Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Bank Transfer via Quantum Cryptography

Posted by timothy on from the sneaky-atoms dept.

An anonymous reader writes with today's announcement that "the Austrian project for Quantum Cryptography made the world's first Bank Transfer via Quantum Cryptography Based on Entangled Photons; see also Einstein-Podolski-Rosen Paradoxon." (For more background, see the recent Slashdot post "Quantum Cryptography Leaving the Lab.")

45 of 310 comments (clear)

  1. Unexpected Consequences by etLux · · Score: 5, Funny

    Yes, but... what will I now need to decode my bank statements?

    1. Re:Unexpected Consequences by turnstyle · · Score: 3, Funny
      "Yes, but... what will I now need to decode my bank statements?"

      Easy! The Quantum Improbability Engine.

      --
      Here's what I do: Bitty Browser & Andromeda
  2. But... by DonServo · · Score: 5, Funny

    Wouldn't checking if the transfer went through alter your balance? :-P

    1. Re:But... by Anonymous Coward · · Score: 5, Funny

      I looked in my account and found out my cat was dead.

      You know the two-slit experiment? Well, its just like that
      -- standard explanation for weird quantum things when you don't know the right answer.

    2. Re:But... by blincoln · · Score: 5, Interesting

      You know the two-slit experiment? Well, its just like that
      -- standard explanation for weird quantum things when you don't know the right answer.

      I was just reading about that last night in The Elegant Universe.

      For those who haven't heard of it before, here's the experiment:

      - take a wall with light shining on it from a projector.

      - place a board in-between the wall and the projector that interrupts the beam of light. The board should have two vertical slits cut in it, which can be opened and closed independently of each other.

      If you open just the left one, you get a vertical bar of light on the wall.

      If you open just the right one, you also get a vertical bar of light on the wall, offset from the one that was there with the left one open.

      Now, intuitively you would think that if you opened both at once, you would just get two vertical bars of light, but you don't. Wave interference means you get a whole bunch of light and dark vertical bars on the wall.

      Here's the spooky quantum-mechanical part - the same interference effect happens even if the projector is designed to only emit one photon at a time, then wait until it has hit the wall (or the board) before sending another. You will still get the bands of dark and light.

      Pretty weird, eh?

      --
      "...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
    3. Re:But... by nessus42 · · Score: 3, Interesting
      Here's the spooky quantum-mechanical part - the same interference effect happens even if the projector is designed to only emit one photon at a time, then wait until it has hit the wall (or the board) before sending another. You will still get the bands of dark and light.
      What's even spookier is that the experiment turns out the same if you replace the photons with sodium molecules!

      |>oug

    4. Re:But... by bfg9000 · · Score: 3, Funny

      Sounds like a glitch in the Matrix.

      --

      I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."

    5. Re:But... by lightray · · Score: 4, Informative

      Have you actually tried it?

      When I first read about the double slit experiment, I said to myself, "That can't be!"

      I cut two slits into a piece of cardboard and directed a flashlight beam through the slits at a wall.

      And I observed exactly what one would expect, two diffuse bright spots. I said, "Hmph."

      Of course, when I learned a little more, it was obvious why this didn't work. In order to see the interference pattern, your light must be coherent and columnated (as from a laser), and your slits must be very close together, and narrow (with dimensions similar to the wavelength of light). You pretty much need to use a laser as your light source, and rather than a "board" with slits, a sheet of metal with two very thin slits cut into it, very close together.

      Something I found very fascinating is that the diffraction pattern you get is the fourier transform of the pattern of slits the system of interference exactly implements the fourier transform integral!

  3. Unfortunately... by Anonymous Coward · · Score: 5, Funny

    ...I can't observe my checking account balance without lowering it.

  4. Quantum tracking number... by gevmage · · Score: 5, Funny

    So the transaction slip presumably says:

    Your transaction number has a 90% probability of being between 8765432 and 8765478.

    Have a 75% nice day.

    --
    Craig Steffen
    http://www.craigsteffen.net
  5. My check bounced by Anonymous Coward · · Score: 5, Funny

    Due to Insufficient Cat.

  6. Re:Entangled Photons by Professr3 · · Score: 5, Funny
    Please be Bill Gates, please be Bill Gates, please be Bill Gates...

    When in doubt, mod +1 funny and pray

  7. Due to the Heisenberg Uncertainty Principle... by gid13 · · Score: 4, Funny

    ... there has been a bank error in your favour. Collect $200. :)

  8. Proof of Concept by radoni · · Score: 4, Insightful

    ..but why do we need this?

