Slashdot Mirror
Quantum Cryptography: 100km Barrier Broken
jdfox writes "Toshiba Research Europe have just demonstrated quantum crypto over 100km fibre links. Sounds like there's still a fair bit of work to be done before it leaves the lab, but it's amazing that they've got as far as they have. There's another article about it, though still not much technical detail, here on the BBC and here on The Register."
>100km fibre links...there's still a fair bit of work to be done before it leaves the lab
;)
That must be a big lab! Or maybe they had 100km of fibre and they just looped it round and round and round.
Communication with quantum cryptography is inherently secure because it takes advantage of the physical properties of single photons. In the technique, each transmitted bit of a cryptographic key is encoded upon a single photon.
The sender and recipient each have a key to decode the photon stream, but any attempt to hack into the link and capture the key is doomed to failure as it alters the quantum state of the intercepted photons. These changes are easily detectable, revealing the presence of the hacker.
--------
Free your mind.
From the Register article:
Dosent quantum cryptography depend on the assumption that it is impossible to copy this stream of encoded photons without leaving a trace?
Toshiba Research Europe have just demonstrated quantum crypto over 100km fibre links. Sounds like there's still a fair bit of work to be done before it leaves the lab...
How could it not have left the lab? Is Toshiba's lab 100KM long? That's a pretty huge lab!
I'm generally "Interesting," "Insightful," and even "Funny" here. What the hell happens to me at parties?
Imagine, all you will need for you own photon ray gun/torpedo is a network cable with signal. Looks like the geek shall inherit the earth after all.
In the technique, each transmitted bit of a cryptographic key is encoded upon a single photon.
Actually it is not completely true, you cannot guarantee that you send out a single photon. Indeed, you don't. You try to approximate a single photon source by using weak laser pulses, but this does not mean you always send out a single photon (sometimes you send out more, sometimes you do not send out any at all). But every security proof consider the fact that you are able to send single photons (which is highly not trivial)
Actually this fact makes most implementations of quantum crypto protocols insecure to a class of attacks (PNS), even though they would take place in a very unrealistic framework (but you have to consider them).
I'm not sure whether this would work or not (since you reading the photon is what changes its spec... you'd be reading the new version of the photon, I'd think and would need the original key to put it back the way it was...)
But without pretty spiffy splicing techniques, how long do you think it would take to get that repeater inserted into a fibre link? When I was in college, a friend of mine got a job fusing splices in fibre optic lines with a special machine, and it still took him several minutes per splice once he got good with it. The other end is going to know something's up when the fibre goes dark for more than a few ms...
If I have been able to see further than others, it is because I bought a pair of binoculars.
If I remember my research correctly, you can't sample the photons without changing their state. Thus it's not possible to generate new ones. If it were possible the entire idea would goto shit as a man in the middle could just intercept everything and regenerate new ones without being caught.
-- taking over the world, we are.
As I understand it (and I may be completely wrong), you can't, because it's impossible to actually measure the photons exactly - you can only gain knowledge about certain characteristics of them, in a process which irreversibly alters their states. This is (part of) what makes it impossible to listen in on a quantum transmission undetectably.
Think about it - if this were possible, an unwanted listener on the line could sample the stream, and then generate two streams - one back along the line, and one into his own recorder. Since quantum communication apparently makes this impossible, the answer should be no, whether or not my understanding of the situation is exactly correct.
A Minesweeper clone that doesn't suck
You can't measure the exact polarisation of a photon. The photon always either passes or doesn't pass. As you can't measure it, you can't duplicate it.
When A & B communicate A first sends the stream of photons using two types of polarisation (typically horizontal/vertical-linear and left/right-circular), and B measures randomly in the two different schemes. When the polarisation is measured in the wrong scheme the outcome is random.
The trick is that A & B now communicate over an insecure circuit and agree to throw away data where B was using the wrong scheme. They now have a clean stream of bits to use as a one time key over their insecure circuit.
-Yarn - Rio Karma: Excellent
I was re-reading the Fabric of Reality (David Deutsch) ... which essentially covers Quantum interference / computing (with the arguement that Quantum computing is a result of multiple universes coming together and interfereing with one another) ... In any case this may be a little bit off topic ... but the book echos 'The Matrix Reloaded' in many ways ... Deutsch describes an 'Oracle' who knows everything ... A Virtual Reality machine that interfaces with the brain (even a picture that looks like something out of the Matrix) ... a multiverse (worlds within worlds etc..) ... and a Universal Virtual Reality Generator that can essentially recreate the environment we live in ... in real time. This book pre-dates the original Matrix by a year.
