A Working, Quantum-Encrypted Intranet

192939495969798999 writes "This article points out how BBN, developers of ARPANET, have actually created a quantum-encrypted intranet that serves pages to a small group of research scientists. I firmly believe this is as significant as the very first internet transmission some years back. If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!" Reader Kent adds "A New York based company, MagiQ Technologies, has begun selling units for commercial use while a group in Europe recently made the first quantum encrypted bank transaction in Vienna, Austria - April 2004. But the Boston network - though limited to three locations - is believed to be the first Internet-integrated system that runs continuously between multiple distant locations."

No comments?

Guess they all got lost in some time flux quantum thingger...

common logical fallacy

If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!

Just because a computer uses encryption, doesn't mean that it is unhackable.

Re:common logical fallacy

[kayak334]

IANAP...but isn't a quantum encrypted transmission unhackable by definition?

Re:common logical fallacy

[maxwell+demon]

Depends on your definition of unhackable :-)

Re:common logical fallacy

[ThomaMelas]

Not really. But it will show if it's been viewed or tampered with, so you can declare the transmission null and void.

Re:common logical fallacy

the transmission is (or claims to be) but that still does nothing to protect the box.

so in the future you won't be able to successfully sniff that packet that is rooting your WindowsLongXP via the latest exploit.

Re:common logical fallacy

[evslin]

"Make something idiot-proof and they'll build a better idiot."

Re:common logical fallacy

The question isn't if quantam encryption is unhackable. The question is if a computer that uses quantum encryption magically loses all of the flaws in the rest of the software (httpd/kernel/etc) on the machine. The answer to that is no.

Encryption is often sold like this. I remember watching an interview with a salesman for a voting machine company. When asked if the voting machine had security problems, his response was that it used unbreakable encryption. So what does that mean? Nothing at all. Just because it uses unbreakable encryption (for what I can't even guess) doesn't mean that a single person can't vote twice, just for example.

Re:common logical fallacy

Sort of, but secure *transmission* doesn help insecure web servers now does it?

Re:common logical fallacy

An example way to ensure your transmission is safe would be to transmit one time cypher pads over the quantum encrypted connection. You could then discard any that were listened to by a man in the middle (it's possible to tell this by the nature of the quantum transmission). You can then use the one time pads to encrypt your uber secret message, which would be un-hackable.

Re:common logical fallacy

yep. The government will probably still use IE.

Re:common logical fallacy

[Senzei]

Would it not also be true that in most hacking attempts not only would it show evidence of tampering, but wouldn't the data be unusable on either the hacker or the recipient's end?

Re:common logical fallacy

[Colonel+Cholling]

Every security system imaginable suffers from this fatal flaw: At least one person must be allowed access. If it is possible for one person to get in, it is possible for someone else to get in.

Re:common logical fallacy

[Retric]

You don't need to hack the transmission to hack the computer at the other end. Which is the goal sniffing the network is just one of many ways to hack the device. And the least used now that most people use switches let alone encripted tunnels.

Re:common logical fallacy

[NoOneInParticular]

Quantum encryption might be just the equivalent of the defence strategy of putting a huge sharpened stake in front of your headquarters and assuming that your enemy will blindly run into it.

Re:common logical fallacy

[ssewell]

Either way, this is referring to encrypted *transport*, which in no way prevents a machine from being compromised.

Although, validating the authenticity of the source of data using these means could potential reduce script kiddies (think non-reputability)

Re:common logical fallacy

[AndrewHowe]

That is true, but denial of service is already achievable with a pair of cable cutters. The benefit of quantum encryption is that you can be sure that if a message does arrive, it hasn't been read by anyone else. You still need to protect the physical link. Having said that, if your cable is protected from cutting, it is also protected from installation of eavesdropping devices, so I'm not sure what QE actually achieves in practice. I suppose it's worse to have your messages covertly eavesdropped than to not receive them at all... But you're pretty stuffed either way!

Re:common logical fallacy

[gweihir]

IANAP...but isn't a quantum encrypted transmission unhackable by definition?

Only if the underlying physics is sound. There are some very compelling reasons to think Quantum Theory is nonsense. It has not yet been tested in any context that involves high-effort computations, not even in quantum computers (too few bits).

Re:common logical fallacy

[JDevers]

Well, that would depend on the message itself. There are definitely situations where having the message not arrive at all is infinitely better than having it overheard.

Re:common logical fallacy

[Pakaran2]

I'd also note that quantum encryption needs an end-to-end dedicated link. I can't imagine the NSA dragging fiber cables into each home so we can securely view their site.

Re:common logical fallacy

[Haertchen]

The encryption technology is based on science that was developed very early in quantum theory, namely the uncertainty principle. Basically this says that there are some features of a system you cannot simultaneously know-if you measure one, the other is uncertain, and if you then measure the other, the original quantity has been scrambled. The fact that this is true can and has been measured experimentally. Repeated measurements have been made on a simple, uncoupled system, and the results of traditional quantum mechanics have been verified in great detail. More complicated theories have been based off of these assumptions, which predict such things as the behavior of electrons in computer chips, and most of these theories match reality better than anything anyone has come up with.

One could possibly argue that quantum mechanics always gives the correct answer, but there must be more information hidden away somewhere that we just can't get at. Unfortunately, it is not difficult to prove that any hidden values will produce some experimental results different from quantem theories, and all the experiments have indicated that quantum theory is the correct one. (This results from Bell's inequality, an idea which has spawned more philosophy about physics than any other idea I've seen.) So modern scientists have good reason to think quantum theory, at least the part used for encryption, is excellent for these uses.

Before you start bashing quantum theory, remember that physicists, especially experimental physicists, don't really want to make the world more complicated than they have to. They've accepted quantum theory because it's better than anything anyone has has come up with.

Re:common logical fallacy

[gordyf]

That reminds me of MP3 players and other audio devices claiming to have "Digital-quality audio!", which really means nothing. An 8-bit 11khz WAV is "digital quality", but I doubt anyone would consider it very high quality..

Re:common logical fallacy

[jongleur]

This wouldn't work if the message contains some sort of 'Heartbeat Event' - the equivalent of "I've got the incriminating papers hidden and ready to be released in the event of my death"

Significant amounts of other information could be passed along as well.

Re:common logical fallacy

[HTH+NE1]

If it's impossible to intercept without disrupting the transmission...

so then its security is inversely proportional to how many times the recipient blindly hits Reload?

(Consider that it might be difficult to tell the difference between an unsuccessful transmission-reception and an interception.)

Re:common logical fallacy

[prjames]

Just how many computers get hacked by physical means, rather than software that justify spending huge amounts on quantum thingies(non-tech!)?

Re:common logical fallacy

Uh... No.
Quantum encryption will show that the page has been tampered with, and this is important, in transit this has NOTHING to do with the security of a computer server in terms of being hacked. Because the page it sends you will REALLY be the page it meant to send you, just not the one the creators intended.

Re:common logical fallacy

[Thomas+Shaddack]

Even if the computer is unhackable - the operators probably aren't.

The biggest vulnerabilities are usually located between the chairs and the keyboards.

Re:common logical fallacy

[AthenianGadfly]

I'm not a physicist, but my impression of quantum theory was that even physical observation would change the result (e.g. observing a photon can actually change its location). If this is true, then even if the physical link was compromised, you should still be alerted.

Re:common logical fallacy

Um yes, that is what I said.

IT?

[Matey-O]

It's a working quantum encrypted mumble mumble?

I thought IT was a Segway? (a.k.a. Ginger, A.k.a. self balancing hype-machine)

Re:IT?

[Matey-O]

Yes. Apparently.

Beam me to my computer

BAH! , Until they have me beaming back and forth from my bed to my computer I'm not giving quantum computing a dime.

Re:Beam me to my computer

[logic+hack]

I was under the impression most slashdotter's beds were at the computer.

Re:Beam me to my computer

[aurb]

Don't forget those with computers in their beds.

Re:Beam me to my computer

[Tezkah]

God bless laptops and wifi. /posted from bed

FP?

[hackronym0]

I just wanted to pose the question, how can you prove that it has not been tampered with? You can't measure anything without changing the state, right? So you shouldn't really be able to prove that its secure either. Anyone else think that this is BS?

Re:FP?

I do not think it is BS. I think you need to do some more research on the subject.

Re:FP?

[joranbelar]

Um...Look at what you put in, compare it to what you get out? The proof of secureness doesn't have to be performed from within the quantum realm.

Re:FP?

[i_should_be_working]

it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on. say the key is 100 bits long. after the transmission of the key, the sender and reciever compare, say, 50 of these bits publicly. if the receiver's bits are different than the sender's they know someone has tampered with it (since any measurement by an outsider will alter the state) and they throw that key away. if they are exactly the same, they know no one listened in and they can use the other 50 bits as the actual key.
they send the encrypted data only after they are sure no one else has the key.

Re:FP?

