Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quantum Cryptography In Action

Posted by timothy on from the you-can't-see-me dept.

Whitney Wyatt writes: "Discover magazine outlines the first successful laser photon communication utilizing Quantum Cryptography. Called 'Perfect Encryption,' quantum encryption sends the key with the message, however it is impossible for an eavesdropper to intercept the message without changing it. One can only wonder what the FBI will do."

17 of 228 comments (clear)

  1. Duhh... by The+Iconoclast · · Score: 5, Funny

    One can only wonder what the FBI will do.
    Why, outlaw quantum mechanics, of course!

    --
    Quando Omni Flunkus Moritati
  2. What will they do? by leshert · · Score: 4, Interesting

    They'll simply declare that, like plutonium and surface-to-air-missiles, it's something that they can't abide the public owning, and will outlaw it. What else could they do?

    1. Re:What will they do? by 56ker · · Score: 3, Interesting

      Why then were high-level cryptographic programs prohibited from export from the U.S and still are to certain countries they don't like? It was banned from export because it was classed as a weapon. The USA don't want to go to war with someone they can't eavesdrop on the communications of - that's what this is to prevent. Although it's not a weapon in the conventional sense - it's a defence. Look how effective the Enigma machine was for the Germans until it was broken. If the operators hadn't used easily guessible strings like HIT LER and BER LIN to encode the messages it would've taken far longer to crack it (they were told to randomise them).

      --


      Video Game cheats, hints a
  3. Impossible? by squared99 · · Score: 3, Informative

    This stuff is getting pretty heavy, but it seems the technology to break this type of cryptography is already in early stages of research. Check out this New Scientist article.

  4. Perfect encryption already exists... by asparagus · · Score: 3, Insightful

    ...and has so for the past 2000 years.

    It's called a one-time pad.

    So, before everybody and their brother starts talking about how the NSA can already break this, remember that you can, quite easily, build a 'uncrackable' cypher.

    And it'll never be breakable, provided you take some sort of security measures. But if you're paranoid, you already do most of those.

    Sorry, this is just a preemptive strike against 'the government can monitor my thoughts" crowd.

    Back to your normal high S/N ratio.

    1. Re:Perfect encryption already exists... by automandc · · Score: 3, Informative
      The article linked to discusses the fact that quantum cryptography is only an extension of one-time-pad schemes in use since the early 20th century. It also outlines the problems with those systems (i.e. reuse of the meta-key used to transmit the pad-of-the-day, as in the Germans always using "Heil Hitler" as their meta-key, giving the Brits a big fat backdoor to their nominally one-time-only Enigma codes).

      It seems to me that, if this article is correct, the advancement of this form of cryptography is probably no more "unbreakable" than the Titanic was unsinkable. The point is only to make it so that an eavesdropper gives away their presence by intercepting (and thereby destroying) some of the key.

      IIRC, most quantum schemes contemplate "quantum" transmission (i.e. single photon encoded information) on for the key, while the actual encrypted message is still transmitted through normal means (which would allow for error correction, faster transmission, communications robustness etc.) So, the actual message is still interceptable, and therefore still susceptible to a brute-force attack.

      Sure, you might not be able to get realtime intelligence the way the Allies did in WWII, or we did in the Cold War (thanks to tapping into unencrypted underwater cables), but you can still decypher messages given enough time and computing power.

      Thus, I repeat, the scheme contemplated here, if I understand it correctly, is no more "unbreakable" than the Titanic was "unsinkable."

      automan(dc)

      no sig is good sig.

      --
      I'm a lawyer with excellent karma. Something's gotta be wrong.
    2. Re:Perfect encryption already exists... by mindstrm · · Score: 5, Informative

      With a one-time pad. Like he just said.

      Say you have 1kb you need to encrypt.

      You generate a 1kb key, and do a simple XOR.

      Then you take the key, and the resulting 'encrypted' file, and send them on their merry way. Only when the two are placed together can the original data be recovered.

      So as long as nobody obtains the original key, the data is uncrackable. You can't brute force it, because the keyspace is the size of the data itself. Brute forcing it would simply mean generating every single combination of 1k data fields and guessing which one was the original.

      Make sense?

    3. Re:Perfect encryption already exists... by keesh · · Score: 3, Informative
      Not exactly. One time pads don't:
      • Disguise the length of a message
      • Hide the fact that a message has been sent
      Both are very important.
    4. Re:Perfect encryption already exists... by Viking+Coder · · Score: 3, Informative

      The algorithm has nothing to do with the transmition medium.

      If you want to make a One Time Pad that's long enough, you are free to disguise the length of a message by padding your text with 0s. This is essentially "wasting" your pad, but if you're really concerned about the length of your message being revealed, you are free to obscure it and make it seem artificially larger. (You can't make it artificially smaller, unless you somehow compress your message before you encrypt it.)

      And you can hide the fact that a message has been sent by using any steganographic method you chose. Just as you can with any other encryption algorithm.

      Don't confuse the algorithm with the transmition medium.

      --
      Education is the silver bullet.
  5. Cool, but the FBI don't have to do anything. by Anonymous Coward · · Score: 3, Insightful

    Sorry to bring bad news, but quantum cryptography is unlikely to become available to the likes of us. The reason:

    Alice and Bob have a length of optical fibre running between them, and are using quantum cryptography. Eve attempts to evesdrop, but is unable to do so without changing the information in the signal (polarisation etc). Eve is foiled. Hurrah!

    Now imagine that Alice and Bob are mere mortals and get to use the phone network like the rest of us.

    The system they use is a standard fibre & router system, but the actual fibre is encrypted. What is Eve to do?