You don't send the message via the quantum method - all you are sending is the key for a one-time pad cipher. If it's intercepted, you don't use that key, you generate a new one and try to send it again.
Actually, I think this means fuck all for the individual citizen's privacy. As it requires an unbroken fibre all the way from party A to party B, it would indeed only be appropriate for things like banks to use. Big deal. Think the government wants to spy on the minutia of your bank account? Think that, if they did, they'd have to hack the bank's network to do so, rather than just requiring it in law?
Where it may have helped is over something like the internet... if an 'unhackable' transport method could be developed, privacy would greatly be benefitted. But as the internet inherently requires data streams to be intercepted and forwarded, usually many times over, this method will do nothing to help regular privacy.
== Jez ==
Do you miss Firefox? Try Pale Moon.
A quantum state on a single qubit looks like this:
a|0> + b|1>,
where |0> and |1> are vectors, and a and b are complex numbers, and the total vector has a magnitude of 1. When we measure the state, it collapses into the |0> vector with probability |a|^2 and into the |1> vector with probability |b|^2. And of course |a|^2 + |b|^2 = 1.
So the hacker won't know what the arbitrary quantum state was. Observing the photon destroys the original state.
If there are several photons in the same arbitrary state, you can by measuring the qubits in different basis each time, come up with an approximation to the actual quantum state. If there are a 1000 of these photons, then basically we aren't gaining anything by having our information in Quantum form. So you want to avoid sending many duplicate photons for many of the states that you are sending.
Barring what the other poster said, you can also predict transmission times over fiber VERY accurately. Any time spent processing the photon information to create a new photon to retransmit would be longer than the total transmission time. This would be easily detected.
I have another interesting question though.. Would it be possible to combine this with the "laser teleportation" technology demonstrated earlier this year to have a REALLY secure wireless link? If so, 30 years from now, all communications might be so secure that we wouldn't have to worry about eavesdroppers.
> Sample the photons and generate new ones of the same type.
You can't.
The sender assigns two bits of information to each photon. However, you can only
measure one. This is similar to the Heisenbarg relation of uncertainity, where
you can EITHER measure the position OR the impulse of an electron.
The sender generates a long stream of random information. The receiver reads
in either way, according to (other) random. An attacker would not know in which
way the receiver has read the information. However, if the attacker has read
the photons himself, he has destroyed every other bit. Thus, about 50% of the
bits that the receiver gets, are wrong. This is easy to detect.
As a result, you can't passively tap such a communication line. The only thing
you can do, is to impersonate the receiver, so that the sender communicates
(untapped) with the attacker. The attacker could then establish a second (also
untapped) channel to the original receiver, and relay all data back and forth
on the logical level.
This is called a man-in-the-middle attack, and works for many crypto systems,
not just quantum.
There are crypto protocols that try to prohibit this attack. PGP for example
relies on the "web of trust" with signed public keys. HTTPS/SSL uses CA's
who sign certificates.
The quantum communication channel does not solve this problem. It solves another
problem: it enforces that the channel can not be tapped without being noticed.
Marc
(This may be inaccurate as I'm recalling it from what I read in Simon Singh's "The Code Book", but I hope it explains the point.)
The idea is that you can measure the photons with only partial accuracy, and according to the setting of the measuring instrument. For example, if sending a photon in state Y, the measurement does not yield: "The photon was in state Y", but instead "The photon was probably in state X but maybe in state Y or Z, and not in state W.". Another measurement configuration could yield: "The photon was probably in state Y but maybe in state X or W, and not in state Z."
The "hacker" does not know the measurement configuration at the receiver and may try some arbitrary configuration of his own.
The problem is, when receiving the measurement result, for example that the photon was probably in state X, trying to retransmit it as X may be picked up as inconsistent at the real receiver's.
The measurement configuration itself for each bit can be agreed upon by a negotiation stage where a bitstream is sent accross random configurations of both the sender and receiver and then publically agreeing which bits of the sequence to use (knowing they have matching configurations, not letting a "hacker" enough information to know what configurations those are - leaving him with impossible guesswork).
Newtonian mechanics is still correct - in the limit of small velocities (compared to the speed of light). Relativity hasn't invalidated Newtonian mechanics, but shown that it (Newtonian mechanics) is a special case in a more general theory.
I don't assume that quantum mechanics is the ultimate theory; in fact, it isn't today (think quantum field theories). But I do assume that any (existing or future) theory cannot contradict quantum mechanics, but must contain it as a special case.