the polarization of a photon, but it will work for any quantum state, so long as there exist, effectively, two unique states that can transmit the data.
Quantum computation, however, is much more complex and much more interesting. Quantum computers are based on the concept of quantum entanglement, the ability of a quantum state to exist in a superposition of all of its mutually exclusive states: It's a 1 and a 0. However, this is not as easy to use as one might think. While it's true that if you have n quantum logic gates you have the ability to input 2^n data values simultaneously (as opposed to only 1 piece of data if you have n digital logic gates), this is not going to be the end of classical computing for a few reasons. First, quantum computers have to be perfectly reversible. That means for every output there's an input and vice versa. And there has to be no way of knowing the initial states of the data. You don't process data, you process probabilities in a quantum computer; if you know exactly what any one value is throughout the computation, you can find out all of the values: the superposition ends and you're stuck with a useless chunk of machinery. This means YOU CAN ONLY GET ONE RESULT FROM ANY QUANTUM COMPUTATION, THE END RESULT. You can't see what the data in the middle is or the computer becomes useless. (Landauer's principle makes heat loss data loss. When your processor gets hot, it's losing data. If the same thing happened to a quantum computer, it wouldn't be quantum anymore.) Decoherence is what happens when you randomly lose data to the environment by design, not by choice, and the superposition ends. This is bad for Q.C. Oh, and quantum computers can only do *some* things faster, like prime factorization and discrete logarithms. Not multiplication or addition. Plus, the circuits that would do basic arithmetic would be bigger and slower than what you've currently got.
So what does this all mean? It means that quantum computers are going to provide some advantages (real quick big number factorization), and some disadvantages (that whole RSA standard). The most realistic initial use of quantum computers will be as add-ons to existing super-computers to resolve certain types of NP-Complete headaches that regular math can't simplify yet. At best they will someday be an add-on to your PC; but they will never replace the digital computer.~
If you want more info, check out http://www.qubit.org, it's got some decent tutorials.
The problem would be in intercepting it in the first place. An interceptor has only one shot at properly decoding each photon. Since an interceptor would get possibly 50% of them decoded incorrectly, they wouldn't be able to decode the message nor repeat the original message.
My Company
What this means is that the message can only be read once, not that the message is impossible to decrypt. The government still has the same job it's always had.
Plus the distances involved are microscopic. For this to matter much to the government the single quanta of data has to last long enough to travel a significant distance.
We all know deep down that the big concern is he-who-is-not-to-be-named, namely Osama bin Laden. The thing is though, that it's not likely that he will get his hands on this laser-o-doom. Even if he did, he couldn't likely use it, as it probably requires a direct line of sight. Fiber uses the principle of total internal reflection to transmit light, but this reflection causes some of the light to polarize, changing the quantum state and making the data invalid. So as of now, I think this is only for ./'ers edification.
I'm the Devil the Windows users warned you about.
I haven't read the article yet (FWIW,) but I am pretty sure that it is impossible to replay the message, because to be able to replay it something has to "look" at it, and if it's "looked" at, you've affected it, so what you're "seeing" is not what you need to replay. It's the basic Hiesenberg principles at work. Ok, going to read the article now to see if it provides any deep insight into how *anyone* is supposed to read these. :)
Yes i know about Cointelpro, yes i know about Hoover, yes i know about the "Patriot act" but why does the FBI always get attacked first? What about the NSA? (B/C they are willing to spy on non US targets w/ echelon?) Most of the world would fear echelon (NSA Spy network) before the FBI.
QC is an extension of One Time Pads - it makes OTP practical and fast. Search google for Quantum Cryptography, and you'll see.
I'd be interested in seeing how the initial key exchange works. The receiver randomly chooses orientations and derives a bit pattern from the incoming transmission. Makes sense. It then says the receiver reports which random choices it made to the sender. I'm not sure exactly how the sender is able to decode this transmission from the receiver. It cant choose random orientations else it would lose the data which indicates the shared key. Any ideas?
My Company
Click here - if you've got the same sense of humor as me you'll waste hours on this site!
:)
Yes, I know its highly off-topic, but far more interesting than another theoretical quantum story...
And it'll never be breakable, provided you take some sort of security measures. But if you're paranoid, you already do most of those.
