Slashdot Mirror
EU To Counter Echelon With Quantum Cryptography?
jfruhlinger writes "An article on Security.ITWorld.com seems to outline a coming information arms race. The European Union has decided to respond to the Echelon project by funding research into supposedly unbreakable quantum cryptography that will keep EU data out of Echelon's maw. Leaving aside the question of whether such a thing is possible, the political implications are troubling, indicating a widening rift within the Western world. Interestingly, the UK is part of the EU, but its intelligence services are among Echelon's sponsors."
What I do is send meaningless emails with high encryption to my friends in China. I figure that the NSA may as well spend countless CPU cycles finding out that I just installed the Guild Wars E3 demo rather then on important stuff.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
The Whitehouse just issued a press release stating that, "Quantum Mechanics is now officially part of the Axis of Evil".
In other news, a significant minority of people in the EU have already switched to an unbreakable real-time encryption technology, transmissible through the open air. External experts are at a loss; the NSA has made no headway whatsoever against this new threat.
What is it? It goes by the name 'French'...
Interestingly, the UK is part of the EU, but its intelligence services are among Echelon's sponsors.
The UK has its butt sitting on 2 chairs. On one hand they sort of behave like a US state, with Tony as governor, and on the other as a half-willing EU member, in large part thanks to Mrs Thatcher. One of these days they'll have to decide which continent they want to be part of.
And I have a feeling that, if the population has a say, they'll embrace the EU eventually. Of course, the population rarely has a true say in any country though...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
One has to wonder why we call it Quantum Encryption when it really has nothing to do with Encryption. From the article:
The aim is to produce a communication system that cannot be intercepted by anyone
If I understand their intent, they plan to use concepts like Quantum Entanglement to ensure that communication is shared only between the entangled particles. This is a very different concept from using the properties of Quantum Mechanics to scramble information in a reversible manner or creating computers capable of super-fast calculations.
Javascript + Nintendo DSi = DSiCade
that the US spies on its "friends" in the first place.
It may be naive, but if you want respect you have to give respect.
If there is a "growing rift" in the Western hemisphere, who the fuck do you think is responsible for this -- the ones who are pissed off about the eavesdropping and are trying to do something to stop it (and think for a moment about the fact that they're trying encryption rather than attempting to convince the US et al. that it's a Bad Thing...what does that tell you about their chances of actually convincing anyone to stop anything?), or the countries and intelligence agencies that decided this was acceptable in the first place?
Sorry for the shouting, but this intellectual coyness does not become you.
Carousel is a lie!
Also, I don't think people realize how strong cryptography is today. There are cryptographic methods available to the public at large (such as RC5 and PGP) that are proven to require more computing power than is theoretically possible in the universe. Not just more computing power than is possible with current hardware, but the theoretical limits of computation given the entire resources of the universe. So really, it seems that a lot of ignorance is at play here, and I would hope someone clueful in the EU informs their EU government before they go off and waste a whole lot of taxpayer money on such a foolish project.
Software piracy is victimless theft.
As someone who lives in the UK, I think our stance on this is ridiculous, and a legacy of WW2. We're an important and influential member of the EU, and the last couple of years should have made it obvious that a close relationship with the US damages our relationship with the rest of Europe (and the wider world) and only benefits the Americans. In the post Empire world, Britain's role is as a democratic and decent European nation. We should not support pre-emptive war or the Israeli's mistreatment of the native Palestinians.
Oi, Blair! Sort it out.
Sigh.. OK, it's a troll, but someone has to bite.
a. Quantum crypto is invulnerable to a monkey-in-the-middle attack. Poorly implemented SSL is vulnerable to MITM during key exchange.
2. It is widely accepted lore on the Internet, and strongly suspected by respectable people, that there exist quantum computing devices capable of factoring extremely large numbers. If this is true, any form of public-key crypto goes to shit.
iii. Part of the problem with cryptography is that it does nothing to hide the source and destination of the data exchange. In theory, a secure quantum crypto system can't be tapped in the first place, so in theory, sender and reciever are anyonymous.
IV. H.323 is for godless commies.
RSA 2048 is pretty much unbreakable, if they really cared so much about Echelon (which IMHO is a disgusting thing), they'd simply make it standard. The main advantage is that minor changes would be required to the existing infrastructure.