    The biggest hole in security is usually the people operating technology. Ever want something, call up and ask for it.

    What does the ability to have uncrackable encryption do to thwart social engineering tactics?

    --
    SIGERR: laziness exceeds quota
    1. Re:Proof of Concept by onion2k · · Score: 5, Insightful

      Firstly, the security this sort of thing provides is at a different stage in the process to anything a social attack would work on, so the two concepts are unrelated.

      Secondly, even if they were related, you're appear to be suggesting we might as well not bother patching one future security hole because a different one also exists? Thats crazy. We should tackle all security risks, not just one particular one.

      Lastly, socially engineered attacks are most often people giving up a PIN or forging a signature. That affects one account per attack. If a cracker gets past the sort of stage that Quantum Cryptography protects they have the opportunity to automate and reap every transaction the bank carries out.

      Now which is the bigger problem?

      --
      http://twitter.com/onion2k
  9. trade ya by theMerovingian · · Score: 4, Funny


    I'll give you my entangled photons in exchange for chocolate.

    --
    "If you think you have things under control, you're not going fast enough." --Mario Andretti
  10. Dear Prestigious Journal by Letter · · Score: 3, Funny
    Dear Prestigious Journal,

    At the University concluded a study which finds quantum cryptography is a lot better than plain cryptography. Please FAX bank account via quantum cryptography to KWEISE MFUME at +34 79 345 8792 for full article.

    Looking forward to hearing,
    Letter

  11. quantum bank transfers by jacquesm · · Score: 3, Funny

    are only good for small change...

    --
    MP3 Search Engine
  12. Complicated by nycsubway · · Score: 3, Funny

    Thats some damn complicated stuff, there! I hope the technicians who fix the ATM machine know about phuton criptography. I may know how to program with code, but damned if i know how futons work!

    --
    http://github.com/gbook/nidb
    1. Re:Complicated by Anonymous Coward · · Score: 5, Funny

      "I may know how to program with code, but damned if i know how futons work!"

      Simple: fold the futon up when you want to use it as a couch and then fold it back down when you want to use it as a bed.

  13. Quantum Crypto Provably Flawed? by theLOUDroom · · Score: 5, Interesting

    I'm asking this question again because it came a bit to late to the last discussion I posted it in

    Is quantum crypto provably flawed?

    I've seen tons of blurbs stating the the link is "absolutely" secure, but it seems that isn't really the case. (see the bottom of the page.)

    What strikes me about all this is the following section:
    "each pulse should be attenuated to an average of about .1 photon to reduce the probability of generating a two-photon pulse that could be split and eavesdropped undetectably."


    What that says to me is that there is not way to 100% know you're transmitting just one photon.

    It sounds like there's no device that is capable of transmitting one and only one photon with 100% reliability. If this is the case, a lot of the arguments about how secure this is are vastly overstated.

    In the end QC would be vulnerable to a man-in-the-middle attack by watching for multi-photon emissions.

    If this is the case, a lot of the noise surrounding QC could turn out to be hype. (The big plus for quantum crypto is that it's supposedly immune to this.) Is there a quantum physicist in the house?

    --
    Life is too short to proofread.
    1. Re:Quantum Crypto Provably Flawed? by gunnk · · Score: 5, Interesting

      I think you're worried about something that happens, but isn't a useful eavesdropping technique. Suppose that you have a device for emitting single photons. Further suppose that the emitter accidentally emits two photons for a single bit 1% of the time.

      If an eavesdropper successfully split the extra photons off, they have successfully captured 1% of the data stream. First off, that's not much data if you want to reconstruct something meaningful in the way of information carried by the stream.

      Another problem, however, is the effect of the splitter on the rest of the stream. When a single photon passes the splitter, which path does it choose? If I'm not mistaken, that choice will be at random. If so, then the presence of the splitter becomes immediately detectable because half the single photon pulses never reach their destination. In fact, the number missing is likely to be so close to 50% that the presence of the splitter should be obvious to the bank.

      --
      Life is short: void the warranty.
  14. Heisenberger by jabbadabbadoo · · Score: 5, Funny
    According to Heisenberger, my money is going to be both here and there. And if I'm to check my balance, the result will be inaccurate because I'm checking it up.

    Nah, back to those good ol' electrons.