You say it will *never* be breakable if you take some sort of security measures. Never's a pretty tough thing to prove. OK, which measures should you take? How do you know that 1000 years from now, someone will not have perfected time travel and invisibility... how do you know that someone is not standing over your shoulder while you are locked in a lead-lined vault deep inside Mt. Everest as you key in the pad? If you kill yourself after making the pad, how do you know the inflitrator does not have the technology to reconstruct your memories from your brain tissue? The one time pad being perfect "forever" is a bunch of crap. "For now" I can deal with, but not "forever"... which makes it just like most cryptography.
This article describes a method for negotiating a key between two end points, Alice and Bob. The key will then be used to encrypt the data that they send next. The problem with this scheme is that it doesn't really stop Eve from getting in the middle.
If Eve is present as Alice and Bob start their key negotiation, then Eve can detect the photons that Alice sends, and completely block them from going to Bob. Eve then sends her answers back to Alice, pretending to be Bob. In the other direction, Eve pretends to be Alice, and generates her own string of photons to send to Bob. The net effect? Eve has just generated two point to point encrypted links, and can eavesdrop on all of Alice and Bob's data. She just has to decrypt and reencrypt all data. Furthermore, Alice and Bob are both completely oblivious to the fact that Eve is snooping on them.
The article described using this for free space encryption, for laser links between earth and satelites, for example. It seems pretty difficult to interlope between Earth and a satelite, but if it was possible, the same problem occurs.
This scheme would work if Eve was not around during key negotiation. However, imagine that Eve is an ISP, or the FBI (think Carnivore), permanently sitting in between Alice and Bob. In this situation the encryption is useless.
Just wait till Direct Tv get ahold of this technology. Then we will have major problems!
So how does the intended recipient get the message without changing it?
Click here or here.
I couldn't find the link, but there was another example of this that a professor at Harvard introduced about a year ago. The scheme was to have a satellite that did nothing but stream numbers to everyone all the time. So when someone would use a purely random number, at a random time, from the satellite to encrypt the message, at the same time the other user would also start recording the incoming numbers, and stop recording at the exact same time as the sender. Now they both have the key, and it was never sent, and due to the billions of numbers that are being sent from the satellite there is no feasble way to know what the key is, or to store all the numbers being sent.
I put the m in oop.
Simple: checksum your data the normal way before encryption.
As for interference: any particular qubit is carried by one photon. If that photon reaches the target at all, then it almost certainly has not been changed by random interference, and if it has, then at most it mangles one bit of the message, which is no worse than line noise in a modem. If a photon doesn't reach the target, then it the receiver notices a gap, and informs the sender.
Quantum crypto allows Allice to send a one time pad to Bob and determine if it was intercepted or not. If it is intercepted then Allice discards the pad and tries again. Otherwise Allice uses the pad to encrypt the message and uses conventional means to transmit it. If someone intercepts the pad, then the message is never sent so there's nothing to cryptanalyze. Otherwise they have a message but no pad. Cryptanalysis of a message encrypted with a one time pad is mathematically impossible.
The distance issue is the main problem with this technology but progress is being made on that front and I'm sure it will only be a matter of time before it is solved.
That means WITHOUT FIBRE
Which means you dont need to dig holes and most of the assumptions of the poster are invalidated.
Read the article first people.
All bow to his Noodliness!! His Noodle Appendage has touched me!
Quantum cryptography addresses this problem by creating a secure communication channel that is detected at the single-photon level. Because detection of a single photon changes it, any eavesdropper can easily be detected when unexpected results are found.
The property of the system that simultaneously makes it both secure and unfit for sending anything other than a one-time pad is that a random portion of the bits sent by the source are rendered useless. When the receiver picks an incorrect detection scheme, the results are ambiguous. The two parties compare notes on what methods they used, and then eliminate all the ambiguous bits. They can't know beforehand which ones will be thrown away. The way to check for eavesdroppers is to use an insecure channel to compare (and then throw away) a portion of the results to see if there are any discrepancies.
After the key is sent, the encoded message can be sent on an insecure channel, since both parties can be sure they have the same key. A one-time pad cipher can never be cracked because, for instance, a 1 kbit message can have any 1 kbit key as its cipher. Therefore the number of keys to check would be 2^(1024). Even after this is completed (well after the end of the world?) the decoded message is found along with every other possible 1 kbit combination. Any possible 1 kbit file can would be found among the results. This is no better than writing a program that fills memory with files that contain the numbers from 0 to 2^(1024)-1.