[Silverlancer]

Its because of how quantum encryption works. Basically, I'll make an explanation here for everyone. We'll have two computers, Alice and Bob. Alice sends a bunch of *RANDOMLY* polarized photons, each polarized RANDOMLY with one of two polarizers--up-down, or diagonal. So you could have one of the following four photons: / \ | --

Bob at the other end RANDOMLY switches between filters, and thus gets only about 3/4 of the photons right (this is a little long and thus I won't do the math here). So he reads off, over an insecure line, which filters he used when. Alice tells him when he was right and when he was wrong. The series of bits that he got right will be used for a one time pad cipher. However, Eve, the evesdropper, can't get the one-time pad! Why? Because she and Bob will have used a different sequence of polarizers, and thus she would have gotten some of the one-time pad wrong. Plus, when Eve measured any photon along the line, it would change its polarization, so therefore before doing the encrypted transmission, Alice could send a portion of the one-time pad to Bob. If any of it changed, then obviously Eve was on the line.

Re:FP?

Wow, nice karma-whoring. Or do you really think that people unimaginably more intelligent than yourself, dealing with concepts you don't have the slightest clue about, spending centuries of man-hours and hundreds of millions of dollars on reasearch, would have overlooked your little problem? If you think it's BS, you don't know what you're talking about, its that simple.

Re:FP?

[mhesseltine]

it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on. say the key is 100 bits long. after the transmission of the key, the sender and reciever compare, say, 50 of these bits publicly. if the receiver's bits are different than the sender's they know someone has tampered with it (since any measurement by an outsider will alter the state) and they throw that key away. if they are exactly the same, they know no one listened in and they can use the other 50 bits as the actual key. they send the encrypted data only after they are sure no one else has the key.

This raises a question for me; if I (a theoretical man-in-the-middle bad guy) know of a quantum-encrypted channel that is being used, for example, by banks, what prevents me from tapping the wire, disrupting the quantum state, and forcing another attempt at transmission? Couldn't a man-in-the-middle become a denial-of-service between two parties by never allowing them to secure a line in the first place?

Re:FP?

[Have+Blue]

The idea is that the quantum technique guarantees that the information in the message can be read exactly once. If that read is performed by the party you are trying to communicate securely with, all is well. If the read is performed by an eavesdropper, then the trusted party will be unable to properly read the communication, and this will be an indication that the transmission was interfered with.

Re:FP?

[Altus]

sure I suppose... but in that case why not just sever the physical connection?

Re:FP?

[radamson]

You can measure _some_ in quantum mechanics things without changing them, and that's the way these systems work. If I send you a horizontally polarized photon then if you measure it along the horizontal direction you won't change its state, but if you measure along any other direction you will. These systems work by the receiver measuring in one of two possible directions selected at random. The receiver and the sender then tell each other what direction the measurements were done so that they can decide what information is valid and what isn't.

An eavesdropper will inevitably destroy some of the valid information which will introduce noise into the sent signal. The sender and receiver can detect this noise and deduce that they are being eavesdropped on.

Incidentally, the security of the most common scheme has been proven mathematically by Shor and Preskill.

Re:FP?

[Casca]

Couldn't a man-in-the-middle become a denial-of-service between two parties by never allowing them to secure a line in the first place?
I don't know about you, but I'd much prefer my uber secret conversations don't go through if someone has managed "tapping the wire". At least then you know there is a problem and can deal with it.

Re:FP?

[BondHeadGuy]

Well, yes, but it's like exception handling vs. error codes: using exceptions doesn't get rid of the error handling problem, but at least they ensure that things can't fail silently. Presumably the two parties do not want to use the line at all if it has been tapped. Better a DOS than a leak of confidential information.

Re:FP?

[Retric]

Sorry but that's wrong.
I can still use a man in the middle attack I just need to intercept both transmistions.

AKA you send 100 bits I tell you the 50 bit's I saw mean while I send you 100 bits and you tell me the 50 bits you saw. Then I send data back and forth while keeping a copy of everything or even changing the data sent to each person. You say move 100,000$ from act 100 to 123 and I tell them move 100,000$ from act 100 to 437. And then send you the ack signal on the transfer while spoofing it so you think everything is OK.

But thanks for playing.

Re:FP?

[Phleg]

I had the same concern. However, thinking about it further, a DOS is infinitely preferable to a loss of confidential data.

On the other hand, it might be far easier to DOS a quantum-encryption system.

Re:FP?

[Retric]

Sorry that's the idea but I can still use a man in the middle attack I just need to intercept both transmistions. AKA you send me 100 bits I tell you the 50 bit's I saw mean while I send sam 100 bits and sam tells me the 50 bits sam saw. Then I send data from you to sam and back while keeping a copy of everything or even changing the data sent to each person. Sam says move 100,000$ from act 100 to 123 and I tell you move 100,000$ from act 100 to 437. And then send sam the ack signal on the transfer while spoofing it so sam thinks everything is OK.

Re:FP?

[eegad]

Bob was sent to the store by Alice for polarized one-time pads but as usual he came back with the wrong filter. She should have just sent Eve to begin with.

Re:FP?

[NoData]

I have a question regarding this. It sounds like quantum encryption requires a direct optical connection between the sender and receiver. Is it theoretically possible make it "routable?" That is to say, would it be usable in the post office type model the internet uses, where packets have to be inspected (and, thus presumably destroying the message in a quantum transmission) to determine where they're going, or would a completely new model need to be developed?

Re:FP?

wrong :)

Re:FP?

[DarkSarin]

best question i've seen. most of the other posts are just "this sucks--it can still be hacked!", and are repetitive and pointless.

Mod up parent

Re:FP?

[i_should_be_working]

AKA you send 100 bits I tell you the 50 bit's I saw mean while I send you 100 bits and you tell me the 50 bits you saw. Then I send data back and forth while keeping a copy of everything or even changing the data sent to each person.

the part of the key that the sender and the receiver compare to make sure nobody eavesdropped can be done over classic channels. so can the actual data transmission. it could be the sender and the receiver talking over the telephone, or in person. it does not have to be secure. are you going to intercept their calls and imitate their voices? or dress up to look like one of them?

But thanks for playing

maybe before you make anymore snide comments on this subject you should learn some of the physics

Re:FP?

[MarkGriz]

ROTFL. Aint that the truth.

Guess none of today's mods have FSOs (female significant others). That really should have been modded up to 5 by now.

Re:FP?

[Dr+Caleb]

You're forgetting the 'Quantum' part. If you or sam intercepts any bit, you will change it. Bob will reply back to Alice and she'll say all 100 bits are wrong, and Alice will resend the pad to Bob. The whole thing starts over again, without any actual data being transmitted.

Re:FP?

[iabervon]

This is based on a one-time-pad, which provides perfect encryption so long as you have a shared secret which nobody else has and you never reuse bits. The issue is, of course, to get the one-time-pad to the other end. This is an improvement over the original problem, because you don't care what the pad is, so long as both ends agree on it and nobody else knows it.

Quantum crypto works by having the two ends trade photons in such a way that half of them are successfully measured and the other half are garbage; after the measurement, they figure out which were successfully measured without revealing what they were measured to be. An attacker who measures the photons in the middle cannot reproduce them accurately, so the two ends find that they don't agree on the pad.

That is, you know that each bit was read only once. You don't know, for any given bit, if it was read by the right person, but you can, for each bit, randomly check that it was read by the right person or use it as part of the pad. The attacker doesn't know in advance which photons to pass through unmeasured and which to measure.

Re:FP?

I am not sure, but it seems that to make it routable, you would have to do some type of point to pont comparison at each hop to check for tampering. I think this is possible without decoding, given the nature of the quantum transmission.

Re:FP?

[gweihir]

I just wanted to pose the question, how can you prove that it has not been tampered with?

If quantum theory is right, there is an inherent proof, namely if you can read it once, than it has not been read by anybody else. The rpoof cannot be repeated and if quantum theory is wrong on this, all falls down anyways. Note that quantum theory has not been teste in any scanario involving high computetional effort. There are resons to believe the theory might just be wrong. It might also be correct, but even if it is mostly right, it is completely unsuitable for security at the moment, since it is mostly an educated.

Re:FP?

[SlayerofGods]

If intercepting the bit changes it what stops you from intercepting it, then just retransmitting the same bit you just received along the line?
Sure the bit you intercepted changed but you blocked that one from moving on and then duplicated what you heard.
How can it stop this?

Re:FP?

[E_elven]

Your explanation is a bit too short. What's stopping Eve from doing a MitM at the point Alice and Bob are comparing over an insecure line?

Re:FP?

[stevelinton]

Sure. A pair of scissors will do this perfectly. A man-in-the-middle can always deny service.

Re:FP?

[stevelinton]

This is the million dollar question. Obviously if you have trusted routers, you can just do the same thing independently on each leg. If you had working quantum computers you could use them as routers and be safe even without trusting them. You can also do quantum error correction to repair damage to the signal without reading it, which would effectively get you round absorbtion of your photons in the fibre and beat range limits.

