Slashdot Mirror
New Quantum Cryptography Speed Record
Roland Piquepaille writes "Physicists from the National Institute of Standards and Technology (NIST) have established a world's speed record for 'unbreakable' encryption with their cryptographic system based on the transmission of single photons. With this kind of method, messages cannot be intercepted without detection, meaning transmission is always safe. The NIST 'quantum key distribution' (QKD) system was used between two buildings located 730 meters apart for transmitting a stream of photons at a rate of 1 million bits per second. While it might not look very fast, its 100 times faster than with previous quantum distribution systems. This overview contains more details and references about information theory."
meaning transmission is always safe
Always is a powerful word. Nothing is totally secure.
-Tolerate my intolerance
It's just like morse code, just waaaaaaaaaaaay faster!
(it's a joke)
[Kirk] Fire photon torpedoes
[Scotty] I can't sir, the bloody computer's still encrypting a message to my girlfriend - I got no power!
[Romulans] b4w h4w h4w w3 0wnz j00!
[Kirk] W3 b3 0wn3d!
I always thought this process was over some sort of fiber, I had no idea it was through the air.
1,000,000 / 8 = 125,000 /1024 = 122.1
125,000
Not to bad for not using wireless undetectable (so far) encryption.
While Quantum physics certainly allows for scientific detection of observation (which would help you detect if someone is merely viewing your stream)
However, with all technology, this could be a common pocket-sized device some-day. So, would this not also fall under the problem of Man-in-the middle attacks? Read the quantum stream (eliminating the existance of said stream), and recreate the stream to the other point. This would create a delay, but without other forms of detection, it would not necessarily be as safe as wires... (as wires, at least, can be physically secuired. Hard to secure open air).
Kinetic stupidity has a new brand leader: Allen Zadr.
Wake me up when they get it going faster than the speed of light. Now, that would be a speed record worthy of a slashdotting.
This is the thing I don't understand about quantum cryptography(maybe someone can explain it to me). If someone were to try to listen in, would you still be able to read the information being sent? If not, wouldn't this make DOS attacks relatively easy? The information isn't any good if you cannot transport it.
Error -3647194 - An error occurred during the encryption of your file - Pigeon
Free Firefox news reader.
Farnsworth: "No fair! You changed the outcome by measuring it!"
:)
heheh
Any technology distinguishable from magic, is insufficiently advanced.
And the message?
fckil eht ghtlis fi uyo gte thsi !
The whole "unbreakable" thing is a little bit of a misnomer. Yes, you can detect if someone observes the transimission of the key, but that doesn't mean the encryption is unbreakable. In fact, it's not really encryption at all. It's simply a fancy type of secure, out-of-band key exchange. Once the key is exchanged, the parties will generally use it to key a symmetric algorithm like 3DES or AES. (At which point the encryption is only as strong as those algorithms...)
I realize I'm being painfully pendantic here, but when the self-proclaimed nerds start abusing a term, the general public is going to be hopelessly confused. (Think the whole hacker/cracker thing...)
Quantum key exchange is unbeleivably cool, but doesn't guanentee secure crypto. It just takes one of the weakest links in the chain, and makes it the strongest.
I don't understand all this stuff about quantam cryptography. Let's get to the core of the issue:
Can it help me download pr0n faster or not?
Read reviews of shopping cart software
This area really interests me, because it seems to fundamentally change the playing field regarding the use of encryption for simple privacy. Up until now, it has been a pretty safe bet that anything the Government (or Governments) wants to read, it can. Eventually most (all?) standard encryption can be broken with brute force,* and if there's one thing that governments have and like to use it's brute force.
*(yeah, yeah, your favourite open source encryption is unbreakable, I know, but come on, the government isn't going to enter any 'break this encryption' contests to show what a kewl ha>or it is and thereby advertise the fact that communications using said encryption are not actually secure, is it?)
However, with unbreakable encryption they can no longer just spend money until they are able to break it - it's actually impossible, they can't even intercept it. So it changes the situation in a quite fundamental way. Whether it's someone violating copyright between quantum encrypted locations, just talking without being eavesdropped on (you know, exercising their rights), or Osama and his friends planning the next September 11, it will be impossible to work out the contents of a communication.