Some researchers are actually attacking the implementation of quantum cryptography rather than the theory. The devices used in QC actually send light down the fiber optic lines that damages the equipment on both ends resulting in predictable behavior. However, there are already safeguards developed against these type of attacks. Essentially it comes down to this question: "Is there a perfect implementation of Quantum Cryptography?"
I design user interfaces for a free network management application,
One comment: even if you need to cool your detector to cryogenic temperatures, you don't have to have your customer pour liquid nitrogen (or did they say liquid helium?) into the commercial device. This is what compact no-maintenance closed-cycle coolers are for.
Plug #1: idQuantique
Plug #2: Magiq Technologies
Plug #3: Los Alamos lab (yes there used to be a site there)
Plug #4: Our own research (not commercially-oriented yet)
17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
It's been said before and it bears repeating...
If it can be done, chances are that someone has been doing it for a long time.
Don't sweat the petty things. But do pet the sweaty things.
Neither does quantum crypto. The ciphertext is transmitted by ordinary means. Even if you were to send the ciphertext the same way you send the key, there would still be a transmission to be detected (although the mere act of detecting it would corrupt it). This also allows the length of the message to be determined. The advantage QC has over OTP is it allows snooping to be detected.
hmm... how about this?
What if a I place a device between the intended sender and receiver in such a way that it blocks the intended sender and receiver completely. I intercept a key exchange attempt from the sender and respond as any recipient would. I then have a quantum encrypted channel between myself and the sender. At the same time, I negotiate my own quantum encrypted channel between myself and the recipient. I can now receive data sent from one channel and send it to the other channel. This seems to negate the benefits of using quantum encrypted channels (unless one can somehow assure that I cannot totally block the actual transmissions between the intended sender and receiver).
I suppose some kind of authentication needs to be incorporated into this technology to ensure you're establishing a session to the correct receiver.
My Company
It is at this point, ladies and gentlemen, that communication technology stops empowering the masses, and gives the wealthy yet another tool to consolodate and defend their power.
You have to get the key safely to the other side, and since the key is the same size as the data, if you have a way to securly send the key, why not just send the data itself?
"Your superior intellect is no match for our puny weapons!"
if i where to put up a laser tube in the glassfiber kabel, with, say, a helium-neon gas mixture in it, but no "igniting" light source. That would leave the gas atoms charged. When a photon comes in, it would hit a charged electron (electron in high orbit), the electron would reproduce and perfectly identical photon (that's the whole idea of LASER, making perfect copies of a photon). since we now have 2 photons (the original one was not absorbed), this would create a snowball effect, and we'd end up with millions of perfect copies of the original photon. it wouldn't be hard to figure out what the original one looked like than, would it?
BTW, this was is the Dr Dobbs magazine some 3 years ago.
Non-javascript link.
One time pad encryption is actually not that great.
You have to send an un-interceptabile message the same size as the message to be encrypted.
Not only that, but the one time pad has to be grenerated by a perfect random number genereator.
If I have a perfectly secure communications channel that can handle one time pads for my messages, it could also just handle the messages themselves instead. Using one time pad with anything less that a perfect random number generator would actually have lower security of such a system.
The really amazing stuff about cryptography is public/private key encryption and keys that can be reused.
Life is too short to proofread.
They will get it banned, if the overreaction to PGP is any indication. One has to wonder as to whether we really live in a free country, when our government insists that we use insecure communications, just so they can tap them when they wish.
Our government uses communications Joe Citizen can't tap. So should Joe Citizen have the right to use such technology for himself.
=== The price of freedom is eternal vigilance
I strongly feel that The Codebreakers should be required reading for cryptography advocates. Over and over again the weakest link in any cryptographic system, including the one-time pad has been user error. According to Kahn the NSA successfully decrypted Soviet messages encrypted with "one-time" pads that had been reused due to supply difficulties or clerical errors. They were able to accomplish this by collecting thousands of encrypted dispatches, using traffic analysis, and looking for identical cipher text that might indicate common words, names, or phrases.