If you have all-optical switches then you can switch the quantum channel (in a crude form, just bend the optical fibre to point at a different receiver) presumably using control sent over another not necessarily secure channel.

That's all that anyone has come up with as far as I know,

Re:FP?

Alice sends a bunch of *RANDOMLY* polarized photons, each polarized RANDOMLY with one of two polarizers--up-down, or diagonal. So you could have one of the following four photons: / \ | -- Bob at the other end RANDOMLY switches between filters, and thus gets only about 3/4 of the photons right (this is a little long and thus I won't do the math here).

Good that you didn't show the math, because it would have a huge honking hole in it. With truly random data and random detection, Bob could never be right 3/4 of the time (on average) in your scenario. Random is 1 of 2 (50%), in the simplest scenario. Your's is more complex (with 4 possible random photon states). One cannot increase the probability of obtaining the "right" answer by further increasing the randomness of the system.

Re:FP?

each polarized RANDOMLY with one of two polarizers--up-down, or diagonal. So you could have one of the following four photons: / \ | --

I think you're mistaken. Photons are spin 1 bosons, so the only allowed polarizations are up and down. There are no diagonals. Perhaps you're thinking of gravitons, which are spin 2 bosons, and have cross polarizations as well as up and down.

Re:FP?

[ryen]

did you just discount 15+ years of research because you don't understand the basics of what is going on here?
D.U.M.B.A.S.S

Re:FP?

[bzzt]

Couldn't a man-in-the-middle become a denial-of-service between two parties by never allowing them to secure a line in the first place?

a backhoe operator is not a man in the middle attack.

.. the end of the hacked by Chinese index pages!

i'm sure other story submitters don't confuse host security with net security.
perhaps slashdot editors don't know that there is a difference.

Re:FP?

[marcosdumay]

Yes, a man in the middle atack can aways be used as a denial of sevice. This is because in order to make a men in the middle atack, you must be able to stop (intecept and modify) comunication between the two peers.

Re:FP?

[marcosdumay]

The fotons must not be altered. This means neither stored on a computer's memory nor the signal amplified (the latter is the greatest problem to spread QC).
This means tha, yes, you need another routing scheme. But it's not something very troublemaker, you need to tell the router where it must send the package before sending it (like telephony) and it must be routed whitout been read (what some experimental optical routers alread do).

Re:FP?

[LnxAddct]

No, quantum encryption in its current implementations can not be routed. This is why it is not as common as it could be. If anything even sees the transmission, as in any external force that in some way, shape, or form can affect the photons polarization (just about anything will do this), the entire tranmission is made void, at that point you can only verify that the line has been tampered with. As a result of that, there is no way to remotely verify what is legit and what isn't. You must start over. Technically a router could act like a man in the middle but then thats one more machine you must trust and there is no way to directly verify from Alice what she said, but rather you only receive verification through a "3rd party". This doesn't sound so bad until you realize that its useless in any network scenario that is available to public use. Right now if the Feds want to tap you, they go to your ISP, if the internet was quantumly encrypted and routed as you propose, the feds will still just go to the ISP and tap the box. What I'm getting at is that by throwing in a middle man, it kind of ruins the whole point. Now your thinking, "Well, if the connection has to be point to point, then why don't they just use ethernet". Basically because I can splice a Cat5 cable and listen in without you ever knowing, but if you even accidentally bump the fiber optic cable for quantum encryption, you will set off bells and whistles. The light used in the encryption is so sensitive that it can't even be amplified (although rumor has it that some company is making progress in that regards). Becuase it can't be amplified, tis range isn't very long. Hope this clears things up.
Regards,
Steve

Re:FP?

[k0ft]

it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on.
How are we supposed to route this if we cant look at the packets? Wouldnt a router have to "read" a signal to send it to another node? Wouldnt this modify the signal, and break the encryption?

Re:FP?

[smeek]

Absolutely. It is possible to "route" entangled pairs using quantum repeaters. Such a device would require a photon from two entangled pairs, with each of the other photons going to their final destinations, or to other quantum repeaters. The repeater combines the received photons, and using this, can determine whether the remaining pair will be of the same polarization or of opposite polarizations, but not what the remaining photons will be when measured, which means that the routers do not need to be trusted in order for this to work. Unfortunately, this device requires a CNOT-gate, which although there are no theoretical limitations on its accuracy, the best current experimental examples only work something like 60-70% of the time. Also, any errors introduced in the transmission line are magnified, so generally more pairs need to be transmitted along each link to perform some error corrections before the pair is repeated.

Re:FP?

[Jamie+Lokier]

Yes, it is theoretically possible.

If you're happy for the destination address of a message to be visible, then you don't have to encrypt that part. The router looks at that, and can route the rest of the message without affecting the quantum encryption (e.g. by moving a mirror to reflect the quantum encrypted signal to the destination port).

If you don't want that, then you can use onion source routing. Your message begins with an encrypted sequence which tells the first router where to forward the rest of the message. Only the first router can decrypt it. The next part of the message begins with an encrypted message for the next router, and so on. You have to establish a private key with each router, so that you can tell it how to forward the messages, but no router can ever see the source and destination address together.

If a router is not trustworthy, then it may fail to route your message, and try to read it or send it somewhere else. In that case, the message still cannot be copied, so the destination will still detect the untrustworthy router. (This also means that replay attacks are impossible). In particular, the Feds can't tap the channel in the hopes of using fancy equipment to break the crypto - it's physically impossible for them to copy the messages undetected, even if they do manage to get hold of your private encryption keys.

A weakness of this system is that if all the routers on your path collaborate, then they can determine a relationship between source and destination. They can't read the messages, or even copy them, but the association may be something you wanted to hide. This only happens if the routers collaborate - but they might, if the Feds are tapping every router for address information.

Another weakness is if the channel is lossy, which tends to happen with routed networks because of congestion: too many senders hitting a receiver at once, some messages must be dropped. We use TCP/IP to compensate. With this kind of routed quantum channel, if it's lossy, and you use something like TCP to compensate by retransmitting, then somebody can copy your messages undetected, by causing the messages to be lost. So, you might not want to use TCP.

-- Jamie

you try something like TCP/IP over this channel

Re:FP?

[menace3society]

Why can't Eve "measure" it twice, use a sequence of pairs of polarizers, one to get the data and one to turn it back (I'm no quantum mechanic, but you'd probably need to have complementary pairs or something). If Eve can measure and then un-measure all the particles going through and keep track of them, couldn't she then reconstruct, from the insecure data, what the one-time pad would be, and then decrypt (or even measure without unmeasuring) the data itself to confuse or spy on Alice and Bob.

This is essentially the way that ferrite-core computers would read data from memory (since the process of reading destroyed the contents of a core).

Re:FP?

[dbacher]

Not foolproof by far. The channel on which right/wrong answers are being communicated must be secure for this approach to work. If both channels are compromised, then Eve can very effectively perform a man-in-the-middle. Once both channels are compromised, Eve can monitor without detection.

Re:FP?

Because that'd affect the timing, which would also affect the result.

Re:FP?

[umoto]

Thanks for a good explanation. However, I've researched this as much as I can and am still aware of no reason why a man-in-the-middle attack is not possible. I'd sure like some help.

It's easy to see why Eve can't perform a passive attack, but what prevents her from performing an active attack? That is, she connects herself in series with Alice and Bob. Eve makes a connection to Alice and another to Bob, then forwards packets between the two independent connections. Without strong encryption, Alice can't tell the difference between Bob and Eve impersonating Bob.

Therefore, if strong encryption is required anyway, what justifies the expense of quantum transmission?

Re:FP?

[tepples]

a backhoe operator is not a man in the middle attack.

Bolshevik. Prove it.

Re:FP?

What's wrong with a beam splitter?

Re:FP?

[Thomas+Shaddack]

This presumes the passive wiretap scenario. MITM is different - Alice talks with Eve and thinks she's Bob. Bob talks with Eve and thinks she's Alice. Eve sits like a transparent proxy between them and has fun. It screws up the timing, but if Eve attacks the transaction on higher network layer, the timing of individual photons doesn't matter as both the Alice-Eve and Bob-Eve connections are standard-compliant. Which works not only for quantum crypto, but for more mundane things like SSH and SSL and anything that uses a key exchange protocol without authentication. (Moral: Beware of MITM.)

You can spit into Eve's coffee if you're using authentication. If Eve doesn't have something that's Bob's when Alice asks for it (eg. a private half of a RSA key, or in symmetrical scenario some shared secret), Alice becomes suspicious. So either Eve does full-transparency without touching the data, and then MITM degrades to passive wiretap, or she reveals herself. (Moral: check the certificate fingerprints.)

She can also modify the early phase of the protocol handshake, often unencrypted, and degrade security on purpose; eg. she can modify the server response that it allows only export-grade ciphers, or SSLv2 (which has a protocol-level bug), and then break the intercepted comm in her leisure. (Moral: disable support for easily breakable protocols, to prevent this style of attack.)

Re:FP?

No, that won't work, and here's why:

Re:FP?