    1. Re:Heisenberger by Nuklearwanze · · Score: 4, Funny

      well you have to decide: either know where your money is, or how much it is...

    2. Re:Heisenberger by mikeboone · · Score: 3, Funny

      Mmmm...Heisen-burger.

  15. So... by Kenja · · Score: 3, Funny

    So then the money has been both transfered and not transfered? That sounds like an argument waiting to happen.

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  16. How does it defeat repeaters? by Thinkit4 · · Score: 3, Insightful

    What I don't understand is why can't you cut the line and put in something like a repeater. When you read a bit, you change that photon, but then you just transmit a clean one with the same value (or maybe even change it to confuse).

    --
    -I am an elective eunuch.
    1. Re:How does it defeat repeaters? by einstein · · Score: 5, Informative

      because you wouldn't know which photons contain the data. as soon as you touch it, the other end knows it's datastream has been tampered with.

      This is a good overview.

      --

      I post links to stuff here

    2. Re:How does it defeat repeaters? by saddino · · Score: 4, Informative

      In order to "read" the photon, you will need to measure the polarization of that photon. But, due to quantum mechanics, as soon as you measure the polarization (for example, with a filter), you will in effect have changed its polarization, and thus its original, actual polarization will be unknown to you. And that's the trick. In essence, the message is "read once." Even if you happen to use the exact same filter as the sender, and read the original photon (and message) for yourself, you can not retransmit the photon with its original, actual polarization -- and thus your "clean one" will arrive at the destination as garbage (thus notifying the receiver that the message has been compromised).

      For more info read this primer.

  17. snake oil by Kallahar · · Score: 4, Insightful

    Bruce Schneier covered why quantum cryptography doesn't solve any security/secrecy problems in his December 15, 2003 Crypto-Gram.

    "It's like defending yourself against an approaching attacker by putting a huge stake in the ground. It's useless to argue about whether the stake should be fifty feet tall or a hundred feet tall, because the attacker is going to go around it. Even quantum cryptography doesn't "solve" all of cryptography: the keys are exchanged with photons, but a conventional mathematical algorithm takes over for the actual encryption."

  18. Why MIM doesn't work by gevmage · · Score: 4, Insightful
    I've seen a few presentations/demos on this. Basically the idea is the transmission runs on probability. Each photon has a certain probability of being lost. So the receiving station knows what the general frequency that it can expect, and if its not, the signal is being tampered with.

    The reason that the man-in-the-middle attack doesn't work is that by doing so, you introduce two sets of attenuation rather than one. If the message is intercepted and then re-transmitted, the message has now been sent through the attenuation cycle twice. This means that instead of the signal being modified by the original attenuation function, it's modified by the attenuation function squared, which is easy to distinguish.

    --
    Craig Steffen
    http://www.craigsteffen.net
  19. quantum jokes galore by TMB · · Score: 4, Funny

    Yeah, but filling out the slip for "1/sqrt(2) |deposit> - i/sqrt(2) |withdrawal>" is a pain, and thanks to the epoch of inflation my balance is now much smaller than the rest of the universe... luckily, even in an income vacuum my balance randomly jumps up, but only for REEEEAAALLLLYY short lengths of time. I've been hawking radiation for a while but everyone says it's just a two slit operation.

    Okay, I'm done now.

    [TMB]

  20. Re:How Immediate is Immediate? by mangu · · Score: 4, Informative
    Is this instantaneous? Wouldn't that violate the whole speed-o-light thing?


    Yes and no. (Well, we *are* talking quantum stuff here, aren't we?) Do a google for "bell inequality" and see if you can get anything from the results. Basically, the answer is , yes, it is instantaneous. And no, it doesn't violate the speed-of-light limitation because you cannot get any useful information transmitted that way. You see, there are two photons which are interlocked. The first photn came at the speed of light and it contains the information you are looking for. The second photon, which serves to validate the quantum key is redundant from the information point of view, it doesn't carry the bank account balance, it only serves to detect tampering in the system.

  21. The history of cryptography by Vlar · · Score: 3, Informative

    I remember reading a book all about the history of cryptography. It outlined the evolution of cryptograpy from simple albhabet substitutions to the concept of quantum cryptography. It shows all the pros and cons and weighs them against eachother.

    Excelent read for anyone interested in the field or just currious about it.

