Quantum Cryptography Systems Commercially Launched

prostoalex writes "NY-based MagiQ has now started commercial shipments of its quantum cryptography systems, which it claims is the first commercially available device of its type. Apparently, 'Quantum cryptography goes a step further than electronic cryptography through its employment of a stream of photons, the quantum properties of which determine the key. The fun part is that if an intruder observes or intercepts the transmission, those properties get changed'." We've previously run stories on advances in quantum cryptography.

Ummm...

[chill]

The setup consists of two rackmount units connected by both optical and Ethernet cables.

So... do the boxes have to be close enough to run the optical cables directly? Can the signal be regenerated or amplified without disturbing the photons? (I doubt it.) How about sending the photon stream through a DWDM switch? (Again, I doubt it.)

If the pair of boxes has to be in the same building, that isn't going to be a big seller. Bob would just walk down and HAND Alice the data.

Nice PR stunt, though.

Oh, I really want to know what telco is finding multiple taps a week to their optical fibers. I really smell bullshit here.

USELESS!!

[logicnazi]

So even if this is really workable quantum cryptography, in which case it would only work on a direct fiber to fiber link. I don't see how it would give any benefit.

From a technical point of view Quantum cryptography is only secure against man in the middle attacks if you have a SEPERATE channell to the remote host that you are absolutely sure in fact goes to the right person. As long as all communication goes over the fiber nothing prevents a spy from splicing his own box into the line and negotiating a key using quantum cryptography for both parties. However, if you have some channell that you know reaches the other source you can just use Diffie-Helman or like protocal to negotiate a shared key without ever broadcasting it on the line.

The only think quantum cryptography does for you is take the public key component out of the equation. However from reading the article this box just uses quantum encryption to negotiate a key for 3-DES or similar. Seems to me that the public key is not the weakest link in the system. Also as it does packet based encryption you can still watch and time packets to observe keystrokes (I believe good ssh and the like programs wait for several seconds to try and send a bunch of keystrokes together, but a box that sits outside the computer can't decode the first layer of encryption to stick the packets together in a meaningfull way...though I could be wrong on this).

From a pragmatic point of view, since this is only going to work on an unbroken single fiber there is some limit to distance here. I'm sure someone else on slashdot knows about how long you can string fiber before you need a repeater or something. Wouldn't it be easier to just routinely check to make sure there is no middle man inserted in the wire (use diffie-helman or similar again so that someone JUST listening can't decode things). Even better, take a key generated on the first computer BY HAND to the other end of the communications loop. Better cheaper security with no new high tech gizmos.