Dammit.

No, that won't work, and here's why:

Re:FP?

GODDAMMIT!

No, that won't work, and here's why:

Re:FP?

ARRRGH!

I give up.

Re:FP?

The fotons must not be altered.

Although their spelling can be.

Re:FP?

[some+guy+I+know]

If anything even sees the transmission, as in any external force that in some way, shape, or form can affect the photons polarization (just about anything will do this), the entire tranmission is made void, at that point you can only verify that the line has been tampered with.

Does this include stimulated emission of radiation?
IIRC, when a photon encounters an atom whose electron(s) is/are in a high energy state compatible with its wavelength, the atom emits a second photon that has all of the properties of the first.
(This is called "stimulated emission of radiation" (the "SER" in "LASER").)
Do those properties include the quantum uncertainty of the original photon?
When that uncertainty collapses, does it also collapse in an identical way in the emitted photon?
If so, then it seems to me that "photon-tapping" could be possible.

Since I've never seen this discussed anywhere, I assume that photon-tapping won't work.
Perhaps the collapses aren't identical, or maybe the emitted photon does not share properties other than wavelength and phase, or perhaps that act of stimulating emission causes some sort of "disconnect" in the original photon pair.
Could some knowledgeable person please enlighten me?
Thanks.

Re:FP?

Your's is more complex

"Yours".

Re:FP?

What's wrong with a beam splitter?

You can't split a photon.
A beam-splitter works by deflecting some percentage (usually about 50%) of impacting photons in one direction, while not deflecting (or deflecting in a different direction) the remainder.

Re:FP?

[Ayaress]

Accross the internet, depending on where the middle man is, couldn't they also use a different route if the first attempt was interfered with? If multiple attempts accross a wide range of routes are tampered with, it would tend to suggest that the bad guy is somewhere where either end's traffic HAS to pass through, like in their network or at their ISP connection, in which case they have much worse things to worry about than a simple denial of service.

Re:FP?

Actually you can. Search for Wheeler's delayed choice experiment with beam splitters.

Re:FP?

OMG!!!!! I *luuuvvv* the Boyballz!!!!!
before i thought you guys were just hot. but now i see that you're a intelletctual too!?@ OMG!

Do you have a girlfriend? i'll be at your show this weekend!! i'll be the polish girl with the cheek, nose and eyebrow piercings. and i look kind of young, but dont worry, my id says im 16!

Re:FP?

[Retric]

NO I said BOTH transmistions. So A wants to talk to B. C get's in the middle. So A is talking TO C. And C decodes the messages And THEN C reincrips the transmistion and sends it on to B.

Think of it this way If A hand B the key then you need to use that key but if A hands you the key thinking your B then you can send some other key to B. As long as you are just retransmiting the data there is no way for C to know you are not A and there is no way for A to know your not C. OK signal takes longer to get through but if your ping is 200MS all the time then how do you know it should be 200MS or 100MS?

With Quantum encription you KNOW the key is only known by one person but you don't know who that person is. The isue is not that the system is easy or hard to hack but rather if you think it can't be hacked and it can your going to leave other holes open that you could fix.

Re:FP?

You gotta pose the question.

Very nice stuff

[Tairnyn]

It's good to see them turning the "viewing changes the data" caveat into an advantage in this case.

100% secure?

If the technology is working and 100% secure, how long until it makes its way at least into government websites?

nothing is 100% secure.

Re:100% secure?

[maxwell+demon]

nothing is 100% secure.

Where do I get this nothing stuff?

Re:100% secure?

[Sipos]

Maybe not 100% secure but this is encryption that you can prove is unbreakable. (think OTP but with a way to exchange pads without any posibility of them being intercepted). Unless our understanding of quantum mechanics is seriously flawed there is no way to crack quantum encryption that is done correctly.

Re:100% secure?

[exp(pi*sqrt(163))]

Except that codes that are more or less uncrackable already exist. Systems get hacked, not because the code is cracked, but because the weakest link in the chain is typically not the code itself.

Re:100% secure?

[I_Love_Pocky!]

Well in this case that "obnoxious killjoy" would need to defy the laws of physics as we understand them (granted that perhaps we don't fully understand the laws in this case).

Re:100% secure?

[i_should_be_working]

the encryption used for these are one-time encryptions. only one message is used for an encryption. every time a new message is sent, a new encryption code is made. i could send a message that i encoded by correlating the words with the pattern of freckles on my backside. and as long as i only use this encoding scheme once it can't be cracked.
the important part is making sure that the key to this code gets to the receiver without anyone else getting it. so the key to this is not how good the encryption is, it's keeping the key out of eavesdroppers hands.

Re:100% secure?

Yes, but the point is also that QE allows them to *guaruntee* that key packets have or have not been sniffed. If a key has, they just send another. The transfer of data from A to B is 100% uncrackable. Wether or not A or B themselves do something daft is up to them.

Re:100% secure?

[Jerf]

Breaking quantum encryption would most likely net you a Nobel Prize in Physics, since it implies breaking QM.

This is indeed a truly new level of encryption. We probably can't say 100%, but breaking quantum encryption is definately a different order of difficulty than breaking conventional encryption.

Re:100% secure?

[31415926535897]

>> nothing is 100% secure.
> Where do I get this nothing stuff?

I've already given you nothing. What, did you already lose it?

Re:100% secure?

[Ckwop]

The article didn't say "100% secure", and with good reason (IMO). Historically, that "100% secure" claim hasn't panned out. Sooner or later, some obnoxious killjoy always seems to come along and break the encryption.

Damn right. Everyone harps on about the quantum security proof. Great stuff! Except it's not *really* that secure.

What if the attacker puts too much current into the laser generator and it makes two identical photons instead of one?

What if the attacker destroys the laser completly what do they use then? The insecure channel of course.

What people tend to forget is that encryption only has to be a little stronger than the weakest link to be enough (although encryption is usually designed far more secure than it ever needs to be) - people will still read your data even with quantum cryptography - they'll just attack the end points of the connection.

Simon.

Re:100% secure?

[Prince+Vegeta+SSJ4]

HERE

Re:100% secure?

[Loco3KGT]

Surely you've forgotten about Oracle 9.

Re:100% secure?

[gweihir]

Unless our understanding of quantum mechanics is seriously flawed there is no way to crack quantum encryption that is done correctly.

The problem is that there is a real possibility quantum mechanics might be wrong or wrong enough. It is surely counter-intuitive enough and still does not meld with other fundamental physical theories. From a security point of view, relying on speculation by (however bright) physicists is very bad design.

Re:100% secure?

> Where do I get this nothing stuff?

You might try that space between your ears.

Re:100% secure?

[MyHair]

Where do I get this nothing stuff?

From women. Duh.

(Or, you can click this link.)

Re:100% secure?

[jdhutchins]

All encryption schemes today can be brute-forced. Sure, it may take a while, but it can be done. You can't brute-force one-time pad.

Re:100% secure?

[exp(pi*sqrt(163))]

That's like saying that you don't need to heat water to boil it, just wait for the atoms, by chance, to arrange themselves into steam. If you use a big enough RSA key, one that is still practical for sending things like emails, there is no group on earth with enough compute power to be sure of cracking your key using the best algorithms known to mathematicians working in the field today. RSA, with big enough keys, is as good as uncrackable.

Re:100% secure?

[Sipos]

The next improvemnt on Qunatum Field Theory (the theory used currently to understand things on very small distance scales, on which theory behind Quantum encryption is bassed) seems to be String/M theory. This integrates General Relativity (currently used to understand the things on large distance scales or where gravity is significant) and may predict many of the constants that seem to have to just be choosen to be what we measure them as in particle physics (basically everything fits together much better than without it). There doesn't seem to be any sugestion that it will allow Quantum encryption to be broken. Quantum Mechanics may seem very counter inttuative but all the evidence shows that it actually explains alot and makes predictions that have been tested to stunning accuracy. It is really very very very unlikly that anyone will ever find a way to crack quantum encryuption (it is almost certainly imposible and if a theory was put foward that allowed it to be broken it would be sometime between when it would be known to be possible and when it could actually be done). If you were really paranoid though of course you could encrypt the data using something else then send it over a quantum encrypted link.

Re:100% secure?

[Sipos]

You are assuming that noone will be able to build a Quantum Computer to crack it. Quantum encryption cannot be cracked like this but RSA can. Of course it is highly unlikly that anyone could build one today but they could intercept sensitive data today and decrypt it in years to come when quantum computers are available. This is a problem for some data that will remain sensitive for along time in the future.

Re:100% secure?

[maxwell+demon]

> Where do I get this nothing stuff?

You might try that space between your ears.

You shouldn't draw conclusions from yourself to others.

Re:100% secure?

for along time

"a long".

Re:100% secure?

it actually explains alot

"a lot".

Re:100% secure?

[Sipos]

Thanks

Re:100% secure?

[iNetRunner]

Where do I get this nothing stuff?

