Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quantum Cryptography: 100km Barrier Broken

Posted by timothy on from the speaking-of-crypto dept.

jdfox writes "Toshiba Research Europe have just demonstrated quantum crypto over 100km fibre links. Sounds like there's still a fair bit of work to be done before it leaves the lab, but it's amazing that they've got as far as they have. There's another article about it, though still not much technical detail, here on the BBC and here on The Register."

9 of 194 comments (clear)

  1. What is so good about it.. by Gortbusters.org · · Score: 5, Informative

    Communication with quantum cryptography is inherently secure because it takes advantage of the physical properties of single photons. In the technique, each transmitted bit of a cryptographic key is encoded upon a single photon.

    The sender and recipient each have a key to decode the photon stream, but any attempt to hack into the link and capture the key is doomed to failure as it alters the quantum state of the intercepted photons. These changes are easily detectable, revealing the presence of the hacker.

    --
    --------
    Free your mind.
  2. a bit unprecise ... by Anonymous Coward · · Score: 5, Informative

    In the technique, each transmitted bit of a cryptographic key is encoded upon a single photon.

    Actually it is not completely true, you cannot guarantee that you send out a single photon. Indeed, you don't. You try to approximate a single photon source by using weak laser pulses, but this does not mean you always send out a single photon (sometimes you send out more, sometimes you do not send out any at all). But every security proof consider the fact that you are able to send single photons (which is highly not trivial)

    Actually this fact makes most implementations of quantum crypto protocols insecure to a class of attacks (PNS), even though they would take place in a very unrealistic framework (but you have to consider them).

  3. Re:put in a repeater by aliens · · Score: 5, Informative

    If I remember my research correctly, you can't sample the photons without changing their state. Thus it's not possible to generate new ones. If it were possible the entire idea would goto shit as a man in the middle could just intercept everything and regenerate new ones without being caught.

    --
    -- taking over the world, we are.
  4. Re:put in a repeater by Hanji · · Score: 4, Informative

    As I understand it (and I may be completely wrong), you can't, because it's impossible to actually measure the photons exactly - you can only gain knowledge about certain characteristics of them, in a process which irreversibly alters their states. This is (part of) what makes it impossible to listen in on a quantum transmission undetectably.

    Think about it - if this were possible, an unwanted listener on the line could sample the stream, and then generate two streams - one back along the line, and one into his own recorder. Since quantum communication apparently makes this impossible, the answer should be no, whether or not my understanding of the situation is exactly correct.

    --
    A Minesweeper clone that doesn't suck
  5. Re:interceptable, but interception always detectab by eet23 · · Score: 4, Informative

    You don't send the message via the quantum method - all you are sending is the key for a one-time pad cipher. If it's intercepted, you don't use that key, you generate a new one and try to send it again.

  6. Re:That's a big lab! by mrand · · Score: 5, Informative

    > That must be a big lab! Or maybe they had 100km of fibre
    > and they just looped it round and round and round. ;)

    Fiber without the colored "protective insulation" takes up surprisingly little space, and weighs next to nothing. 100km of fiber could be picked up by with one hand if mounted on single spool.

    In our lab, we have four fiber spools (two 20km and two 40km) that can be connected together to create various distances. Each is mounted in a plastic case that is about a foot in diameter and 4 inches wide.

    --
    -- PGP keyID: 0x4C95994D
  7. Key Distribution by Luk+Fugl · · Score: 5, Informative
    A description of quantum cryptography resides at Dartmouth (http://www.cs.dartmouth.edu/~jford/crypto.html). The real advantage of quantum cryptography is in the generation of a secret key for use in secret-key encryption (128- or 256-bit or whatever). From the above mentioned site:

    "In secret-key encryption, a k-bit ``secret key'' is shared by two users, who use it to transform plaintext inputs to an encoded cipher. . . A key of 128 bits used for encoding results in a key space of two to the 128th (or about ten to the 38th power). Assuming that brute force, along with some parallelism, is employed, the encrypted message should be safe: a billion computers doing a billion operations per second would require a trillion years to decrypt it. . .

    "The main practical problem with secret-key encryption is determining a secret key. . . A possible solution is to agree on a key at the time of communication, but this is problematic: if a secure key hasn't been established, it is difficult to come up with one in a way that foils eavesdroppers. In the cryptography literature this is referred to as the key distribution problem. . .

    "Quantum encryption provides a way of agreeing on a secret key . . ."

    Through the use of random quantum polarizations of the photons and public (unencrypted) discussion of these measurements and their accuracy, the two communicants can determine a shared secret key without an eavesdropper knowing the same info. They then use this key to do standard encryption. A demo of this process can be found here (http://www.cs.dartmouth.edu/~jford/crypto.html).
  8. Re:Sounds like the press hasn't thought this throu by jfern · · Score: 4, Informative

    A quantum state on a single qubit looks like this:

    a|0> + b|1>,

    where |0> and |1> are vectors, and a and b are complex numbers, and the total vector has a magnitude of 1. When we measure the state, it collapses into the |0> vector with probability |a|^2 and into the |1> vector with probability |b|^2. And of course |a|^2 + |b|^2 = 1.

    So the hacker won't know what the arbitrary quantum state was. Observing the photon destroys the original state.

  9. Re:put in a repeater by jetmarc · · Score: 4, Informative

    > Sample the photons and generate new ones of the same type.

    You can't.

    The sender assigns two bits of information to each photon. However, you can only
    measure one. This is similar to the Heisenbarg relation of uncertainity, where
    you can EITHER measure the position OR the impulse of an electron.

    The sender generates a long stream of random information. The receiver reads
    in either way, according to (other) random. An attacker would not know in which
    way the receiver has read the information. However, if the attacker has read
    the photons himself, he has destroyed every other bit. Thus, about 50% of the
    bits that the receiver gets, are wrong. This is easy to detect.

    As a result, you can't passively tap such a communication line. The only thing
    you can do, is to impersonate the receiver, so that the sender communicates
    (untapped) with the attacker. The attacker could then establish a second (also
    untapped) channel to the original receiver, and relay all data back and forth
    on the logical level.

    This is called a man-in-the-middle attack, and works for many crypto systems,
    not just quantum.

    There are crypto protocols that try to prohibit this attack. PGP for example
    relies on the "web of trust" with signed public keys. HTTPS/SSL uses CA's
    who sign certificates.

    The quantum communication channel does not solve this problem. It solves another
    problem: it enforces that the channel can not be tapped without being noticed.

    Marc