    Answer: She installs a tap on the repeater, because quantum crypto only works over single lengths of fibre.

    As if by magic quantum cryptography only becomes useful to people who get to dig holes in the road, such as phone companies, big business and the government. We little people don't even get to play the game.

  6. Re:Interception vs. Encryption by cheese_wallet · · Score: 5, Interesting

    I'm guessing you didn't read the article. They've been able to do this over a distance of 6 miles in open air. Not bad, considering this is an infancy stage.

    Yeah, it means the message can only be read once. But in this case the message is the key for a one time pad encryption.

    Basically this makes one time pad encryption a whole lot more secure than it was before. One time pads, I think, are the best form of encryption--but the problem has been the security of the key.

    this whole photon quantum encryption deal addresses that issue in a really neat way.

  7. Quantum physics by totallygeek · · Score: 4, Funny
    So, did the FBI poison the cat in the box?

    --
    Click here or here.
  8. key, not message by Skavookie · · Score: 3, Interesting

    Quantum crypto allows Allice to send a one time pad to Bob and determine if it was intercepted or not. If it is intercepted then Allice discards the pad and tries again. Otherwise Allice uses the pad to encrypt the message and uses conventional means to transmit it. If someone intercepts the pad, then the message is never sent so there's nothing to cryptanalyze. Otherwise they have a message but no pad. Cryptanalysis of a message encrypted with a one time pad is mathematically impossible.

    The distance issue is the main problem with this technology but progress is being made on that front and I'm sure it will only be a matter of time before it is solved.

    1. Re:key, not message by PoshSpod · · Score: 3, Insightful
      The 'discard and try again tack' is a slight mis-conception. Even if Eve does aquire some of the message - by either attempting to split the beams or by intercepting the signal, guessing the polorisation and resending the result - Alice and Bob will be prefectly aware that she has done this and will even be able to estimate how much of the message she knows. They can then apply something called Privacy Amplification to the keys they share to ensure she know none of it. Basically this is a hash function X -> Y where if knowledge of X is less than perfect, knowledge of Y will be nil.

      Check out Generalized Privacy Amplification (1992) by Charles Bennet et. al if you're really interested.

      --

      This is my sig.

  9. Sure, but here's the paradox... by gnovos · · Score: 3, Informative

    You have to get the key safely to the other side, and since the key is the same size as the data, if you have a way to securly send the key, why not just send the data itself?

    --
    "Your superior intellect is no match for our puny weapons!"
  10. Lessons from history.... by kirkjobsluder · · Score: 3, Insightful

    I strongly feel that The Codebreakers should be required reading for cryptography advocates. Over and over again the weakest link in any cryptographic system, including the one-time pad has been user error. According to Kahn the NSA successfully decrypted Soviet messages encrypted with "one-time" pads that had been reused due to supply difficulties or clerical errors. They were able to accomplish this by collecting thousands of encrypted dispatches, using traffic analysis, and looking for identical cipher text that might indicate common words, names, or phrases.

    Kahn credits cryptographic incompetence to a wide variety of historical disasters from the defeat of the Imperial Russian army during World War I because key officers refused to use codes, to the World War II defeat of enigma because the German Navy had their U-boats transmitting trivial messages to headquarters on a daily basis. (In fact, traffic analysis and radio direction finding efforts were probably more critical than the actual capture of an enigma machine.)

    The bottom line is that creating cryptographic systems that mathematically cannot be broken using current technology and probably with any future technology is relatively trivial. Creating socio-technical systems that are resistant to cryptographic incompetence is almost impossible. Most of the focus on algorithms is missing the point when there exist a dozen algorithms that are unbreakable, but no algorithms that are not vulnerable to social engineering attacks, traffic analysis, and dictionary attacks.

    I feel that this is really the primary focus of government attacks on cryptographic products, the goal is not to attack the algorithms, but to hinder the development of socio-technical systems that use cryptography effectively. Why worry about if Microsoft Office includes strong, probably unbreakable encryption algorithms, if the software uses password XOR by default for compatibility with earlier versions, the strong cryptography is incompatible with export versions, and a dictionary attack will get 50 percent of the information you want? I am less interested in whether they can create yet another unbreakable encryption system, than creating a security system that allows me to send private e-mail to co-workers who don't understand why they should get a pgp plug-in or how to use it.

  11. Evesdropping IS possible. by zCyl · · Score: 3, Informative

    Quantum cryptography is a "key-growing" technology. The problem with quantum cryptography is that all scenarios begin with, "Given an authenticated connection." Well, in cryptography, the problem has almost always mandated authentication solutions, not key-growing solutions.

    If I can hand someone a secret key that will let us authenticate with each other, then I can just as easily hand them a dvd full of random data for perfect one-time-pad encryption of our communication. Any solution without authentication is no better than the original problem, because authentication reduces to the original problem of getting some secret information from one person to the other.

    To understand the problem, imagine this scenario. Alice wants to connect to Bob, so Alice establishes a quantum cryptographically secure connection with Bob. Wonderful, but what if Eve is sitting in the middle, and from the very beginning of the connection, Alice ACTUALLY establishes a quantum cryptographically secure connection with Eve, and then Eve establishes a quantum cryptographically secure connection with Bob. How do they know the difference? They can't, because individual photons are by the laws of quantum mechanics indistinguishable. There's no "signature" by which they can know who they're really talking to.

    All quantum cryptography does, is tell you when someone begins evesdropping on a connection that has previously been secure. There will be applications for such a means of secure communication, but without resolving the classic man-in-the-middle attack, quantum cryptography cannot be applied to the bulk of cryptography uses.