I could sell some to you.. It's quite expensive as it so secure, as said, but the good point is that I wont charge freight for you! (Or if you like, for additional charge I could place it in a beatiful klein bottle and send that to you in no time..)

No such thing...

[Kenja]

Nothing, I repeate NOTHING, is 100% secure so long as it is still usable. Tossing a hard disk into a volcano is about as close to 100% secure as you can get, but you may have trouble decrypting the data later.

Re:No such thing...

Tossing a hard disk into a volcano is about as close to 100% secure as you can get, but you may have trouble decrypting the data later.

You can recover all the data from /dev/random provided you are using a true random number generator, probably something hardware based, and preferably a lava lamp.

Re:No such thing...

a step down from that is just making sure your office staff doesn't like chocolate (but can you really trust anyone who doesn't like chocolate?)

Re:No such thing...

[lukewarmfusion]

They know that. Of course, you're going to have to explain it to a client one day and realize that when the client hears "it's not 100% secure," they will start looking for something that is. When some PR guy comes along and claims it's 100% secure, we snicker and the PR guy wins the project and gets a Porsche.

I've spent a lot of time educating clients regarding the "nature of things" as you described. However, when the client isn't at that level of interest/ability to understand/etc., I simply say "SSL is the same level of encryption that banks and credit card companies rely on . Your data will be safe." Sometimes I also use the "it would take sixty million years or so to brute force the encryption. I doubt you'll be worried about your 2004 data in sixty million years."

Re:No such thing...

When some PR guy comes along and claims it's 100% secure, we snicker and the PR guy wins the project and gets a Porsche.

OTOH my boss invites me to such vendor meetings b/c he knows that the vendor's true character will show about 3 minutes after i get that big smirk on my face and start asking the vendor questions that s/he can't answer.

Work for a boss that respects your opinion - it's rather nice.

Your bit about "same tech banks use" is very good too. That'd make me nod my head and my boss would settle down a bit.

Re:No such thing...

[J+Mack+Daddy]

Depends on your definition of 'usable' and your definition of 'secure'. For example, a message that is encrypted with a one-time pad is absolutely 100% safe from an attacker in the information-theoretical sense. And given enough care it is possible to do this in the real world. So in this sense, this is both 100% secure AND usable.

Re:No such thing...

[Eudial]

... Tossing a hard disk into a volcano is about as close to 100% secure as you can get ...

However, with a universe simulator you may be able to virtually reproduce the harddrive by simulating the universe to the point before you tossed it into the volcano. So the safest way to store data is probably to never store it in the first place.

Re:No such thing...

[lukewarmfusion]

You're the kind of client that I really enjoy working with.

"Work for a boss that respects your opinion - it's rather nice."

It's kind of funny you say that... I'm just about to quit my job and work full time for my own company. I'm finding it rare that a boss really understands what you do and how valuable you are.

Re:No such thing...

When some PR guy comes along and claims it's 100% secure, we snicker and the PR guy wins the project and gets a Porsche

Yeah....fucking Lumbergh!

Encryption != Security

[leerpm]

If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!"

Just because the network and all of the transmissions are encrypted, doesn't mean the server is secure. Having IIS running HTTPS exclusively doesn't mean you don't have to patch it.

Re:Encryption != Security

[Fizzl]

But you'd have to make HTTPS wrapper for your l33t sploit.
What a drag :(

What?!

[Manip]

How will this stop worms or web-sites getting 'hacked'? It isn't even designed to! It is designed to stop sniffing or the modification of data while it is on the pipe. I think the poster needs get a clue.

Re:What?!

[xyzzy]

That would require the slashdot editorial staff to actually a) read the article they're posting about, and b) understand said article.

Makes quantum networking look easy, no?

Re:What?!

[i_should_be_working]

it's designed to stop sniffing of the key, not the data. the users will know if someone eavesdropped on the key *before* they send the encrypted data. the users can make sure no one else has the key with as close to 100% certainty as they want.

when the poster said 'the technology is working and 100% secure' they meant the technology of the transmission, not the computer using it.

Re:What?!

Mod Parent up, plz.

Re:What?!

[Senzei]

That would require the slashdot editorial staff to actually a) read the article they're posting about, and b) understand said article.

Hey no one else seems to actually read the articles, why should they have to?

Re:What?!

[null+etc.]

I can explain.

I built a router once that's specifically designed to work with quantum networks. However, the router wasn't allowed to look at the IP address of the sender or the receiver, so in effect it never knew where to send the quantum data.

As far as I know, the quantum network was never hacked.

Re:What?!

If a web administrator uses a quantum encrypted network to telnet or ftp to his website, it would be much more difficult for hackers to snoop the traffic and gain the user/passord combo typically used to deface a website. That is how this technology would stop websites from getting hacked.

Re:Impressive...

[watanabe]

hopefully the 'human' factor is addressed. You know, passwords like 'password' or the person's initials. The weakest link in the chain has always been the humans...well, save for that time in the 2001 movie, but I digress.

Actually, you have literally no idea of how a quantum encrypted network works. What's interesting about the quantum encrypted network is not whether it keeps password cracking from L33T hackers, but how it makes sniffing along the connection either impossible, or impossible without being noticeable, depending on the implementation.

Excellent ..

[ReidMaynard]

Tonight I'm adding "Quantum Network Engineer" to my resume...

Re:Excellent ..

"fluent in Hindi and willing to relocate" would impress far more employers.

Re:Excellent ..

[nkh]

I prefer: Engineer with 20 years of experience in quantum encryption (I'm sorry if you don't get this rather cryptic joke...)

Re:Excellent ..

[alienmole]

I'm sorry, you're overqualified - we're looking for someone with only 5 years of quantum encryption experience.

The EU too!

[tcd004]

Don't miss this bit on how the EU is planning to use Quantum Crypto to subert and avoid the U.S.'s rampant digital espionage.

tcd004

Re:The EU too!

No entry found for subert .

Did you mean seibert?

Suggestions:seibert surbet su bert su-bert sub ert sub-ert sube rt sube-rt subvert shubert suabort surbeat sabet hubert sobeit suberate suberite sbtt sbwt sublet subnet subset abert ibert sbt sebat snert subduer sunet uberty bert sawbet sber schubert sert sorbet subbed sube subito suet surbed zibet

For better results, try our search tips.

Re:The EU too!

[tcd004]

Yeah, thanks. Sloppy typing. I meant "SUBVERT"

Tcd004

100% secure?

[jstave]

The article didn't say "100% secure", and with good reason (IMO). Historically, that "100% secure" claim hasn't panned out. Sooner or later, some obnoxious killjoy always seems to come along and break the encryption.

what does this have to do with hacking websites.

Just becuase the transmisions are quantum encrypted doesn't meen the sites won't be hacked. Websites are hacked becuase their admins don't applly patches and use crappy passwords, not becuase their ssl encryption isn't strong enough.

prOn @ work

So will this make me able to trick the boss and get all the good stuff at work?

Does this mean Google will need to switch...

[scotay]

...from pigeon-based indexing to using cats?

Re:Does this mean Google will need to switch...

If so, at least they won't have to buy cat food for a year or so...

Depends on implementation?

[evslin]

We all read the the story about the Lexar Jump drive and how 256-bit AES encryption doesn't match up to the fact that the passwords weren't being encoded in a very secure manner.

I would seriously hope that if this new encryption scheme goes anywhere the people that implement it have the common sense to lock it down tight. Otherwise those HACKED BY CHINESE pages aren't going anywhere anytime soon.

QC is not an encryption tech

[po8]

This might be the end of the hacked by Chinese index pages!

Uh, no. Quantum communication is not magic. (OK, maybe, but not that kind of magic.) What it is, is perfectly secure against physical eavesdropping. An attacker can't "tap the wire", as it were. The name "quantum encryption" is something of a misnomer, though: this technology is just a communication channel, albeit an uber-cool one.

Re:QC is not an encryption tech

[geomon]

"What it is, is perfectly secure against physical eavesdropping."

Don't you mean "theoretically perfect"?

Observe! Invocation of the Patriot Act!

All transport layers are now visible.

Re:QC is not an encryption tech

[po8]

No, I actually did mean "perfectly secure" against physical eavesdropping. The laws of quantum physics are odd; they guarantee (with probability arbitrarily close to 1) that if you try to listen to the message in transit, you'll wreck it. The Patriot Act may let the eavesdropper mess with the endpoints of the channel, but the channel itself is secure against everything but attacks on the fundamental laws of nature :-).

Re:QC is not an encryption tech

[Florian+Weimer]

It's only safe against some physical attacks. Man-in-the-middle attacks are still possible because the quantum key distribution protocols offer only very weak authentication of the communication partners. When telling secrets, you want to ensure that there are no eavesdroppers AND that you are talking to the right person.

The trouble with quantum crypto networks right now is that you either need a fully meshed network (unrealistic for most applications), or the encryption can't be end-to-end (and your favorite three letter agency can eavesdrop at the relay stations). Quantum cryptography is a poor choice compared to proven cryptosystems if you are after actual security (and not some PR or research funding).

