Slashdot Mirror
First Bank Transfer via Quantum Cryptography
An anonymous reader writes with today's announcement that "the Austrian project for Quantum Cryptography made the world's first Bank Transfer via Quantum Cryptography Based on Entangled Photons; see also Einstein-Podolski-Rosen Paradoxon." (For more background, see the recent Slashdot post "Quantum Cryptography Leaving the Lab.")
Yes, but... what will I now need to decode my bank statements?
Wouldn't checking if the transfer went through alter your balance? :-P
...I can't observe my checking account balance without lowering it.
So the transaction slip presumably says:
Your transaction number has a 90% probability of being between 8765432 and 8765478.
Have a 75% nice day.
Craig Steffen
http://www.craigsteffen.net
Due to Insufficient Cat.
When in doubt, mod +1 funny and pray
... there has been a bank error in your favour. Collect $200. :)
..but why do we need this?
The biggest hole in security is usually the people operating technology. Ever want something, call up and ask for it.
What does the ability to have uncrackable encryption do to thwart social engineering tactics?
SIGERR: laziness exceeds quota
Sure but would they still charge a fee for using "out of our network" ATMs?
I'll give you my entangled photons in exchange for chocolate.
"If you think you have things under control, you're not going fast enough." --Mario Andretti
At the University concluded a study which finds quantum cryptography is a lot better than plain cryptography. Please FAX bank account via quantum cryptography to KWEISE MFUME at +34 79 345 8792 for full article.
Looking forward to hearing,
Letter
are only good for small change...
MP3 Search Engine
Man arrested in connection with bank transfer fraud, he reportedly stole 1.2 million dollars using a flashlight
Thats some damn complicated stuff, there! I hope the technicians who fix the ATM machine know about phuton criptography. I may know how to program with code, but damned if i know how futons work!
http://github.com/gbook/nidb
I'm asking this question again because it came a bit to late to the last discussion I posted it in
.1 photon to reduce the probability of generating a two-photon pulse that could be split and eavesdropped undetectably."
Is quantum crypto provably flawed?
I've seen tons of blurbs stating the the link is "absolutely" secure, but it seems that isn't really the case. (see the bottom of the page.)
What strikes me about all this is the following section:
"each pulse should be attenuated to an average of about
What that says to me is that there is not way to 100% know you're transmitting just one photon.
It sounds like there's no device that is capable of transmitting one and only one photon with 100% reliability. If this is the case, a lot of the arguments about how secure this is are vastly overstated.
In the end QC would be vulnerable to a man-in-the-middle attack by watching for multi-photon emissions.
If this is the case, a lot of the noise surrounding QC could turn out to be hype. (The big plus for quantum crypto is that it's supposedly immune to this.) Is there a quantum physicist in the house?
Life is too short to proofread.
Nah, back to those good ol' electrons.
So then the money has been both transfered and not transfered? That sounds like an argument waiting to happen.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
What I don't understand is why can't you cut the line and put in something like a repeater. When you read a bit, you change that photon, but then you just transmit a clean one with the same value (or maybe even change it to confuse).
-I am an elective eunuch.
The last time I tried to use imaginary money, the government had me arrested for fraud. Well, Uncle Sam, look at me now!
-Rob
Marriage doesn't have to suck!
Bruce Schneier covered why quantum cryptography doesn't solve any security/secrecy problems in his December 15, 2003 Crypto-Gram.
"It's like defending yourself against an approaching attacker by putting a huge stake in the ground. It's useless to argue about whether the stake should be fifty feet tall or a hundred feet tall, because the attacker is going to go around it. Even quantum cryptography doesn't "solve" all of cryptography: the keys are exchanged with photons, but a conventional mathematical algorithm takes over for the actual encryption."
Is this instantaneous? Wouldn't that violate the whole speed-o-light thing?
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
The reason that the man-in-the-middle attack doesn't work is that by doing so, you introduce two sets of attenuation rather than one. If the message is intercepted and then re-transmitted, the message has now been sent through the attenuation cycle twice. This means that instead of the signal being modified by the original attenuation function, it's modified by the attenuation function squared, which is easy to distinguish.
Craig Steffen
http://www.craigsteffen.net
My knowledge of cryptography is limited to the entry level college course of which I remember quite little, and my knowledge of physics is as limited as it can be.
To me this story is rather sensational -- I didn't realize that quantum crypto is that close to actually being used; it also seems to me that wide use of quantum crypto is going to revolutionalize the field.
Can someone who knows a lot about this explain to the rest of us: is this "WOW!!!" or just "neat!"?
I passed the Turing test.
Yeah, but filling out the slip for "1/sqrt(2) |deposit> - i/sqrt(2) |withdrawal>" is a pain, and thanks to the epoch of inflation my balance is now much smaller than the rest of the universe... luckily, even in an income vacuum my balance randomly jumps up, but only for REEEEAAALLLLYY short lengths of time. I've been hawking radiation for a while but everyone says it's just a two slit operation.
Okay, I'm done now.