Kahn credits cryptographic incompetence to a wide variety of historical disasters from the defeat of the Imperial Russian army during World War I because key officers refused to use codes, to the World War II defeat of enigma because the German Navy had their U-boats transmitting trivial messages to headquarters on a daily basis. (In fact, traffic analysis and radio direction finding efforts were probably more critical than the actual capture of an enigma machine.)
The bottom line is that creating cryptographic systems that mathematically cannot be broken using current technology and probably with any future technology is relatively trivial. Creating socio-technical systems that are resistant to cryptographic incompetence is almost impossible. Most of the focus on algorithms is missing the point when there exist a dozen algorithms that are unbreakable, but no algorithms that are not vulnerable to social engineering attacks, traffic analysis, and dictionary attacks.
I feel that this is really the primary focus of government attacks on cryptographic products, the goal is not to attack the algorithms, but to hinder the development of socio-technical systems that use cryptography effectively. Why worry about if Microsoft Office includes strong, probably unbreakable encryption algorithms, if the software uses password XOR by default for compatibility with earlier versions, the strong cryptography is incompatible with export versions, and a dictionary attack will get 50 percent of the information you want? I am less interested in whether they can create yet another unbreakable encryption system, than creating a security system that allows me to send private e-mail to co-workers who don't understand why they should get a pgp plug-in or how to use it.
...
What will the FBI do? Why they'll just read the blinkenlights from your quantum switch!
"A terrorist is someone who has a bomb but doesn't have an air force." -William Blum
I'm certainly not a security expert, but to effectively have a communication link that no one can snoop on, wouldn't everyone that wanted to use this have to have their own transciever? I wouldn't want to transmit my private data over this secure line only to have it travel the last few feet to my house over copper.
The problem is: when you try one the possibilities, how do you know if it's my original plaintext or not? Was my original message "BREAD"? Was it "HELLO"? Was it "DEATH"? The answer is all of the above and none of the above. You can calculate all 2^40 possibilities, and all of them could be correct. You could use a little human intuition -- you could say "DEATH" is more probable than "999.." -- but that only goes so far. You have no reason to believe that "HELLO" is a more or less probably message than "DEATH". If you did have any of that intution, then the actual ciphertext was be literally meaningless to you (aside from its length, of course). You have *NO* way of knowing which is the actual message.
Unless you have the key. This is where quantum cryptography comes into play. Exchanging keys for Vernam ciphers is not hard, but it is impossible (literally) to do electronically and securely. If you send the key over insecured channels, then your key is insecure. If you send your key over encrypted channels, then your key is only as secure as the channel you used, which is to say not secure at all (relatively speaking, seeing as all ciphers are prone to brute-force attack, except for the Vernam cipher). By using quanta, you can tell if your key has been listened to with 1 - (0.5)^n probability, where n is the length of the key.
It always amazes me that people are still willing to spout of crap like "the Vernam cipher is crackable" or "it's prone to brute-force attacks", I guess because they've grown up with the "anything's possible, even the impossible" Hollywood drivel. The Vernam cipher, if the key is generated with a true random number generator (which does not exist, I should say, but it might some day) is uncrackable. It is mathematically provable. Each bit in the ciphertext (again, if the key is completely random) does not depend on any of the bits before or after it. So, suppose you intercept a bit of ciphertext. It is a 0. Was the original plaintext a 0 or a 1? There is a 50% chance it was a 0 and a 50% it was a 1. Tell me how you would crack this; the entire cryptoanalysis field is awaiting your answer. There is no reason a 0 a better answer than a 1; there is no reason a 1 is a better answer than a 0; there is a 0.5 probability it was a 0; there is a 0.5 probability it was a 1. Tell me: was it a 0 or a 1? Take all the computer time you need.
Quantum cryptography is a "key-growing" technology. The problem with quantum cryptography is that all scenarios begin with, "Given an authenticated connection." Well, in cryptography, the problem has almost always mandated authentication solutions, not key-growing solutions.
If I can hand someone a secret key that will let us authenticate with each other, then I can just as easily hand them a dvd full of random data for perfect one-time-pad encryption of our communication. Any solution without authentication is no better than the original problem, because authentication reduces to the original problem of getting some secret information from one person to the other.
