Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ultrasecure Quantum Communications Over Thin Air

Posted by timothy on from the and-that-is-really-thin-air dept.

SlashDotIDOne writes "Well, given a hundred years at university and a few extra titles to my name, I'd be comfortable trying to summarize the article so don't take what I say at face value. Apparently British and German researchers have found a way to use quantum crypto through the air, thus allowing it to be used to communicate with satellites, etc. A very secure form since you know whether a message was intercepted, rather hard to tamper with ;). Courtesy India times and Google's new news service."

15 of 212 comments (clear)

  1. "The Code Book" mentioned this several years ago by banana+fiend · · Score: 4, Insightful

    Excellent book for lay-people and crypto-beginners: Review Here

    This has been a working theory for years (and the book suggests it had been done across a distance of several hundred meters back then!)

    I hate it when people say "wow, we have an unbreakable code now". We find out new things and rubbish old theories about the universe and it's properties all the time, we may have violated the second law of thermodynamics, what's to say this is "unbreakable" - it's only secure so far ;)

    --
    Johns: Well, how does it look now? Riddick: Looks clear.
  2. Allowance of crypto by explosionhead · · Score: 5, Insightful

    The big question, though, is whether they should be allowed to enter the commercial domain, where they could be used by organised crime and terrorism to thwart eavesdropping by police.
    Whether they should be allowed?? Whether they're allowed or not has little bearing on what would happen. You look at the US's export restrictions for crypto, asking people outside the US to download the inferior version, they haven't exactly worked wonders have they?

    --
    ?
    1. Re:Allowance of crypto by JonnyCalcutta · · Score: 5, Insightful
      The big question, though, is whether they should be allowed to enter the commercial domain, where they could be used by organised crime and terrorism to thwart eavesdropping by police.

      Yes, this was the bit that got me as well. It amazes me that this sort of thing can be stuck in as a throw away sentence, as if to imply that there is no doubt about the correctness of this POV, and anyone who thinks otherwise must be stupid.

      The saddest thing about the world we live in (in the West at least) is the horrible kneejerk 'won't somebody think of the children' attitude that comes before any form of rational thought is employed.

      Here's my list of things we must ban immediately -
      Let's ban pencils, pens and paper, since criminals can use them to draw plans of the joint they are casing or even, God forbid, create one time pads to pass uncrackable codes to each other.
      Ban open spaces since criminals could use them to converse with each other out of earshot of the police.
      Let's ban flags since they could be used to pass secret messages in semaphore.
      In fact let's just ban all forms of verbal and non-verbal communication - let's see those criminals make plans now!

      Slashdot would be the first to go obviously. All that 'geek talk' is obviously just a clever criminal code.

  3. Setting the Agenda by Beautyon · · Score: 4, Insightful

    The big question, though, is whether they should be allowed to enter the commercial domain, where they could be used by organised crime and terrorism to thwart eavesdropping by police.

    Who said that this is the big question? This is not the "big question"; it has already been determined that "terrorists" did not and generally dont use crypto for communication, so thats just a lame excuse to keep the tools crippled (see A5).

    Organized crime? just because an infinitessimal number of "organized criminals" (just where the hell are the disorganized criminals? [yes yes, GAOL]) might use crypto to secure thier telephones doesnt mean that the vast majority of people should be denied access, or given access only to cripple ware.

    But you know this.

    These agenda setting questions are pure bad journalism, plain and simple, and simple minded.

    --
    ATH0 Bitcoin: 1DnwFLXczVZV8kLJbMYoheUrpqHesjxrSi
    1. Re:Setting the Agenda by fruey · · Score: 5, Insightful
      Who said that this is the big question? This is not the "big question"; it has already been determined that "terrorists" did not and generally dont use crypto for communication, so thats just a lame excuse to keep the tools crippled (see A5).

