Slashdot Mirror
EU To Counter Echelon With Quantum Cryptography?
jfruhlinger writes "An article on Security.ITWorld.com seems to outline a coming information arms race. The European Union has decided to respond to the Echelon project by funding research into supposedly unbreakable quantum cryptography that will keep EU data out of Echelon's maw. Leaving aside the question of whether such a thing is possible, the political implications are troubling, indicating a widening rift within the Western world. Interestingly, the UK is part of the EU, but its intelligence services are among Echelon's sponsors."
All the US intelligence services have to do is routinely moniter the lines encrypted with quantum cryptology. Such cryptology would be completely useless in the face of this kind of jamming and the countries would be forced to use standard transmission open to eavesdropping.
there cannot be a counter to quantum cryptography itself (it would be against the laws of physics assuming the cryptography is implemented correctly), there can only be a work around based on some other link in the communication chain.
Monyk believes there will be a global market of several million users once a workable solution has been developed. A political decision will have to be taken as to who those users will be in order to prevent terrorists and criminals from taking advantage of the completely secure communication network, he said.
And exactly how are they going to tell terrorists from normal workers at a company where they installed this crypto thingy? Of course, the admins could monitor the users, but that would kind of defeat the purpose of the encryption in the first place.
Also, how are they going to implement this? Will they have to replace/addparalell all the current infranetstructure with new photon-cables or something?!
Existing protocols often have human weaknesses, though, that can allow keys to be compromised.
Preventing eavesdropping of even the ciphertext reduces the loss if the adversary gets a key.
True, it can't possibly be disturbing that the EU does not want the US spying on them after the US misused the trust completely during incidents like the Airbus/Boeing scandal.
You can't possibly question the motives of a country trying to protect against spies from friendly countries, when those friendly countries actually ARE spying on them.
Is this just 'security through obscurity', or was there something else involved.
I'm a pro-European, but we have to make the EU more democratic. The fact is that the members of the EU have already given up large amounts of their national sovereignty (because EU members must implement EU directives). This in itself is not necessarily a bad thing, as long as EU law is created by democratically elected representatives at the European supra-national level.
I have a feeling, if the population get a say, we will be out of Europe completely, the gates of the country will be shut, and the key thrown away. The British public is controlled by the gutter press (Mail, Times, Express, Sun) who are all vehemently Euro-sceptic. Well, controlled is too strong a word, but all the stories in those papers are anti-EU, anti-immigrant, anti-everything except good ole British values, like taking over half of the world.
And calling Britian the 51st state is just wrong. For a start, most of us object to the US, and so do most of the Foreign Office. The sympathy to the US is due to long standing ties, like us running you, and the fact we speak the same language. We try and imagine ourself as a bridge between the two continents. Not that that really works...
Treason doth never prosper. What's the reason? For if it prosper, none dare call it treason.
I predict that within the next 10 years we will be living in a new dream. A nightmare of biometrics and photographic detection. They won't just know what you are saying over the phone, email and teletype. They will know when you jacked off and whether or not you swallowed it.
... supposedly unbreakable quantum ...
It's based on the fact that you can not clone a quantum state. That's a law of nature and not some opinion. That means Quantum Cryptography is unbreakable. Period. (The implementation may be breakable but the underlying principle is 100% safe)
This is only true using a full-keyspace brute force attack. The NSA was at least 20 years ahead of the academic world in discovering linear cryptanalysis. This is why they asked IBM to change the sboxes in DES, but wouldn't say why. The result was that DES was using an sbox from a fairly small subset of possible sboxes that resist linear cryptanalysis, but we didn't know it for another couple decades. Imagine for a minute that the NSA had a technique that cut the effective key size by a factor of 4. You can brute force attack that. There might even be polynomial algorithms for it, taking advantage of mathematical properties that only the largest employer of mathematicians in the world knows about.
We can't even be certain that the NSA doesn't have quantum computers, although this is less likely. When your attacker has a non-deterministic computer, you're fairly screwed on finding an algorithm that can be efficiently encoded and decoded on deterministic machines while taking extraordinarily long to decrypt without the key. The only saving grace here is that a quantum computer may not be a general non-deterministic machine, so there may be some things that a non-deterministic machine can do that a quantum computer cannot. To my knowledge, the equivalence between quantum computers and non-deterministic machines has not been proven either positively or negatively. I'm sure the NSA knows though.
WARNING: there is a trojan on your
It's a farce. The European commission has agreed to a treaty which allows European airlines to convey 34 attributes of each passenger to the US authorities, which would otherwise be prohibited by European privacy laws. They spin it like the agreement is an improvement because now there are clear rules what the US can do with the data. WHY THE FUCK DO THEY GIVE THEM THE DATA IN THE FIRST PLACE? Who cares what Echelon can get at when we happily agree to violate our own privacy laws just to ensure that the US knows more about us?