I feel that over the middle-term this will lead to some or all of the following government responses:
- stronger laws allowing seizure of computers (i.e. the start and end points of an encrypted communication)
- even stronger laws about exporting or possibly even publishing information about this type of encryption 'in the national interest'
- laws requiring the divulging of passwords to law enforcement/intelligence officers with harsh penalties for a refusal to cooperate (this is already the case in some places I believe)
- possibly a lower standard of proof required before police/spies can act to exercise the above powers, in light of the difficulties they will have getting any evidence at all about encrypted communications
- an increase in 'why are you using encryption, are you a terrorist/communist/thought criminal or something' type rhetoric
What do others think? Does this really change the privacy landscape over the next 10-20 years? Will governments react regressively in the ways I suggest? How should pro-privacy people respond and fight such changes?
Read Pynchon.
The reason the man-in-the-middle attack fails is that in order to recreate the stream accurately, you need more information than you can accurately read from the stream at once. IANAPhysicist, so you'll have to google it if you want to know the specifics, but basically to read the datastream one must make a bunch of guesses. Now, Bob has the luxury of being able to guess wrong without problems, but a man in the middle must guess correctly every time or risk corrupting the datastream.
-Amalcon
Granted, it's only a single bit, but it might be the most important bit of the message.
More seriously, depending on the protocol, the evesdropper may be able to intercept many bits before the intrusion is detected.
For example, if TCP/IP is implemented over the QC stream, the intruder may be able to get an entire packet before the receiver sends a "Stop; we're being evesdropped!" message back to the transmitter.
(Maybe more, with TCP/IP's sliding window.)
If the entire message fits in one packet ("Attack at dawn."), then the message has been compromised.
One way to avoid this would be to use a comm layer lower than TCP/IP that ACKs each bit, but this could be slow.
Another way would be to use the QC channel to exchange very large keys, then use them in another encryption layer if eavesdropping has not occured during key exchange.
Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana
Even thought that in theory, the encrypted messages (or whatever is sent) can't be read, you still have the problems before and after encryption. ...
/joda
Especially these days with worms and trojans affecting even the most _secure_ environments (*bad memories about some american nuclear power plant*). You can expect someone somewhere to get some spyware or keylogging-thingie onto a sender or reviever's system. (or sometimes even enough with just getting it onto the network on each end in question.)
I recall visiting a webshop somewhere who sold a small (read less than half an inch) plug, which you put in between the keyboard and the comp, which could log several megs of typed in text. Later it's just to harvest
Maybe I'm just paranoid, but if you can't trust your coworkers 130% in these cases, you're still toast unless you put the machine (and yourself) in a vault and throw away the key.
Buy all your crazy japanese videogames from
is human.
while it's true that cryptography like this improves security, those encrypted messages are still transmitted between people, and people are not corruption-proof.
Aaahhh! and it runs Linux. Mod me up.
("We are currently using a Linux operating system with custom drivers for the boards.")
17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
Perhaps when somebody eavesdrops, a cat is killed?
Or does the universe split in two, one in which the eavesdrop has occured, and one in which it has not?
Here's what I do: Bitty Browser & Andromeda
To crack the Curse of the Bambino for the Boston Red Sox.
That's essentially correct: there is more information inside a quantum system than anybody can measure.
Quantum Cryptography: Privacy Through Uncertainty
Here's how I think about it as a computer programmer. Newtonian+Maxwell physics are like C data structures, where every member is public, and an experimenter can 'get' and 'set' arbitrary values. But quantum objects are like O-O objects: the internals are private; the objects have methods; and you can only use the methods; and there are no raw "set" and "get" methods!
So consider an electron with a 'measure_position' method and a 'measure_momentum' method. Calling e1.measure_position() affects the internal state of the electron (there are no const methods in nature -- everything you do to measure an object affects the object).
QC is based on the construction of quantum objects where there is no set of method calls that are sufficient to create a second object which is indistinguishable from the first one. In the Newtonian universe, you just memcpy() more objects, but in the quantum world, there is no memcpy() -- there are only the object methods found in nature.
Not to pile on to the other posters, but:
As has been elucidated elsewhere here, the physical nature of QC prevents eavesdropping because of the nature of quantum mechanics. Traditional cryptography is based on bits, as you are no doubt aware; bits exist in purely binary format.