The Raven
In regards the US experience:
WWI - the Belgian mistreatment was deplorable, but what drove the US into this war was the unrestricted submarine warfare and such stupidity as the Zimmermann note. There were no mutual interests really - Wilson tried to be almost quaintly fair in his peace terms which were summarily rejected by the rest of the Allies with their millions of corpses. Wilson came back, had his stroke, and that was it for internationalism in the US. Back to sleep...
WWII - We stayed out of the war for three years. I'm not going to say there was no sympathy for Britain, but there was no desire to get embroiled in a war anywhere. Even the sinking of US ships in the North Atlantic was insufficient: it required the attack at Pearl Harbor to drive us to war. Even then, there was no real solidarity with Europe. There was a job to be done, an danger to be eradicated. We did this, and formed the UN in an attempt to deter future war. Based upon formulae agreed upon at Yalta and elsewhere, we occupied the former Axis and maintained some troop strength there, which would not previously have been a normal American thing to do.
Cold War - The Cold War was once again fed by fear of Soviet aggression rather than any kind of solidarity with Europe. We assumed that fighting the Communists would be better done in Europe than on our own shores.
Now, please note that these events were similarly perceived elsewhere -i'm sure no British patriot thinks that us taking a pass on WWII for 3 years while they got pounded was a good idea, for instance.
My point simply is that US interests are not congruent with those of Europe and very likely never will be. Immediacy of threats has masked this for a long time , but it should not be mistaken. There never has been any kumbaya singing going on at either side of the Atlantic.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
If conventional encryption and transmission is deemed sufficiently secure for transmitting the messages, a quantum exchange of keys does not add significantly to the security of the communication. It would surely be easier and cheaper to organize physical transfer of one-time pads than to install all the necessary infrastructure to support the key exchange.
The EP were obviously taken in by buzzwords, but at least the research will advance the state of the art.
flossie
Write now. Defend liberty
The weakness in current encryption/communications systems isn't in the encrypting algorithms, which have withstood the serious efforts of some top-flight mathematicians to bust them. Nor is it necessarily in traffic analysis; keep a line open and transmitting bits 24/7. Isn't hard to design the system so the intended recipient can tell when the "random" bits start a message. Nor is the weakness in key transmission, at least for governments: lots and lots of really long keys can be transported on CDs well in advance of need. The weakness remains where it has been in recent years, with the people using the system, and with keeping their computers out of unauthorized hands. Going to quantum methods doesn't change get around this weakness. From what I see, the benefit of quantum crypto is the ability to make message tampering evident.
Tony wants to be at the centre of the EU, and so do the Lib Dems. I've no idea what the official Tory line is this week, nor how many of them support it, but there's a very solid majority in the House of Commons pushing a pro-EU agenda.
Perhaps, but then again, how many respected Nazi researchers believed that the allies had cracked the Enigma code?
It was not unreasonable for them to have suspected so. The integrity of Enigma relied heavily on keeping the machines and codebooks out of allied hands - had the Germans known that the allies had managed to get ahold of those things, the impressive effort of Turing & co. to go the last bit would not have been inconceivable to his German counterparts.
If the NSA can really crack any of our modern cryptographical methods, then they are at least forty fifty years ahead of the rest of world in both mathematics and computing. Is that conceivable? And if they are, then they can't really do anything with what they find anyways, since they would have to spend most of their energy keeping the secret.
Basically you are trying to score cheap points (read karma) but making a comparison that doesn't hold, but that plays on peoples emotions. It's the equivalent of responding to any comment advocating avoiding war with: "That's what Chamberlain thought."
Sorry to disapoint you: you are wrong. Let me explain a bit.
First, it's not Quantum Intrusion Detection. It's Quantum Key Distribution. It allows 2 people to exchange a randomly generated key as long as the message, used in a one-time pad scheme.
They trick is that the exchange of the key is unconditionally secure. Not only does it tells you when part of the key is intercepted, it also 'aborts'. The only thing an eavesdropper can do is to prevent you from communicating. If the communication is successful, then no one eavesdropped or got enough information on the key to jeopardize the exchange.