Re:QC is not an encryption tech

[po8]

AFAIK (I am not a quantum cryptographer by trade, but I have degrees in physics and computer science), a quantum channel is secure against MIM attacks. You can make the probability that you are talking to an endpoint with the shared secret arbitrarily close to 1 by exchanging a series of authentication bits. (Or are you referring to the fact that you may leak a few bits before the MIM is caught? I think conventional crypto and unicity distance makes this not an effective attack in practice.)

This is why you need a full mesh to provide a secure network. This is indeed unrealistic for applications with very many nodes involved, limiting the use of quantum channels.

They're still really cool, though.

Re:QC is not an encryption tech

[Minwee]

If it is distinguishable from magic, then the technology is not sufficiently advanced.

(First corollary to Clarke's Third Law, first proposed by Gregory Benford. Just because it's Slashdot doesn't mean it has to be plagiarism too.)

Re:QC is not an encryption tech

But if you want to just DoS it, you just have to get your cat to look at it!

Re:QC is not an encryption tech

A quantum channel is not secure against MITM, because there is no prior authentication and therefore the polarization bits (that is, the bits telling if you used horizontal-vertical or diagonal for photon N) must be sent in the clear.

An adversary can simply connect both quantum and insecure channels to his computer and set up a connection to the first party, acting as the second without sending any bits at all (quantum or not) to the second. When that's done, he can then connect to the second party, acting as if he was the first, passing messages back and forth.

Precise timing can thwart this, but if you have that you don't need the quantum channel as any MITM will require some processing time by the adversary and thus lag the communications.

The quantum channel does prevent passive attacks (sniffing) though, and if either party can send the polarization sequence through more channels than the adversary can intercept, they can ensure security without the polarization information being of any use to the adversary.

Re:QC is not an encryption tech

[po8]

Right. (Why did you post AC?) The traditional method of using a quantum channel is to exchange authentication data OOB as part of the setup process (the channel has to be physically set up anyway :-). You then can do either public-key or secret-key tradtional crypto stuff at connection setup time to generate a crypto-secure random sequence for the polarization bits. If you somehow have managed to set up a quantum channel with someone with absolutely no out-of-band data, or if you don't trust traditional crypto at all, QC doesn't really help you against an MIM attack.

Re:QC is not an encryption tech

[ysachlandil]

This is not true!

Quantum Cryptography doesn't protect against an active Man-in-the-Middle attack, eg: I cut the fiber and put two quantum transcievers on it. This is because Quantum Cryptography cannot authenticate the endpoints. You can of course prevent this by using Public Key Crypto but then why use Quantum Crypto at all?

--Blerik

Re:QC is not an encryption tech

[po8]

The reason you use QC atop traditional crypto is that you don't want to make your ciphertext available for offline attack. With a traditional channel, I can passively eavesdrop on the line. I can then crack the crypto, do traffic analysis, etc. at my leisure. With a QC, once I've authenticated the endpoints using traditional crypto, I am confident that my ciphertext of the entire session is secure.

This is not a trivial advantage of the QC approach. Imagine that the Germans had QCs during WWII. We'd probably still not have any of their traffic, even though Enigma was broken during the war: we couldn't crack it in anything like realtime AFAIK. Imagine again that the WWII Japanese traffic to Midway was protected by a QC. No traffic analysis = no battle plan. QC protects your ciphertext in a way that other methods simply do not.

100% secure - but the transport medium only

this doestn mean that a buggy iis connected to the quantum network will be any more secure if it would be connected by rj45 or fibre ethernet.

this means only, that man-in-the-middle attack cant be done, or data during the flow cant be altered without recognization.

this is just a new transport media but not making the services and clients at both ends any more secure.

think of this as an ssl/ssh/vpn replacement.

if you have bugs in the rest of your software/hardware ssl/ssh/vpn/quantum cant help either.

nuff said

Re:100% secure - but the transport medium only

[192939495969798999]

But, since we have quantum encryption working, we can use said encryption to ensure trusted connections, right? That's what I was referring to when I said 100% security. If some user connects their win box through a quantum network and downloads the latest quantum-enabled Bonzi buddy, they're still gonna get hacked.

Re:100% secure - but the transport medium only

[Aumaden]

Unless I've missed something, this is strictly a 1 hop solution.

Transceiver <-> optical fiber <-> Transceiver.

If you add a router, you now can only verify that no one has tampered with the data between you and the router. You have to trust the router to verify the data between itself and the next hop. And, you have to trust that the router itself has not been compromised.

It will get interesting if they can use Quantum Teleportation to send the photon directly to the receiver without any messy cabling.

It's gotta be said:

[El_Smack]

So that's what Al Gore has been up to!

Re:It's gotta be said:

[Himring]

Al Gore did not invent Quantum Networking. He did, however, sleep at a Holiday Inn Express....

Re:Yess!

[idontgno]

Quantum Encrypted Pr0n Surfing!

Hmm...Beyond the index page, Natalie Portman exists in a superposition of having and not having hot grits in her pants...until you click "ENTER"...

Live/Dead Cat Powered Router...

[mark0]

Just don't look inside.

Re:Live/Dead Cat Powered Router...

[maxwell+demon]

Recall: The routers of type l/d cat XY have a defect which causes an uncertainty relation between destination IP and destination port. That is, if you know exactly to which IP the packet should be routed, the port is completely unknown and vice versa.

Quantum encryption is simple

[WindowlessView]

I want them to decrypt what that Genuity Black Rocket campaign was suppose to be about.

You go BBN. You survived that monstrosity.

quantum: viewing changes Data..

[rockclimber]

Now I understand! when word was randomly messing up my settings and files, it was because I was viewing them.

so it WAS a feature, not a bug.

who d'have thunk that MS had such advanced SECURITY tech... :-)

Re:quantum: viewing changes Data..

[0x12d3]

it also explains the slashdot paradox (sites getting slashdotting, but no one actually reading the articles).

Slashdot readers do read the articles.. unfortunely each viewing changes the site for subsequent viewers :)

Re:Yess!

[Phixxr]

No, she exists in BOTH states, as in, having and not having hot grits in her pants. :)

A Good Thread About Quantum Crypto

[bahamutirc]

There was a good discussion about quantum crypto on The Cryptography Mailing List last month.

[Possibly OT] Quantum?

Is this the same 'quantum' used to talk about the experimental computers that create data before it's written, and other strange things?

If so, wouldn't there be a risk of data corruption? 'Oops, the keys are invalid because I looked at them'?

On a related note, isn't the whole quantum thing a bit dangerous because of the possibility of those things happening? Would I need to worry about my alarm clock next to my desktop machine turning into a raccoon?

I guess my real question is, is there a simple guide to quantum stuff online that explains all this stuff so that a non-science geek can understand long enough to stockpile the tinfoil?

Re:[Possibly OT] Quantum?

[I_Love_Pocky!]

Would I need to worry about my alarm clock next to my desktop machine turning into a raccoon?

Don't be a crack head... The probability of that happening is just as likely regardless of you using quantum encryption. What you think just because you aren't taking advantage of living a world governed by the laws of quantum mechanics you don't have to abide by those laws? Closing your eyes doesn't really make the monsters go away either.

Re:[Possibly OT] Quantum?

[Zarniwoop_Editor]

>Closing your eyes doesn't really make the >monsters go away either. Are you sure about this? It's always worked for the government.

Schroedinger's Computer

The problem with "quantum encryption" is that there's only a finite chance you'll be able to decrypt your data later.

Also, whether your data is or is not encrypted depends on who's looking at it.

Re:Schroedinger's Computer

[DrSkwid]

that's fine, 100% chance is finite enough for me

Re:Schroedinger's Computer

-100: Has no clue what the Article is about, tries to BS his way through.

Perhaps a more accurate characterization...

[rpdillon]

While quantum cryptography is, depending on implementation, not hackable, that doesn't account for all the other parts of the system. Bascially, quantum cryptography protects the data in transit, but does nothing to protect the machines its being sent to/from, and certainly doesn't address issues like storage of the data.

Further, what it secure? Not being altered by unauthorized parties (webpages need this), or not being read by unauthorzied parties (goverments need this) or somewhere in between (can't be read without the sender/receiver being notified)?

Security may well be one of the most misunderstood topics, with quantum physics just above it... =)

How will MS use this technology?

[Trolling4Dollars]

Considering that a secure OS is the purported "holy grail" for MS, how do you suppose they will utilize this technology? Let's think about how they integrated the TCP/IP and the Internet. Initially, they "had a better idea" in the forms of NetBEUI and the MSN service (pre-Internet proprietary service). Eventually they "got religion" and started using TCP/IP (albeit a little funky) and real Internet service instead of prepackaged proprietary content. So... with that history, can we expect MS to say, "pah! Quantum Encryption? We have something better". They roll out their "anti-matter encryption with 1 gigqbit strength" and then they start having problems with crackers starting DoE (denial of existence) attacks on remote computers by causing anti-matter overloads. Several hundred thousand deaths later, they "innovate" their own approach to quantum encryption and "save the day". Of course after that all of reality melts away in a wash of windows logos when a quantum worm gets released and all those entangled quanta fizzle apart the space time continuum. So... did MS create the big bang meta-retroactively? ;P

uhh, silly /.!