Quantum bits, or qubits, on the other hand, are physical photons, not binary data, and as such, they exist in several states at once; you might have a single qubit that is right circularly polarized, or left vertically polarized. The point is, you have far more to work with than a single binary digit -- theoretically, since the mechanical equations are complex (in the mathematical sense), you have an infinite number of possible values for any one qubit. (This is the quantum principle of superposition, btw.)
What this means is that you can send a photon of light polarized in a particular fashion to represent an ordinary bit. If your partner on the far end uses a polarizer to "read" your photon, he will either affect it or not, depending on whether his polarizer is oriented in the same direction as yours.
So what you ("Alice", in crypto-speak) do is, you randomly switch polarizers on the photon you shoot towards Bob, your crypto-speak partner. Now let's say that Alice uses "up" and "down" as her binary states, and that she alternates random polarizers of vertical or diagonal condition. Vertical polarizers don't affect vertical particles; diagonal ones do. (I think.) Therefore, when Alice polarizes vertically, the original state is unchanged, but when she polarizes diagonally, the original state changes.
Moreover, when the diagonal polarizer changes the data, it does so randomly. This is a basic principle of quantum mechanics; the vertical photon can become EITHER northeast-southwest OR southeast-northwest (the two diagonal states), and until it is measured, it has an exactly equal chance of becoming either when it is polarized. So what Bob sees on the other end is a seemingly random collection of vertical and diagonal data. And if, in combination with alternating her polarizers randomly, Alice randomly alternates her original data between vertical and diagonal states (again, choosing one of the two binary diagonal conditions to be "1" or "0"), then her data is impossible to detect.
Or is it? Because, of course, Bob has to be able to read it. So Bob slaps on a polarizer of his own, again, randomly alternating them. So some of Bob's polarizers will match Alice's, and some of them will be different -- about 50% of the time, they'll match. And if Bob's polarizer matches Alice, then the original data can be reconstructed, since we know how polarizers treat photons.
So how does Bob know if Alice and he have the same polarizers? Simple. He calls and asks her. They go through a list of each photon (usually several thousand, although there's no reason why it couldn't be millions) and compare polarizer choices. Those that match, they keep. Those that don't, they toss. They'll have, on average, about half the original data left -- and that becomes the basis of the secret key for their traditional crypto transmission. (Because you toss out so much data, you can't really use quantum to transmit plaintext in itself.)
But wait, you say. Since Bob calls Alice over the telephone (gasp!) or uses email (horrors!) to request and send his polarizer data, couldn't that be obtained by an eavesdropper? Sure. It's virtually guaranteed to be intercepted. But so what? Eve can't do anything about it.
Let's say that Eve gets in the middle of the exchange and puts in her own polarizers. (Since that's the only way to read the data.) Now, she doesn't know which polarizer Alice is using at any one time, so she has to randomize them herself, just like Bob. And if she guesses right, she will not affect the data that Alice is sending Bob. The problem, though, is if she guesses wrong. At that point, she changes the data that Bob reads.
So when Bob and Alice compare their dat
Hacker Rule #1: Everything can be hacked.
The Quantum Man In The Middle
To prevent the man-in-the-middle attack where a photon is intercepted and an identical photon is transmitted in its place, the sender and receiver rely on a very tight window in time. Any photons received outside that window are rejected. If you want to grab the quantum secured key, why not put a receiver in the middle that emits a quantum entangled photon? You intercept the sender's photon, and once you know its state you can change the state of the captured photon so its entangled twin has the same quantum state as the intercepted photon, and arrives at the correct time. You essentially use quantum entanglement to change the state of the imposter photon while it's in transit.
Quantum Brute Force
Quantum computing is emerging almost as fast as "quantum cryptography" (actually "quantum tamper resistant key transmission"). In the near future a good quantum computer will be fast enough to quickly break today's strong encryption. This is the same old game of making sure encryption is just strong enough that commercial users can't crack it but governments can. It's a moving target. Make your own VERY secure encryption algorithm that jumps fifty years down the path of Moore's Law. Add 32 bits to your key and you're secure. That'll piss off your government. So will tying up several hours on their massive supercomputers to learn that you used your favorite commercial encryption algorithm to send your grandmother's cream candy recipe to an internet cafe in South Africa. I'd never do that, but I'd be very tempted to send The Constitution and The Bill of Rights.
>> My ultraviolent Linux switch video.