Tony wants to be at the centre of the EU, and so do the Lib Dems. I've no idea what the official Tory line is this week, nor how many of them support it, but there's a very solid majority in the House of Commons pushing a pro-EU agenda.
And the UK isn't spying on us?
From what I understand they are, but its scarier than you think. The US is not, in many instances, allowed to spy on its own citizens, so it makes use of any ally to do it for them. This means they get round any privacy issues. In return the US spies on the UK to give the UK information on their own citizens.
This based on what I have been told. If anyone has anything to prove or disprove this, please share here.
Jumpstart the tartan drive.
Quantum cryptography has a cool name, but in practice, it sucks, at least its current implementations. It's not end-to-end by design (you can't have a direct fiber to everyone you want to communicate with these days, after all), and so it's easily regulated. It's expensive. It doesn't solve key management problems, and the installations that have been publicly described so far are extremely vulnerable to man-in-the-middle attacks.
If I believed in conspiracy theories, I'd say that the NSA is luring the EU towards unavailable and untested quantum cryptography, and away from commercially available, tested, reliable and rather secure conventional crypto products. Actually, the quantum crypto recommendation (whether it's contained in some EU documents or not) is the result of a pretty slick PR (and lobbying) campaign.
I remember over a decade ago when I actually worked in a business in which we were espionage aware, that the number one espionage problem in the US was the French (followed by the Chinese, and then a laundry list of European countries -- including the UK), the French being primarily interested in stealing US weapons technology and listening in on business deals they were competing with. Which was primarily a business move; along with the Russians and the US, the French are one of the world's major arms exporting countries and they have to compete with US designed weapons on the open market.
Everyone spies on everyone, and for varying reasons. The French actually used to have one of the most aggressive intelligence services on the globe, disproportionate to their size and geopolitical importance, which some people find surprising. I don't know if it as large today, though. But this is nothing new, and all the governments understand that this goes on. As long as it doesn't get out of hand, it is tolerated between countries that are nominally friendly.
Widening the rift between covert collusion in transnational organizations is good for everyone (except the inhuman spooks who sell us out for each other). A constructive EU/US competition will keep us all freer, fighting to attract the more mobile and constructive elements of one another's populations with offers of better lives.
"Good fences make good neighbors."
- Robert Frost, "Mending Wall"
--
make install -not war
Actually it's the other way around: You CANNOT build 'quantum' repeaters, and switches/routers would be pretty hard without being able to read the stream(reading it would change the data inside the stream, which is a big no-no).
You may be right, but CANNOT is pretty strong language. I can see that one cannot "read" the data without collapsing the wavefunction, but I wonder if one cannot create further entanglements that copy the information or otherwise permit manipulation of the data streams inside a sealed Schroedinger box.
This means it's a point-to-point solution without any intermediaries. Only the receiver's hardware can read the quantum channel. So no, the quantum channel is not vulnerable to snooping at all.
This is why quantum encryption is useless. It only works if both the sender and the recipient happen to have a dedicated quantum-fiber hardline between them. With no way to switch or route a connection, the system needs O(N^2) lines that connect every possible sender to every possible recipient.
Remember that only the key is exchange on the quantum channel, the rest is done over normal classical channels.
Hmmmm.. . I'm now imagining a franchise retail operation (McQuantalds? PhotonBucks?) that lets two people exchange private keys that they then use for communications on the normal internet. A limited number of franchise outlets could maintain a full complement of secure connections to other outlets.
Yet the system is still vulnerable at the edges. Anything between the magic quantum modem (an entangler/de-entangler or enden?) and the user is the weak link -- being vulnerable to all manner of attacks and snooping (keyboard loggers, backdoors, etc.). The quantum stuff only secures a fraction of the channel.
Two wrongs don't make a right, but three lefts do.
but there is an incredible amount of information that will still be passed along by ordinary channels for many years to come. Something as simple as a scientist emailing his parents can tell you what where he is, so unless all personal data is encrypted as well it will only slow the spread of secrets.
Once quantum encryption is rolled out for the average person it might limit the spread of secret information, but of course it may be that camcorders the size of an insect will be in use, and data can't be encrypted when a person reads it. They already have devices that can read the keypresses on a keyboard and the text on a screen by the reflection from a wall (the scan line flicker of light and dark is too quick to catch for the human eye, but can be read by sophisticated electronics). A few more years and they are as likely to be commonplace as quantum encryption.
As other people have said, these were the Navajo code talkers, and for the most part it was encryption through obscurity. Navajo was a difficult language to learn (as I understand it) and naturally the Japanese did not really have a great deal of access to any Navajo speakers. Additionally the language had no written component so there were no books on the subject that someone in Japan might have happened to have had.
Additionally there was some encoding done. Partially this was because there were no Navajo words for 'Tanks', 'Fighter Planes', 'Bombers' and such and partially for enhanced protection. One article about the code talkers that I read about a year ago said that the Japanese did manage to capture at least one Navajo speaker. However the man was not a code talker and as a result even though he could tell them what was being said the Japanese were unable to make sense of the messages.