[Lord+Graga]

Those /. admins are getting lazy. They didn't even bother to decrypt the name of the person who added the article (192939495969798999) :P

Just don't lose the encryption key!

[jmcmunn]

I have to imagine it would be a very bad idea to lose your quantum encryption key...just think how bad it is when I lose my Wep key!

Rubber hoses and candy bars

[kippy]

Yes but will it withstand cholocate bar cryptanalysis?

Re:Yess!

[I_Love_Pocky!]

What did you just state that wasn't already stated?

Falling Down Sober

The group already has a team of in-house hackers trying to infiltrate the system.

Word on the street is that one of these "Hackers" is drunken Mudge of L0pht/@Stake fame. Which isn;t saying much. Hmmm... BBN isn't that were he started? My how the mighty have fallen.

ET's: Can You Hear Us Now?

[footNipple]

IIRC, In the movie "Contact" it was suggested that the ET's first heard from us when we began to beam our television signals into space for satellite relay or ground really...

Now one might wonder if the data we are placing into a "quantum medium" will somehow be detected by entities who know how to detect such events.

Hmmm...I wonder

Re:ET's: Can You Hear Us Now?

[geomon]

Alien Verizon Commercial: "Can you hear me now?"

Re:ET's: Can You Hear Us Now?

[user32.ExitWindowsEx]

hmm. interesting...somehow this is going to leak into subspace =P

p.s. I have 6 gmail invites and only need 3 people to complete an offer.

Re:ET's: Can You Hear Us Now?

[smooth+wombat]

Er, me thinks you're mixing and matching.

The first radio broadcast with sufficient power to escape Earths pull was Hitlers speech at the 1936 Olympics in Munich.

What Contact showed was the first television signal which had sufficient power to escape to escape Earths pull. That also happened to be a signal from Hitlers Germany. A rally if I remember correctly.

Re:ET's: Can You Hear Us Now?

TV is radio.

In Contact hitler says "I declare the 1936 olympics officially open." or something along those lines.

Re:ET's: Can You Hear Us Now?

[Colonel+Cholling]

You're wrong on two counts: First, this has nothing to do with "escaping Earth's pull." Radio transmissions already travel at many times escape velocity. It's not the gravitational pull of Earth which keeps them from getting out into space; it's the ionosphere.

Second, quoting from the novel Contact, page 94: "Those few minutes of television from Vega were originally broadcast in 1936, at the opening if the Olympic Games in Berlin. Even though it was only shown in Germany, it was the first television transmission on Earth with even moderate power. Unlike the ordinary radio transmission in the thirties, those TV signals got through our ionosphere and trickled out into space."

Re:ET's: Can You Hear Us Now?

[smooth+wombat]

Yes, I am aware it's not gravity which holds signals back. I was using pull in the general sense.

And yes, I mucked up the radio/tv bit. It was obviously the tv signal.

Re:ET's: Can You Hear Us Now?

[42forty-two42]

Now one might wonder if the data we are placing into a "quantum medium" will somehow be detected by entities who know how to detect such events.

Uhh... no. You've been watching too much sci-fi. There's no such thing as a "quantum medium". It's just a method to create a one-time pad which will fail detectably if eavesdropped on.

Re:ET's: Can You Hear Us Now?

[42forty-two42]

Yes, I am aware it's not gravity which holds signals back. I was using pull in the general sense.

It's not a pull at all. It's an absorption (or possibly scattering) effect.

how about read only?

[brainchill]

mounting the device serving the web content as read only would also put an end to "hacked by chinese" index pages!!

Re:how about read only?

All web accessible files should always be set up as read only by Everyone. And, this only works if you've taken the proper measures and secured your OS. Administrator or root access can still be "hacked by Chinese!"

Re:how about read only?

[lachlan76]

Assuming that a hacker never gets root access, in which case (s)he can just remount it rw anyway.

Infrastructure for this?

[gravityZ]

Does anyone know what changes are needed to the current fibre infrastructure to support quantum encryption? can you hook two boxes up at either end of a random cable? what about repeaters, etc, interfering with the signal?

Re:Infrastructure for this?

[gweihir]

Does anyone know what changes are needed to the current fibre infrastructure to support quantum encryption?

You need a dedicated fiber and can only do point-to-point, i.e. no routing. As a consequence the connection can be broken into at any router.

Funny, that is pretty much the same security level a modern fiber has, unless the attacker has some very sophisticated equipment.

Re:Infrastructure for this?

[sexylicious]

You don't really need sophisicated equipment. If you get a separate fiber right next to the one you're sniffing, the electric field can permeate the optical materials and carry over to the second fiber. The problem is knowing what the frequency is of the laser light. Then you have to select the proper dielectric in your second fiber.

And it's not the photons that are leaking, those don't escape the fiber. It's the electric field caused by the photons being transmitted through the fiber that you pick up. This can set up a strong enough electric field in the second fiber to propagate photons.

This is a method for measuring laser intensity through fiber optics without actually intercepting the photons. It's used in the study of light propagation in fiber optics.

Re:Infrastructure for this?

[sexylicious]

Also, to support my other statement, here is an experiment on modelocking:

http://www.amath.washington.edu/~kutz/kristin_spau lding.pdf

Note that the ring laser is pumped via another fiber coupled to it with a separate material.

And you are?

[Erwos]

"I firmly believe this is as significant as the very first internet transmission some years back."

I love it when /. submitters include their "expert opinion" on such matters. Who the hell are you? Maybe if Bruce was giving out such praise, it'd be worth mentioning.

Sorry, personal gripe.

-Erwos

Re:And you are?

[Colonel+Cholling]

I love it when /. submitters include their "expert opinion" on such matters. Who the hell are you?

He's certainly not the great and legendary Erwos, that's for sure.

Re:And you are?

You should be sorry. Shut the hell up.

Re:And you are?

[192939495969798999]

I tell you what. If you take offense to my comments, then why don't you refute them instead of making blanket statements about people you don't know? I guess you assume that if you don't know someone, they're not qualified to give an opinion. I honestly feel sorry for you. I could explain my background, but it's really not worth it, because then you'd just kiss my butt and say sorry 900 times, when in fact you should've been more polite in the first place.

Re:And you are?

[Erwos]

I don't take offense to your comments. I question your qualification in making them. Your CV doesn't seem to imply any technical background whatsoever, and neither does the rest of your website. Do you _really_ have the background in cryptography to tell us what's important or not?

The point was, submitters ought not to be making such sweeping predictions unless they're actually experts in the field. Just send the link to the damn article, and spare us your commentary.

-Erwos

Re:And you are?

[192939495969798999]

I have a very thorough knowledge of the history of computer science, which is all that's required to make the statement that I made. You're saying that predictions should come from an expert at a specific field, and I argue that predictions should come from those who understand the history of the field. My dad was in the room when they turned on the ENIAC and ran the first program, which was calculating the first 1000 places of pi. As a result of that and other family influences and my tenures at Sun Microsystems, SPAWAR, and other such places, I know a ton about the history of computers and the internet, and as such I am qualified to make such a statement.

Qubits...

[Karpe]

...are that stuff dreams are made of.

What Every Teenager Wants

[liryon]

From the article:
"This is what every teenager wants: Instant messaging protected by quantum cryptography," he said.

What teenager is worried his parents are using a packet sniffer to monitor their his/her instant messaging?

Re:What Every Teenager Wants

[naitro]

Well, some slashdotees have mentioned that they have children of their own.

Re:What Every Teenager Wants

[crimethinker]

"What teenager is worried his parents are using a packet sniffer to monitor their his/her instant messaging? "

Mine.

Actually, my oldest is 9, so no teenagers yet. The kids' computer is connected to the home network, but blocked COLD at the router from ever touching the internet. No, they can't use mine because they don't know the 18-character password and I can type it in 1-2 seconds, so they won't be shoulder-surfing it either.

Some time in the future, when I allow internet access from that machine, there will be a sniffing process on a separate machine that has tamper indications. The sniffed data will be grepped for our street name, phone number, name of their school, words indicative of pr0n being sent/received, etc. and any match will trigger human review.

Don't flame me and say I'm invading their privacy. This is a duty that I owe to my daughters. Furthermore, I can decide that as their parent and until they are 18, their privacy goes out the window when safety is in question. If you heard a window break in your kid's room, a scream, and an unfamiliar voice, would you knock on the door first and say, "are you dressed? Can I come in?" or would you grab the shotgun and kick the door open immediately?

-paul

Re:What Every Teenager Wants

Dude, you're invading their privacy. Sheesh. (And try to explain how porn concerns their safety.)