    ISBN: 0385495315

  22. Entanglement by ztirffritz · · Score: 3, Interesting

    As I understand it (according to Bill Bryson's "A Short History of Nearly Everything") entangelment does in fact violate Einsteins theory. It says that two entangled photons at any distance apart from each other will react identically instantaneously. **Notice** Instantaneously! That is faster than the speed of light. Einstein did not believe that this was possible, but experiments have shown this to be true, at least as we understand it. The part that impresses me the most is that someone devised a logic experiment that could determine the results with near certainty without altering the results. An excellent source for more information is the book "Mind at Light Speed", I forget the author's name. "A Short History of Nearly Everything" is also a great book which covers so many topics that it made my head spin.

    --
    Why doesn't anything interesting happen when I have mod points?
  23. (not any less oily than others) by griffjon · · Score: 4, Insightful

    First, Schneier really loves his stake-in-the-ground idea. He used it to describe cryptography in general in his "Secrets and Lies" book (which, IMHO, doesn't hold a candle to the quality of his applied crypto books. In fact, it feels more like a book-long commercial for his managed security business)

    Anyway, sure. QC alone ain't gonna help you. But if it's a stake in a ground that's part of a fence, it damn well matters if it's 100 ft tall vs 1 ft tall, or even 10 ft tall.

    Does it 'solve' security problems? No, of course not, because as many many many people have already said, in this post and in many other places, the way to defeat the best crypto in the world is to look under a keyboard and copy down the relevant password/phrase that the user wrote on a sticky-note there. (or other social engineering tricks)

    It does make security easier, as it prevents MITM attacks, requires (for now) specialized hardware, and provides really-tough-to-decode crypto. So, if you have the rest of your process working, yes, QC can help by being a more secure technology.

    But think of the inverse. OK, so, crypto is like a stake in the ground, it doesn't matter what size or where it is. So, let's all use DES, because it's an established standard!

    You are only as secure as your weakest link, obviously. You'd be stupid if crypto turns out to be your weakest link, as even not counting QC, there's lots of good, secure crypto processes available.

    --
    Returned Peace Corps IT Volunteer
  24. Hype by dnoyeb · · Score: 3, Interesting

    After spending an hour in the wikepedia I have concluded that this is all just hype. Quantum Cryptography is still only theoretically encrypted. It has not been proven yet because quantum mechanics is not fully understood yet.

    Furthermore, this is really just a Quantum Key exchange. So tack on whatever protocol you wish to use once you have the key. Quantum encryption is something that would require quantum computing first.

    Also please note, the quantum transmission is not even "secure." Its just that if anyone but you reads it, you are secure in the knowledge that you will know about it.

    At least this is what I have understood. Still hype. Notwithstanding, as science this is probably an advancement. Its just not what its being marketed as.

    1. Re:Hype by Anonymous Coward · · Score: 3, Informative

      No, quantum cryptography is unbreakable as long as the key is secure. A single missorting permanently randomizes all missorted photons/whatever, and as such not only is it impossible to try to break it more than once, it's impossible to try to break it without the receiver knowing that something is up. Quantum computing isn't needed in the least.

    2. Re:Hype by janbjurstrom · · Score: 3, Insightful

      I came away with a different understanding of what they did (granted, I only read the press release, pdf link; and I have just about no knowledge in quantum mechanics, so chances are I don't get it right).

      From the press release (emphasis mine):

      The measuring results are then converted into a string of 0s and 1s the cryptographic key. The sequence of the numbers 0 and 1 is, due to the laws of quantum physics, completely random. Identical strings of random numbers, used as the key for encoding the information, are produced both in the bank and the City Hall.

      The information is encoded using the so-called "one time pad" procedures. Here, the key is as long as the message itself. The message is linked with the key bit by bit and then transferred via the glass fibre data channel.

      I read this as, they not only exchanged keys, but in fact transmitted an encrypted message as well(?)

      On the interception/security issue, the press release says (again, my emphasis):

      Eavesdropping can be detected already during the production of the key before the transfer of the encoded message has even started. Any intervention into the transfer of the photons changes the sequence of the number strings at the measuring stations. In case of eavesdropping, both partners receive an unequal sequence. By comparing part of the key, any eavesdropping effort can be discerned. Though the eavesdropper is able to prevent the transfer of the message, he is unable to gain any information contained in the message!

      From what I read, a message cannot be stolen. If I understand this correctly, communication can be prevented (which is a weakness of course), but cannot be intercepted and decrypted by an eavesdropper. Am I misunderstanding, and/or are they possibly mixing theory with their actual accomplishment?