According to the story the Navajo was killed, most likely during interrogation because the Japanese did not realize he was not a code talker. If he had remained a prisoner the Japanese would probably have been able to start work on a 'dictionary' to attempt to crack the Navajo code.
of QC, is that you can jam the transmission by just looking at it? ;P
I know you are psychotic, but please make an effort.
I think that probably *is* the current situation in many countries (PRC, DPRK, etc.) but we in the US are well protected from that, even in Ashcroft's dreams. It would directly violate two separate amendments and there are still a lot of separate factions in the government that all want to be able to do this unrestricted.
No, I think a more realistic scenario is government pressure on corporations to build tools with easy to use encryption that is easily cracked or government crackable (i.e. key escrow) to give people a false sense of security. Once those protocols are in place, we'll have an MS-Office type situation -- those of us who know better will be paralyzed because of the market saturation of the inferior technology. (SSH? What's that? I have HomelandSecuritySH...)
* And remember, it's spelled N-e-t-s-c-a-p-e, but it's pronounced "Mozilla."
It's a typical American way of thinking. See, America does what it wants -- America is always Right, after all -- and if you try to defend yourself against it, you're the one who is, in fact, committing an offensive attack. You're probably a terrorist, too.
So, America wants to spy on you? You better let them, and you might even want to thank them kindly for going to all the trouble, otherwise it's you who is "causing a rift" or increasing "diplomatic tensions."
America invades your country and you decide to defend yourself against them? Well, now you're a "terrorist" or a "dead-ender" for the former regime.
Fortunately, America is kind -- they don't reserve this torturous logic just for themselves, they occasionally let their really close allies in on it, too. In October, 2003, Israel launched an airstrike against Syria, violating a sovereign country's terroritial borders, all because they claimed there was a "terrorist camp" somewhere in Syria. America's response? Syria had best not respond, and it was their fault anyway for making Israel's actions "necessary" in the first place!
Liberty in your lifetime
And in between the two was the Parche SSN 683, the ultimate spy boat. She was much smaller than a 688 (LA) class boat (60 ft shorter), could handle better in shallow water. My roommate in New London got orders to her in '77, and had to go through the proceedure to get a Top Secret clearance. Just to be an A-ganger (auxilliary, non-nuclear equiptment, like hydraulics, trim and drain, atmosphere control...). Then in Dec. 78 my boat got a new skipper who had been XO on the Parche. He would barely admit she existed. Our XO then had been the Chief Engineer with him. I wonder which Atlantic boat did special operations for awhile after that?
Been there, done that.
Professional Politicians are not the solution, they ARE the problem.
Thank the US of A for:
- lying to the UN
- inaugurating a hedious new concept: "we'll atack you first, because we *think* you want to attack us": the pre-emptive war
- going to war alone (oh, look at a list of their coalition (take out important countries: Japan, Holland, Spain (pulled out), Italy, Denmark), you got: Guatemala, Tonga, Estonia, Albania, Slovakia, Romania, Bulgaria, Dominican Republic, Eritrea, Uganda, Rwanda, Kuwai, Iceland, and some six or so I forget to mention).
- reduction civil liberties *and the North Americans accept it!*
- a government in a western democracy has "thieves in high places": shady deals with former corporations they used to work on. Reaction: none. The American public is a potat0-chip-munching braindead nation.
- And now...TORTURE OF PRISIONERS!
Conclusion: The US of A is *the most dangerous country in the world*, and there must be some deterrence.
So the corollary is that you'll begin to see, from now on, a "new cold war", this time: US x a lot of nations around the globe. Any hope of winning the fight against the TWAT? No, none, hate is too widespread.
Suggestion: Watch a documentary called "The Fog of War", with Robert McNamara and fucking *learn!*
Sadly there has been recent historical evidence of the "Intellegence" services keeping files on not only Terrorists, and dissidents, but members of congress and political opponents. If we look at the secrecy policies of this current US adminstration (which has classified more documents than any previous administration) and their quick willingness to circumvent our own laws as well as international laws for their own view of "security", you would see that we do have something to be afraid of.
If you look at the intellegence gathering culture that started in Guantanamo and spread to Afganistan and ended up in Iraq, where thank God they were caught and exposed. Not only for the sake of those people being tortured by our military but for us and for the reputation and good name of the US around the world (it will be 100 years before we can hold our heads up internationally again). The people inside the secrecy barrier don't care if you are innocent or guilty, they will "soften" you up to see. Maybe you have something to tell maybe you don't. Maybe your a terrorist or maybe just an innocent caught in a raid. Lets strip you naked and set the dogs on you and worse and point and laugh and take pictures.
This is the culture that is controlling the intellegence gathering. You trust these people to do it right? Just hope to God that you don't have a name spelled close to someone on there list. Or someone on their list punches a phone number in wrong and rings your phone, or that you speak out against the practices of this government. You will get on their list to stay.