This is the beauty of it.
So no, it's not Quantum Encryption per see, as the encryption is done in classical term using one-time pad method, but it's not Quantum Intrusion Detection either. It's a very ingenious mix of both quantum and classical method which results in an unconditionally secure method of encryption.
And, I'd have to talk about Gilles Brassard(he teaches at the "Universite de Montreal" where I study). about stripping his degrees, as he's the co-inventor of quantum encryption and computing in general. I think he'd laugh but agree that Quantum Encryption is the resulting solution, not the means. "Encryption using quantum principles" might be more revelent, but quite longuer. Quantum Key Distribution is my personal favorite.
Everyone--from good hearted people to downright argumentative trolls--misses the point on spying.
I don't care about online privacy. I'm not worried about government spooks sifting through my e-mail or web surfing habits and finding out that I like brunettes with long legs, long hair, and almond shaped eyes. It really doesn't concern me. If it were some supercomputer sitting in a back room chewing through e-mail looking for "homicide, suicide, terror, assassinate, secret, password, 9/11" or some other stupid set of keywords or tracing kiddie porn that'd be fine by me. At least until the anti-pr0n people decide that moral righteousness has no bounds and start coming after willing adults with no real sex life and a speedy net connection.
Face it. We live in the real world. People in power let it go to their heads and they often use it for purposes other than those in which it was given to them for.
What I'm worried about is that the guy down the block is an FBI agent. Or CIA. Or NSA. Or some local politician who knows one. One day I'm walking down the street and a candy wrapper drops out of my pocket onto his lawn. Now this guy is such a straight laced Bible thumping tight a__ POS that he uses his political muscle to find out who I am and begin harassing me. "He dropped a candy wrapper on my lawn! He's a litterer! He's no good for society! Besides, I saw him carrying home a six-pack of beer! He must be an alcoholic as well!"
Where's the check and balance? There is none. Who could prove it? No one. Who can stop it? No one.
Echelon, Big Brother surveillance, the Anti-Terror bill. They all suck for the same reason that the Windows registry sucks: there's no way to secure them from people misusing them to hijack the system.
+++ATHZ 99:5:80
Mrs Thatcher was distinctly anti-Euro, apart from free trade and good relations which follows the last referendum the UK had. It was the Major years (Maastricht treaty and in then out of the ERM) followed by Blair who pursued the closer ties.
Despite being promised a referendum on the EU constitution (which is a woeful hack of previous revisions), the British public hasn't been given a date on it... and the trust (read as 'lack of') I have in Blair is as such that he would do the referendum after the point of no return (sorry people if you voted 'no', it's too late now!).
I for one would like the closer ties with Europe (i.e. what we have now), but what is proposed I think is too much too soon... and there are too many problems which really need sorting first (red tape, beaurocracy, politicians voting in new laws when they have no clue as to what they are, etc etc). Added to that the majority of the British public need to know exactly what is going on, and what will happen before we're even semi happy with it.
I've always been of liberal views and what you would call a floating voter, but I wouldn't trust the Lib Dems (almost wanting to powershare with Labour, no real manifesto), I definately don't trust Blair.... but despite his previous convictions I think the Conservatives are in a much stronger position with Howard (especially regarding party unity).
Maybe the biggest problem that'll hit us in a couple of years is the national debt (where the conservatives saved a crap load of money by taxing the country half to death - mind Labour were happy to add to that) and the housing prices/issues, add to that the amount of money being literally thrown at the NHS is a nice little ticking time bomb that I'm not looking forward to going off.
Anyway, most opinion/info in this post is AFAIK and is open to correction/counter viewpoints... as they say (damn this zippy led US keyboard), just my 0.02 UK Sterling (yes I do know about character map, I just can't be arsed!).T-Kir
Are you local? There's nothing for you here!
Well, I won't say you're a troll, but probably missinformed.
Quantum cryptography has a cool name, but in practice, it sucks, at least its current implementations.
Ok, that's right. But it sucks not because it's flawed, but because it's too slow to communicate with yet(well, to create the key actually).
It's not end-to-end by design (you can't have a direct fiber to everyone you want to communicate with these days, after all), and so it's easily regulated.