      Exactly. Indeed, the real criminals (corrupt bankers, high wealth people, etc) are those that use crypto because they have the money and paranoia sufficient. Terrorists use simple stuff like codes, languages that only the top spies can get translated, and other tactics like human silence policies and any number of other things. As for organised crime, well using PGP / crypto etc is just going to get the FBI to prick up their ears a bit more so is generally avoided.

      People should not be paranoid about cryptography, it should be openly available. It should be used primarily for signatures, and yet most people just think it's there for protecting data transmissions. *Sigh*

      --
      Conversion Rate Optimisation French / English consultant
    2. Re:Setting the Agenda by Jobe_br · · Score: 2, Insightful

      While I agree that crypto in general should be accessible to the public, this *particular* system should be of little interest to the public. Multi-national, global corporations, maybe. The general public? Doubtful. Think about it. What's being discussed here is a way of encrypting one-time cipher keys for encrypting/decrypting messages. I can't fathom how much work it takes to setup and maintain a communications network based on one-time pads. Maybe someone from the NSA/CIA/Scotland Yard wants to chime in with some info on this, but I imagine its pretty darn resource intensive. This isn't something that you'd start applying to your email communications to your friends, as you'd have to be distributing your one-time keys to your trusted friends and they'd have to be reporting any attempts (or successes) of intercepting or socially-engineering your one-time keys so that you could appropriately revoke affected one-time keys.

      This isn't like SSL or public-key crypto, this is a totally different game where absolute and utter confidentiality of communication is necessary. Never mind the low-orbiting satellite system you'll have to setup or lease time on so that you can distribute your one-time pads to your circle of trusted communicators.

      Now - don't get me wrong. I agree with the poster in that if criminals want to use this, it won't matter if its publicly available or not. Criminals can use one-time ciphers right now, some possibly do. The concept of this isn't new. The only thing new here is the dissemination of the one-time pads, which currently takes a fair amount of legwork. This article isn't about transmission of the message, its only about transmission of the keys to encrypt/decrypt the message. These keys are currently stored on media and couriered to embassies worldwide by a country's diplomatic couriers and such. Used 'one time' and then the media is destroyed to prevent any future knowledge of past keys. The messages that use these one time keys can be sent over any medium. I wouldn't be surprised at all if some are sent via specialized email systems that at some point hit a public point of the Internet or travel through the air where they could be intercepted.

      Hope this helps!
      Cheers.

  4. In some ways it's solving the wrong problem by WolfWithoutAClause · · Score: 5, Insightful
    The easiest way to crack encyption is to avoid cracking the encryption and attack the installation or the people using the encryption.

    Basically, if you can bug the users keystrokes when they type in their password for the crypto system, then that system is toast- similarly if they have a physical token- if you steal that token.

    Or you bribe/blackmail the guy; or you use "lead pipe" cryptanalysis- you hit the guy over the head until he tells you his password.

    This system looks good; but don't assume that its going to be 100% secure. In the real world it can't be, unless there's no people in the loop, not even designing the system.

    --

    -WolfWithoutAClause

    "Gravity is only a theory, not a fact!"
  5. Any details at all would have been nice by CaptainAlbert · · Score: 4, Insightful

    Anyone got a link to the Nature article itself?

    From the guff written here, it all seems implausible. Encoding a message in single photons is fine, but I find it hard to believe that you can transmit a stream of photons several miles through the atmosphere without a single one of them being absorbed or scattered (which would look the same as interception). It's just light, after all.

    I wish I could remember any physics. Then I could say something about the possibility of "amplifying" a signal in which the symbols are single photons. But I can't, so I won't even try.

    Plus, even taking the above on trust, it doesn't sound too hard to disrupt (with, say, a mirror).

    Corrections and extra technical info most welcome! :)

    --
    These sigs are more interesting tha
    1. Re:Any details at all would have been nice by CaptainAlbert · · Score: 2, Insightful

      > Finally, they use this common secret bitstring as a key for a one-time pad.