[TMB]
The Vernam cipher ( http://en.wikipedia.org/wiki/Vernam_cipher ) which is used to encrypt the data is PROVABLY not crackable. The quantum part is a PROVABLY secure key exchange. It has been proven that this system is uncrackable.
I remember reading a book all about the history of cryptography. It outlined the evolution of cryptograpy from simple albhabet substitutions to the concept of quantum cryptography. It shows all the pros and cons and weighs them against eachother.
Excelent read for anyone interested in the field or just currious about it.
ISBN: 0385495315
Well, first I'd like to secure a small loan to fly to the Bahamas... and then I'll let you know :)
As I understand it (according to Bill Bryson's "A Short History of Nearly Everything") entangelment does in fact violate Einsteins theory. It says that two entangled photons at any distance apart from each other will react identically instantaneously. **Notice** Instantaneously! That is faster than the speed of light. Einstein did not believe that this was possible, but experiments have shown this to be true, at least as we understand it. The part that impresses me the most is that someone devised a logic experiment that could determine the results with near certainty without altering the results. An excellent source for more information is the book "Mind at Light Speed", I forget the author's name. "A Short History of Nearly Everything" is also a great book which covers so many topics that it made my head spin.
Why doesn't anything interesting happen when I have mod points?
So it's really about social-engineering potential customers.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
first Bank Transfer via Quantum Cryptography Based on Entangled Photons
I would expect transfering some data would be pretty ok, but they entangled and transfered a bank? Unbelievable. Did some bank office clerks survive their quantum encryption?
There you are, staring at me again.
Did you even read the contents of that link? One time pads are mathematically secure - this doesn't mean that one time pads can be implemented - but the theory behind it is completely sound. You can not crack a one time pad simply because every possible sentence of a given length could be produced by the same cryptotext and you have no idea which one it is.
It's not a question of current technology at all. RTFL.
First, Schneier really loves his stake-in-the-ground idea. He used it to describe cryptography in general in his "Secrets and Lies" book (which, IMHO, doesn't hold a candle to the quality of his applied crypto books. In fact, it feels more like a book-long commercial for his managed security business)
Anyway, sure. QC alone ain't gonna help you. But if it's a stake in a ground that's part of a fence, it damn well matters if it's 100 ft tall vs 1 ft tall, or even 10 ft tall.
Does it 'solve' security problems? No, of course not, because as many many many people have already said, in this post and in many other places, the way to defeat the best crypto in the world is to look under a keyboard and copy down the relevant password/phrase that the user wrote on a sticky-note there. (or other social engineering tricks)
It does make security easier, as it prevents MITM attacks, requires (for now) specialized hardware, and provides really-tough-to-decode crypto. So, if you have the rest of your process working, yes, QC can help by being a more secure technology.
But think of the inverse. OK, so, crypto is like a stake in the ground, it doesn't matter what size or where it is. So, let's all use DES, because it's an established standard!
You are only as secure as your weakest link, obviously. You'd be stupid if crypto turns out to be your weakest link, as even not counting QC, there's lots of good, secure crypto processes available.
Returned Peace Corps IT Volunteer
After spending an hour in the wikepedia I have concluded that this is all just hype. Quantum Cryptography is still only theoretically encrypted. It has not been proven yet because quantum mechanics is not fully understood yet.
Furthermore, this is really just a Quantum Key exchange. So tack on whatever protocol you wish to use once you have the key. Quantum encryption is something that would require quantum computing first.
Also please note, the quantum transmission is not even "secure." Its just that if anyone but you reads it, you are secure in the knowledge that you will know about it.
At least this is what I have understood. Still hype. Notwithstanding, as science this is probably an advancement. Its just not what its being marketed as.
Don't look to closely at your account balances, lest they become more uncertain.
This principle is generally true in classical economic transfers as well: Bill Gates keeps having lots of money, but I only sometimes have money; I know I owe lots of money to my bank for student loans, but I only have a suspicion that my friend owes me 50 cents.
Erik
YOU ARE SAYING IMPUDENCE TO ME! THAT IS IMPUDENCE!
An interesting theory trying to explain this seemingly inexplicable result, is by taking the hypothetical possibility that the bands are created by photons that exceed the speed of light. Only when they revert to another (visible) quantummechanical state (by hitting the wall, for instance) do they become noticable.
This is not impossible, because, contrary to what most ppl think, lightspeed is in fact an average; within one beam, there can be photons that are moving slightly slower, and photons that move slightly faster then the speed of light.
This, however, leads to the conclusion that those particular photons come from - at least potentially - another time or space. So, the film 'paycheck' might not be complete bullocks after all (though it's doubtfull we are ever going to be able to create a usefull 'time-viewing' tool out of it).
Then again, never say never, as Bill Gates with his '640K is enough for everyone' can vow.
The theory about another 'space', in contrast, leads us to the possibility that those photons actually come from parallell universes. It seems SF, but it are, in effect, valid scientific hypotheses which deserve further investigation.
After all, apart from these theories, there *is* no explication for the result of that experiment.