More current implementations use 'wireless' quantum channels in open air, so it isn't restricted to fiber only. I agree that you won't have consumer implementation before at least 8-10 years, but if a big corporation or government wants to use it, they will be able to in the near future.
It's expensive.
Sure. Is there a new technology that isn't expensive? Is that incentive enough to stop developing new ideas and such? No.
It doesn't solve key management problems, and the installations that have been publicly described so far are extremely vulnerable to man-in-the-middle attacks.
WOAH! Until then it was ok, just some argumentation problems, but this is pure outright missinformation. I don't know where you read that, I'd like to know.
First, Quantum Key Distribution is there to SOLVE key management problems related to one-time pad methods. The first and foremost goal of quantum encryption is to remove the logistic problems of one-time pad. So, you are wayyy off on this one.
Second, QKD is unconditionally secure, and that includes man-in-the-middle. I doubt current implementation are "extremely vulnerable" against that attack, unless you have some proof to show, I'd be interested to know.
If I believed in conspiracy theories, I'd say that the NSA is luring the EU towards unavailable and untested quantum cryptography, and away from commercially available, tested, reliable and rather secure conventional crypto products. Actually, the quantum crypto recommendation (whether it's contained in some EU documents or not) is the result of a pretty slick PR (and lobbying) campaign.
Well, I can't argue about tin-foiled hat arguments, hehe. The problem with conventional crypto methods is that they are breakable in the absolute, and the Echelon program is certainly the one who is able to achieve this feat. QKD isn't. This is the main point in favor of QKD, especially when you want to protect yourself against Echelon.
There are two fantastic well-researched books that anyone who wishes to truely understand Echelon needs to read:
Body of Secrets: Anatomy of the Ultra-Secret National Security Agency" by James Bamford is a fantastic history of the NSA from the end of WWII to the present. If you read this book you will see that the idea that the NSA is spying on UN delegations is really a given...in fact one of the primary reasons the US wanted the UN to locate in NYC is to allow easy interception of diplomatic communications. This author uncovered many amazing Cold War programs and anticdotes and presents them in fascinating form.
The second book is "Blind Mans Bluff: The Untold Story of American Submarine Espionage"
by Sherry Sontag, another fantastic book of solid research and good story telling, a large amount of it revolving around underwater communication wiretap activities. The special mission nuclear submarine SSN-21 USS Jimmy Carter is out there specially equipped for undersea cable tapping operations and receiving commendations in the tradition of the Cold War era USS Halibut.
Whatever you think of the ethics of these issues, the technology and history is amazing, and the capabilities do exist and are fairly well documented. If you read these two books, and have the technological understanding to extrapolate a bit, you can get a pretty good picture of current capabilities and the culture of how these collection assets are being used. One thing you will find that they are not being used without limits and elements of responsibility, although there are cases (like the Boeing/Airbus bidding incident) where they have been abused.
-braddock gaskill
Remember, there are two major systems for doing public key crypto. The idea is to take a problem that is incredibly easy to do one way (make the public key from the private), but very difficult to do the reverse of. Factoring large numbers is a great example (and is what RSA uses). It's easy to multiply two large primes, but much more difficult to factor the product back into the original two primes. If there were a computer which could do this quickly, RSA would be effectively useless.
There is also the discrete log problem, which is what DSA uses. I don't pretend to be a cryptographer, or even know really what the discrete log problem involves (no google links please, I have all the info I need on it if I were really interested), but I do know that it is very easy to do one way, but very hard to do the other! Exactly what you need for public key crypto. Now, if we have a theoretical computer which can break this in reasonable time, DSA becomes worthless. However, there are definately other ways of doing public key crypto than the factoring problem.
Also, another interesting things about quantum crypto (of course, quantum crypto is largely theoretical at this point, so this is not guaranteed in real world implementations) is that both ends KNOW if the datastream has been intercepted. Not just if it's been modified (we can be reasonably sure of that right now using good hashing algorithms for signatures), but if it has mearly been intercepted. This is quite handy because now you know immediately if you need to somehow change things since your data is even POSSIBLY compromised. Really cool stuff.
I must reiterate, IANAC (cryptographer).