      --
      668.5
  25. Unwanted side effect... by chinton · · Score: 4, Funny

    Don't look to closely at your account balances, lest they become more uncertain.

  26. Au contraire by InvaderSkooge · · Score: 3, Funny
    The more money being transferred, the greater the uncertainty of the momentum of the money (for the same velocity), the more certain we'll be who has it.

    This principle is generally true in classical economic transfers as well: Bill Gates keeps having lots of money, but I only sometimes have money; I know I owe lots of money to my bank for student loans, but I only have a suspicion that my friend owes me 50 cents.

    --
    Erik
    YOU ARE SAYING IMPUDENCE TO ME! THAT IS IMPUDENCE!
  27. What A Feeling by FrankDrebin · · Score: 3, Funny

    It will be cool one day, imagining that for a brief moment, the photons, being in a superposition of states, *could* be transferring all the known wealth of the universe to my bank account. Sadly, when observed, minus service fees, it's probably only like a buck-fifty.

    --
    Anybody want a peanut?
  28. Quantum Cryptographic Communications & 1-time by chongo · · Score: 4, Informative
    I have seen several postings related to the "unbreakable Vernam / One-Time pad cipher". The Vernam Cipher, or one-time pad is not a the ''super-duper unbreakable solves all your problems'' cipher that some people think it is.

    Yes, Quantum Cryptographic Communications (QCC) can help with the requirement that the one-time pad must be transmitted in private. However the one-time pad cannot be reused so your key must be the same size as your text. Thus far, Quantum Cryptographic Communications is not a speedy high bandwidth form of communication. It might be OK to transmit a small key but to date it is not OK for sending, in a reasonable period of time, huge one-time pad keys that are as big as your original message.

    Another thing people sometimes gloss over about Vernam one-time pads is that your cipher is only as good as your random number generator! If you generate your one-time pad using the v7 libc rand(3) function your one-time pad is next to useless.

    Another important aspect of Quantum Cryptography (Quantum Cryptography is not simply limited to communications) is random number generation. Quantum Cryptographic Random Number Generation (QCRNG) is a useful tool in generating keys (one-time pads, block cypher keys, public/private key pairs, etc.).

    The importance of QCRNG goes beyond Vernam one-time pads. You want a cryptographically strong RNG such as a QCRNG when you generate your session keys. Sending predictable keys over a QCC protected link is next to useless!

    Now IF you have:

    • near perfect communication privacy (such as with QCC)
    • near perfect one-time pad generation (such as with QCRNG)
    • near perfect key management (one-time use, no leakage, destruction after use, etc.)
    • near perfect ... etc.

    then you will begin to approach the ''unbreakable cypher level'' that some people think you get with Vernam One-Time Pad Ciphers.

    --
    chongo (was here) /\oo/\
  29. It seems impractical by Orthogonal+Jones · · Score: 4, Insightful


    OK, I am not a believer in quantum cryptography for one big reason -- fiber loss. Someone please enlighten me if I'm wrong.

    The loss of standard single-mode fiber is about 0.1-0.2 dB/km. Therefore, unless the distance is short (as in this demonstration), the transmitter must send multiple photons to ensure a decent probability of providing the receiver with one photon.

    For example, if the span is 100 km long (20 dB loss), then on average only 1 out of every 100 transmitted photons will reach the receiver.

    The situation is worse for autocompensating quantum-crypto systems (e.g., polarization-based encoding), because the photons must survive a round trip through the fiber.

    Therefore, the relatively high power at the transmitter implies that an attacker can tap into the fiber near the transmitter, subtract (on average) only 1 photon, and remain undetected by the receiver.

    Furthermore, typical optical amplifiers add noise (3 dB noise figure for your standard erbium-doped amplifier). The added noise photons would screw up the link, so amplifiers are out.

    In the end, it seems to me that quantum crypto is good for table-top demos, and maybe for short jaunts across a metro area. But it is NOT absolutely perfect, at which point computationally difficult encryption is more attractive.

  30. Re:Quantum Cryptographic Communications & 1-ti by casehardened · · Score: 3, Informative

    You're missing the point here... Quantum cryptography _creates_ a set of 1 time pads that both the sender and receiver have. So, a fairly small one-time pad is generated, and then the data is encoded & transmitted over a fast line. This is why it's often referred to as QKD (quantum key distribution). For absolute security, you only send data encrypted directly with your key, which is slow, but can't be decoded by a 3rd party.