      Aha! So the cyphertext itself can be transmitted over an "open" channel. Cunning. :)

      But, it sounds to me like it could be fairly inefficient. From what I remember, you need one bit of one-time-pad for every bit of plaintext you want to transmit. The process above could be quite time-consuming (relatively speaking) if only 0.1% of your photons get through. And even if you're sending the equivalent of an email, you'll need a key-string of tens of thousands of bits. So it might be secure, but you'd end up paying for it in speed.

      Interesting, though.

      --
      These sigs are more interesting tha
  6. commercial uses? yes! by prichardson · · Score: 3, Insightful

    from the article (yes I read it)

    The big question, though, is whether they should be allowed to enter the commercial domain, where they could be used by organised crime and terrorism to thwart eavesdropping by police.

    If we don't let the public use this, everyone we don't want to have it will get it eventually. There wont be a user base to be framiliar with to help the government in finding the weaknesses. It is the same with cryptography software. Those who want it really bad can write their own or violate an EULA. The law abiding public is shut off from protecting their own things when terrorists and organized crime still can.

    --
    Help I'm a rock.
  7. Maybe I don't get it. by Captain_Stupendous · · Score: 2, Insightful

    Quantum Crypto in general seems like a good idea, but think about it. The "good guys" know if the "bad guys" have intercepted the message (not just if the message is tampered with, but even if it's observed). So what do the bad guys do? Intercept EVERY message. The good guys no longer know which messages are trustworthy, and which are not. The key here would be the ability to differentiate between "This message was intercepted by the enemy", and "This message was intercepted, decoded and READ by the enemy". This is a level of detection that is (as far as I know) not yet available.

    --


    I am alone, yet I also surf the universal backwash of undifferentiated Being, which is LOVE.
  8. Re:Au contraire. Americans found the way in '98... by Anonymous Coward · · Score: 1, Insightful

    Well wake up then. Going 20km horizontally is
    equivalent to going several 100kms vertically in
    terms of loss. As the atmosphere is only a couple
    of kilometres thick when transmitting to a satellite most of the loss occurs over the first few kilometres. Going 20km in free space is a big deal-- although they did do it at highish altitudes (~2km) where the air is thinner and so the losses are less. But still you could put the communications stations in the mountians as well.

    Neil

  9. Re:"The Code Book" mentioned this several years ag by nzhavok · · Score: 3, Insightful

    One time pads are ABSOLUTELY unbreakable...

    Erm, no they're not. If you get hold of the decrypting pad you can break it, not that much different than stealing a pgp key and passphrase really.

    --

    He who defends everything, defends nothing. -- Fredrick The Great
  10. Re:"The Code Book" mentioned this several years ag by Otto · · Score: 3, Insightful

    Assuming someone doesn't steal the key and you did it correctly, then yes.

    But if you didn't do it correctly, or your pad choices aren't truly random, or someone knows some of the plaintext, or half a dozen other things, then a one time pad can be broken with a lot of guesswork.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
  11. Re:"The Code Book" mentioned this several years ag by Gyorg_Lavode · · Score: 3, Insightful
    This is not the first time this has been acomplished over air. In fact, Las Alamos sent single-photons with quantum encrypted data over free air to demonstrate that single-photon signals were possible. This is just signifigant because of the distance at which it was accomplished.

    Second, they talk about boosting the signal to achieve the ability to transmit to satalites. This would be at the detriment of the security of the key as the greater the signal strength, the more photons it carries, the easier it is to split off a portion of the beam to be read. This of course is still not in any way easy as statistical analysis of the strength of the signal can reveal that it is being split.

    Third, the fact that the signals are being bounced of a satilite autmoatically invalidates the security. If it is relayed, the key is stored in non-quantum states which invalidates it's security. The article sais that the signal on fiber optics has to be boosted every 6 miles. That is also garbage. Boosting the signal again invalidates the security. I don't know anywhere that quantum keys are used through signal boosters.

    This experiment is notable though. The farthest a quantum key has been transmitted was 32ish km (I believe in germany), over a single fiber-optic cable. This is the first transmission of a quantum key over a signifigant length through atmosphere.

    --
    I do security