To understand the problem, imagine this scenario. Alice wants to connect to Bob, so Alice establishes a quantum cryptographically secure connection with Bob. Wonderful, but what if Eve is sitting in the middle, and from the very beginning of the connection, Alice ACTUALLY establishes a quantum cryptographically secure connection with Eve, and then Eve establishes a quantum cryptographically secure connection with Bob. How do they know the difference? They can't, because individual photons are by the laws of quantum mechanics indistinguishable. There's no "signature" by which they can know who they're really talking to.
All quantum cryptography does, is tell you when someone begins evesdropping on a connection that has previously been secure. There will be applications for such a means of secure communication, but without resolving the classic man-in-the-middle attack, quantum cryptography cannot be applied to the bulk of cryptography uses.
The Los Alamos team is one of at least a dozen groups worldwide that are harnessing quantum physics to develop perfect encryption: coded messages impervious to the efforts of hackers.
Once again a media outlet is misusing the term "hacker." It is the "crackers" that this would thwart, since they could not crack your encrypted messages. I doubt however, that this or any other technology would be hacker-proof, in the sense that a hacker would just want to figure out how it worked and perhaps tweak it a bit. And who is going to stop a hacker from finding out an implementation of quantum cryptography works?
- I love animals. I try to eat at least one a day.
Quantum cryptography is great for securing one stage of the data transmission, but it's hardly perfect. For one thing people can't interpret quantum-encrypted photon streams, and so the machinery used to decrypt the quantum stream is still vulnerable to attack, as is the rest of the path from that machine to the reader's brain, including whatever wire, RAM, or CRT that involves.
Of course the same goes on the transmitting end.
Similarly, the one-time-pad that the QC system uses to encode the photons is vulnerable to attack or reverse engineering. (Note that this isn't highly likely, but likely enough to eliminate QC from being perfect.)
All Quantum Cryptography does is make one link in the chain more secure. That's it.
Kevin Fox
So when does Bill Gates get ownership of this?
I can see how people would find this as perfect encryption between any two lin-of-sight points, but there are problems. Most signals that need to be encrypted aren't within LOS (which you need to send photons). So most signals will be traveling most of the way with perfect encryption (say, to the satelite, and then back to a receiver near the recipient) but anywhere else, the message must either be plaintext or use a different encryption. Also, all bounce points (sattelites, tall hills, whatever) need a system to set themselves apart from a phony, just like before.
Quantum encryption has the very unique feature of snoop-detection. OTP by itself is a method to encrypt. But it does nothing to address detecting whether someone is reading your messages. If your message is "unbreakable", that's a good thing, but knowing that someone is listening is important for some applications. (Just as steganography is useful for some applications.)
OK this is all well and good, but as far as I can see on this the Quantum crypto is only valid for a key echange for tradiational crypto.
the key for quantum has to be sent each time if this is intercepted then the 3rd party can read this. yes you will know they ahve read it but if this is confidential data you stuffed anyhow.
if you use this as a key echenage then you know if there has been a man in the middle and if you can trust the info or not. this if you can you can continue with the new key. And everyone happy. However using quantum crypto on its own is a very bad idea.
Quote: "If we have some sort of activity that shows terrorists would have been thwarted by quantum cryptography, then we'll instantly have quantum cryptography all over the place."
By contrast, if they have some sort of activity that shows terrorists would have been *aided* by quantum cryptography, then you'll instantly see it locked down and outlawed.
-1, Too Many Layers Of Abstraction
The idea of Quantum Crypto is to send the key (one-time-pad to your actual message) in a secure fashion. You *know* if the key was viewed by a third party therefore you can be sure if it is secure.
If you send your secret message using the quantum crypto, then sure you know if it has been seen but do you want to send your attack plans in an open format? In that case your enemy won't care so much if you know he know's, the fact is he has what he was after!
yeah, that's the question that's always been in my mind too.
Because people with lots of letters after their names go on about how great this is, and "perfect encrypton" is typical of how it tends to be described I keep thinking I'm missing something.
Seems like quantum encryption is no more secure than one time pad yet less practical, and in a pragmatic real world sense, less secure than public key due to public key making the auth a bit more robust.
What gives?
Mod this guy up so that there's more chance someone can counter his argument
I guess by first, they really mean second.