--- "To pee or not to pee, that is the question." ---
It will be cool one day, imagining that for a brief moment, the photons, being in a superposition of states, *could* be transferring all the known wealth of the universe to my bank account. Sadly, when observed, minus service fees, it's probably only like a buck-fifty.
Anybody want a peanut?
Yes, Quantum Cryptographic Communications (QCC) can help with the requirement that the one-time pad must be transmitted in private. However the one-time pad cannot be reused so your key must be the same size as your text. Thus far, Quantum Cryptographic Communications is not a speedy high bandwidth form of communication. It might be OK to transmit a small key but to date it is not OK for sending, in a reasonable period of time, huge one-time pad keys that are as big as your original message.
Another thing people sometimes gloss over about Vernam one-time pads is that your cipher is only as good as your random number generator! If you generate your one-time pad using the v7 libc rand(3) function your one-time pad is next to useless.
Another important aspect of Quantum Cryptography (Quantum Cryptography is not simply limited to communications) is random number generation. Quantum Cryptographic Random Number Generation (QCRNG) is a useful tool in generating keys (one-time pads, block cypher keys, public/private key pairs, etc.).
The importance of QCRNG goes beyond Vernam one-time pads. You want a cryptographically strong RNG such as a QCRNG when you generate your session keys. Sending predictable keys over a QCC protected link is next to useless!
Now IF you have:
then you will begin to approach the ''unbreakable cypher level'' that some people think you get with Vernam One-Time Pad Ciphers.
chongo (was here)
OK, I am not a believer in quantum cryptography for one big reason -- fiber loss. Someone please enlighten me if I'm wrong.
The loss of standard single-mode fiber is about 0.1-0.2 dB/km. Therefore, unless the distance is short (as in this demonstration), the transmitter must send multiple photons to ensure a decent probability of providing the receiver with one photon.
For example, if the span is 100 km long (20 dB loss), then on average only 1 out of every 100 transmitted photons will reach the receiver.
The situation is worse for autocompensating quantum-crypto systems (e.g., polarization-based encoding), because the photons must survive a round trip through the fiber.
Therefore, the relatively high power at the transmitter implies that an attacker can tap into the fiber near the transmitter, subtract (on average) only 1 photon, and remain undetected by the receiver.
Furthermore, typical optical amplifiers add noise (3 dB noise figure for your standard erbium-doped amplifier). The added noise photons would screw up the link, so amplifiers are out.
In the end, it seems to me that quantum crypto is good for table-top demos, and maybe for short jaunts across a metro area. But it is NOT absolutely perfect, at which point computationally difficult encryption is more attractive.
Now someone can be both Miriam Abacha AND Sese-Seko in their 419 scams at the same time!
For your security, this post has been encrypted with ROT-13, twice.
You're missing the point here... Quantum cryptography _creates_ a set of 1 time pads that both the sender and receiver have. So, a fairly small one-time pad is generated, and then the data is encoded & transmitted over a fast line. This is why it's often referred to as QKD (quantum key distribution). For absolute security, you only send data encrypted directly with your key, which is slow, but can't be decoded by a 3rd party.
The quantum state of the particles IS the random number generator. You aren't using a software RNG to feed the quantum device, you're relying on the inherently random nature of quantum fluctuations to Create your random data.
This, my friend, is as random as it gets, until someone develops the Theory Of Everything.
I believe you are approaching this topic all wrong:
The Vernam Cipher, or one-time pad is not a the ''super-duper unbreakable solves all your problems'' cipher that some people think it is.
Yes, the Vernam cipher is unbreakable, because the cipher itself requires all of the things you mention. You talk about random keys as if they might be optional, but they are actually standard necessities. It is a subtle difference, but I hope you can see it. If someone misuses the Vernam cipher, it becomes crackable, but in its nature, it is super-duper unbreakable solve all your problems.
While quantum entanglement can be used to achieve a sort of faster than light communication, you can't control what you "send" and once you've used one pair of photons you'll need another pair if you want to "send" anything else. Basically all this technique is good for is providing a means for ensuring that two parties have the same random string of bits. This is perfect for generating one time pads which provide an unbreakable form of encryption if they are only used once.
Entangled particles can be used for other interesting forms of communication, but in every case a classical communication channel must also be used.
My only political goal is to see to it that no political party achieves its goals.
I was interested in how they generated the entangled photon pairs, so I googled and came up with an interesting paper that touches on the subject:
"The entangled photon pairs created by Kwiat's team are produced using two thin, nonlinear optical crystals to split the "parent" photons from a laser into entangled "daughter" photons. In previous research at Los Alamos, these entangled photons have been used for quantum cryptography to create unbreakable cryptographic keys that can be used to lock or unlock encrypted messages.
Decoherence is a problem in quantum systems because the fragile quantum superpositions of entangled states are destroyed by unwanted coupling to the environment through which the photons are passing. Decoherence in Kwiat's system is intentionally created by passing the entangled photons through a roughly 10 millimeter piece of quartz. This optical environment produces a collective decoherence in the photons where one particular entangled photon state is, as predicted by quantum theory, essentially decoherence-free. These photons could serve as the basis of information carriers for quantum communications."