Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quantum Cryptography In Action

Posted by timothy on from the you-can't-see-me dept.

Whitney Wyatt writes: "Discover magazine outlines the first successful laser photon communication utilizing Quantum Cryptography. Called 'Perfect Encryption,' quantum encryption sends the key with the message, however it is impossible for an eavesdropper to intercept the message without changing it. One can only wonder what the FBI will do."

4 of 228 comments (clear)

  1. Perfect encryption already exists... by asparagus · · Score: 3, Insightful

    ...and has so for the past 2000 years.

    It's called a one-time pad.

    So, before everybody and their brother starts talking about how the NSA can already break this, remember that you can, quite easily, build a 'uncrackable' cypher.

    And it'll never be breakable, provided you take some sort of security measures. But if you're paranoid, you already do most of those.

    Sorry, this is just a preemptive strike against 'the government can monitor my thoughts" crowd.

    Back to your normal high S/N ratio.

  2. Cool, but the FBI don't have to do anything. by Anonymous Coward · · Score: 3, Insightful

    Sorry to bring bad news, but quantum cryptography is unlikely to become available to the likes of us. The reason:

    Alice and Bob have a length of optical fibre running between them, and are using quantum cryptography. Eve attempts to evesdrop, but is unable to do so without changing the information in the signal (polarisation etc). Eve is foiled. Hurrah!

    Now imagine that Alice and Bob are mere mortals and get to use the phone network like the rest of us.

    The system they use is a standard fibre & router system, but the actual fibre is encrypted. What is Eve to do?

    Answer: She installs a tap on the repeater, because quantum crypto only works over single lengths of fibre.

    As if by magic quantum cryptography only becomes useful to people who get to dig holes in the road, such as phone companies, big business and the government. We little people don't even get to play the game.

  3. Lessons from history.... by kirkjobsluder · · Score: 3, Insightful

    I strongly feel that The Codebreakers should be required reading for cryptography advocates. Over and over again the weakest link in any cryptographic system, including the one-time pad has been user error. According to Kahn the NSA successfully decrypted Soviet messages encrypted with "one-time" pads that had been reused due to supply difficulties or clerical errors. They were able to accomplish this by collecting thousands of encrypted dispatches, using traffic analysis, and looking for identical cipher text that might indicate common words, names, or phrases.

    Kahn credits cryptographic incompetence to a wide variety of historical disasters from the defeat of the Imperial Russian army during World War I because key officers refused to use codes, to the World War II defeat of enigma because the German Navy had their U-boats transmitting trivial messages to headquarters on a daily basis. (In fact, traffic analysis and radio direction finding efforts were probably more critical than the actual capture of an enigma machine.)

    The bottom line is that creating cryptographic systems that mathematically cannot be broken using current technology and probably with any future technology is relatively trivial. Creating socio-technical systems that are resistant to cryptographic incompetence is almost impossible. Most of the focus on algorithms is missing the point when there exist a dozen algorithms that are unbreakable, but no algorithms that are not vulnerable to social engineering attacks, traffic analysis, and dictionary attacks.

    I feel that this is really the primary focus of government attacks on cryptographic products, the goal is not to attack the algorithms, but to hinder the development of socio-technical systems that use cryptography effectively. Why worry about if Microsoft Office includes strong, probably unbreakable encryption algorithms, if the software uses password XOR by default for compatibility with earlier versions, the strong cryptography is incompatible with export versions, and a dictionary attack will get 50 percent of the information you want? I am less interested in whether they can create yet another unbreakable encryption system, than creating a security system that allows me to send private e-mail to co-workers who don't understand why they should get a pgp plug-in or how to use it.

  4. Re:key, not message by PoshSpod · · Score: 3, Insightful
    The 'discard and try again tack' is a slight mis-conception. Even if Eve does aquire some of the message - by either attempting to split the beams or by intercepting the signal, guessing the polorisation and resending the result - Alice and Bob will be prefectly aware that she has done this and will even be able to estimate how much of the message she knows. They can then apply something called Privacy Amplification to the keys they share to ensure she know none of it. Basically this is a hash function X -> Y where if knowledge of X is less than perfect, knowledge of Y will be nil.

    Check out Generalized Privacy Amplification (1992) by Charles Bennet et. al if you're really interested.

    --

    This is my sig.