And as for worrying about what the FBI will do, I imagine that the FBI will just let the NSA (National Security Agency) do their jobs.
Sorry, normally I don't complain but sometimes I just can't help it.
int func(int a);
func((b += 3, b));
AC.
Well they did not really try it but during the mccarthis they made a small process to Condon and one of the part was (rough citation) "such revolutionnary theroy [...] call for a revolutionnary man". He tryed apparently to explain them a bit of physic but they did not find it interresting or funny.
I can't remmeber the exact quote out of my mind fell free to mod me down but you can find it between pages 150 to 250 of Carl Sagan's book a demon haunted world.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Can this shiat encrypt my e-mail? Hellza no! Can this shiat encrypt my zip files? Hellza no! Quantum encryption can crack DEEZ NUTZ!
One can only wonder what the FBI will do.
One doesn't have to wonder. They'll just tap in at the routers at either end of the connection instead of trying to tap into the line itself. Quantum cryptography is only useful point-to-point. Once the data hits either end, it can be observed because the quantum part of the cryptography (the polarity of the light particles) is out of the picture. It is impossible (currently, at least; if this ever becomes possible, then quantum cryptography will be less secure than even weak encryption is now) to have a "light repeater" or somesuch for the purpose of bridging more than two end-to-end points, so there is no way around this except to secure both ends physically. That is a limitation that would-be observers can get around any number of ways.
It doesn't matter if the signal is being through a satellite, as the article explains the goal to be - there are still two ends on the ground (and the satellite itself) to hack into.
Article states that its not possible to listen to such coded transmission, and gives us an example why. its totaly bullshit. they based example on the fact that eaves dropper would retransmit the same photons after interception. phew. any wise guy would not retransmit it, but build a NEW photon chain between him and final recipient. So it would look like this:
SENDER<--A-->HACKER<--B-->RECEIVER
And A and B are different links. Hacker cannot replay A on B (due to physics), but nothing prevents him for respondig to SENDER (to establish A channel) and send NEW photons to RECEIVER to establish their NEW B channel.
This encryption scheme is nothing new. its cleary that it can be attack by Man In THe Middle method.
Am I missing something? The article didn't seem to have addressed the issue of authentication--without which no crypto system would be secure.
Paul.
You are lost in a twisty maze of little standards, all different.
Actually, no. Once you get to the stage of exchanging polarisation details, the key has already been exchanged, and if it was snooped it will have been wrecked by the snooper. If it wasn't snooped, all the snooper has is the polarisation of the last message you sent. A simple man-in-the-middle attack won't help you since you don't have the original message to work with.
Of course this is still open to implementation issues - always using the same polarisations for the same bits, or using some trivial function to determine which to use, or predetermining them and storing them on your hard drive, would be top of the list. Don't look to quantum snooping technology to break this, the good old-fashioned methods normally work best.
Quantum cryptography solves eavesdropping problem, but it still doesn't solve man-in-the-middle attack.
For example if I have access to optical cable carrying messages crypted by quantum cryptography, I can cut cable in the middle and plant quantum receiver to the end of it and receive all messages emulating than I'm the original receiver.
If I want to avoid detection I'll put in addition to receiver a sender to other end of cable and re-send every bit receiver gets
Perfect cryptography is no good unless you have an easy way of demonstrating to yourself that you have actually got such a thing.
If someone gives you a black box and says it's perfectly secure, how do you know?
Do you get out your pocket quantum inteferometry tester and check it?
Even public key encryption is tricky to have confidence in unless you're a mathematician/programmer and can check the source code over to be assured of its correctness.
I could sell you a pair of network cards today with optical connections, put a couple of zeroes on the end of the price tag, and tell you they used quantum encryption. How are YOU going to find out otherwise?
It all comes down to trusting someone. And then we're back at square one - imperfect security.
I wouldn't be suprised if public key encryption remains preferable to quantum encryption, if only because it's much easier to assure yourself that you're using the mechanism you think you're using.
Even the military/CIA may prefer it for that reason - they have to buy their black boxes off someone too...
http://www.discover.com/may_02/feattech.html
The link supplied in the slashdot write-up requires Javascript. Javascript is bad. 'K?
Okay, then take a guess at what the message will be (or decide what you want the recipient to hear), intercept the message, and send what you wanted to send.