Re:What Every Teenager Wants

[Senzei]

Glad to see that someone agrees. I don't have kids, but when I do they are going to go a long time before being exposed to the net unsuprivised. A lot of the trouble kids seem to get into these days is from their parents not knowing/caring what the hell they are doing. I, for one, will not be a part of that group.

Re:What Every Teenager Wants

Thank goodness there is someone else who feels that parents should actually parent and protect their kids. Right to privacy is a misunderstood concept, it in no way applies to kids having privacy from their parents.

Re:What Every Teenager Wants

[crimethinker]

(And try to explain how porn concerns their safety.)

I only have anecdotal evidence to offer:

I had a friend who was molested as a teenager by an older man. The molester used straight porn (at first) to break down barriers - "see, the women like it. Sometimes men like it that way, too."

I go to church with a guy who works in the XXXXXXXXXX County Sheriff's department, in their "online pedophiles" division. Pervs don't send hardcore material to kids right away; they start out with "borderline" images that are of legal adults, and just very suggestive but not actually pornographic. The progression to hardcore material is made slowly, ever so slowly, so as not to alarm the child. From there, it's a hop, skip, and a jump to "You're so much more mature than all the other kids. We should meet in person. Can I pick you up at school?"

-paul

Re:What Every Teenager Wants

I respectfully suggest that talking to your kid about perverts sending them pictures is a better solution than spying on them. Just like telling them "don't talk to strangers" is a somewhat more reasonable solution than bugging their clothes to make sure they aren't.

Re:What Every Teenager Wants

[jacobdp]

Some time in the future, when I allow internet access from that machine, there will be a sniffing process on a separate machine that has tamper indications. The sniffed data will be grepped for our street name, phone number, name of their school, words indicative of pr0n being sent/received, etc. and any match will trigger human review.

That's not an invasion of their privacy. But once your kids know their way around the 'net, restrictions like that become an insult to their intelligence and maturity. Will you still be insisting that they hold your hand while crossing the street?

Re:What Every Teenager Wants

[crimethinker]

"Trust but verify."

Of course I'm going to tell them not to tell anyone their address, phone number, school, where they will be and when, but the sniffing will verify that they are following these very wise instructions. Same thing with pictures - if anyone ever sends you "questionable" pictures, I need to know about it immediately. Again, the sniffer logs with automated scanning will help me verify this.

You talk about audio bugging the kids. Fine, let's talk. Consider the case of a child molester's victims. Surely most of the kids have had the standard "good touch/bad touch" talk with their parents, and yet the kids by and large don't tell because the molester manages to convince them not to. ("You'll get in trouble." "I'll get in trouble." "I'll hurt your family." "People will think you're dirty.") An audio bug in the victim's clothes would circumvent this. Granted, an audio bug isn't very practical, but translate my example back to the real world. If a perv sends my kid a picture, and manages to convince her not to say anything, I'll still find out about it. I'm much more worried about the picture she won't tell me about, than the one she tells me about right away.

You make it sound like I'm going to read every single IM session and e-mail. I won't. grep will do that for me, and I'll read the ones that grep finds interesting.

-paul

Re:What Every Teenager Wants

Don't flame me and say I'm invading their privacy.

Only if you assure me "words indicative of pr0n being sent/received" doesn't mean being used to stop them from browsing porn, etc.

Re:What Every Teenager Wants

[sexylicious]

Hey, you sound like you'll be a good parent when the time comes.

Re:What Every Teenager Wants

[HawkingMattress]

If you heard a window break in your kid's room, a scream, and an unfamiliar voice, would you knock on the door first and say, "are you dressed? Can I come in?" or would you grab the shotgun and kick the door open immediately?

I'd kick the door opened immediatly if i heard that. But i would not put a cam and mic in their room and monitor all their personnal activities just in case it can happen, which is exactly what you plan to do with your sniffer...

I think grepping for the house adress and phone, things like that is a good idea. Monitoring for porn or their personnal conversations is not. Did your mother search your whole room in every freaking corners every day to see if you hadn't hidden a porn book somewhere ? Would you have liked it ? If you had hidden one, and she had found and confiscated it, would that have helped you in any way in your life ?

Re:What Every Teenager Wants

[glitch23]

Did your mother search your whole room in every freaking corners every day to see if you hadn't hidden a porn book somewhere ? If you had hidden one, and she had found and confiscated it, would that have helped you in any way in your life ?

The point is that it can help later in life. You respect women and you don't always think about sex which for men are both hard to do (no pun intended). It may not help but the point is that it can. Parents are meant to be parents and teachers, not friends.

Re:What Every Teenager Wants

[lachlan76]

You respect women and you don't always think about sex

Since it seems like I'm the only teenager that's going to say anything, but thinking about sex all the time is entirely natural. You're not a teenager anymore, but we feel the hormones, and I don't want my parents trying to control what I'm thinking.

We don't think any less of women. If you think pr0n is a big problem, you need to sort out your priorities.

Re:What Every Teenager Wants

[lachlan76]

An audio bug in the victim's clothes would circumvent this. Granted, an audio bug isn't very practical, but translate my example back to the real world

Tell me you're not serious about thinking that bugging your kid's clothes is a good idea. Please, tell me that it was a joke. I'm 14, and trust me, if my parents tried to sniff my convos, you have no idea how pissed off I would be. You don't think that perhaps children have the right to a little privacy? Sure, it's supposed to be for my own good, but does the end justify the means? If my parents DID sniff my convos, I'd just make a huge effort to waste their time (eg. script to just say "weed" "sex" "porn" every 15 seconds to an account I control). They'd give up after a while. Or I could just encrypt the hell out of my convos.

I'd do that NOW, but you know, most 14-year-old chicks don't know how to use GnuPG, so it's not really a practical option.

Re:What Every Teenager Wants

[gyg]

Wake up, control freak. Every attempt to control or monitor your kids that closely will simply result in your kids still doing what they feel like *but you won't know it* and they won't come to you for advice when they need it. To come to the present example, has it ever occurred to you that there are other computers out there that they can use? Driven on by the lure of the forbidden, too...

Re:What Every Teenager Wants

No, I'm not serious about audio bugging kids. Aside for being impractical, the signal:noise ratio wouldn't be worth it. The original discussion was that I would have automated sniffing that would alert me to the presence of certain key words in IM conversations. Someone compared this to audio bugging my kids, and I tried to show how it wasn't.

Now, as for your automated weed/sex/porn script, you'd find your internet access shut off very quickly if you pulled a stunt like that on my LAN. And I don't know how you expect to use GnuPG or GAIM when you don't know the root password, you don't have r/w perms outside your home directory, and your home directory is mounted on a noexec,nosuid partition.

If my kids really want to break my internet rules, they'll be able to do so at their friends' houses. The sniffer at my house is there as a protective measure, to find instances where safety rules are being violated - telling someone their phone number, street name, school name, etc. It's not like I'm scanning for "pregnant" or "abortion" or whatnot. I'm looking for an innocent slip-up, not a deilberate attempt.

-paul

Re:What Every Teenager Wants

[dpete4552]

Parents are meant to be parents and teachers, not friends.

You're absolutely correct. A parent trying to be a friend first and a parent second is one extreme that is not a very good idea. However, you are taking it to the completely opposite extreme, which is no better. On top of the fact that the minute they realize you are doing this they are just going to head over to the public library, friend's house, etc... or when they are older and have a job, simply get a cell phone and a $20 cord to access the net from that. And beyond some very hitlerish things, I can't quite think of anything you could do to stop something like that.

Re:What Every Teenager Wants

[glitch23]

On top of the fact that the minute they realize you are doing this they are just going to head over to the public library, friend's house, etc... or when they are older and have a job, simply get a cell phone and a $20 cord to access the net from that. And beyond some very hitlerish things, I can't quite think of anything you could do to stop something like that.

Oh okay, so then parents should just buy the porn for them then since the child will get it somehow anyway?

You head it off at the pass and not let them read slashdot which condones porn viewing. You teach them morals and watch who their friends are. Garbage in, garbage out. And come to think of it, some tv shows should be off limits, like those which seem to make it a point to talk about sex, lesbians, gays, and porn in a way that endorses all of them.

Bottom line is you have to set limits for your kids just like there are limits for adults (called the legal system although some limits are being removed in the present state of affairs).

Re:What Every Teenager Wants

[lachlan76]

Security measures that use grep $PHONE_NUMBER assume that your kids only talk to people that they don't know - which is often not the case. At that point, you have to decide whether your kid is lying or not.

I'm looking for an innocent slip-up, not a deilberate attempt

If grep can tell that, i guess i need more regex practice.

It's not like I'm scanning for "pregnant" or "abortion" or whatnot

I guess you are very different to my parents.

And I don't know how you expect to use GnuPG or GAIM

And how do your kids do IM on Linux then? And besides, IIRC there is a way to bypass the noexec flag on the mount point, I think it was by loading the executable manually, using some .so, can't remember which, since I've only got a couple of months experience with Linux, and don't remember all the libs.

And about the script, well, I've spent the last 4 days Reinstalling Windows/Installing SP2/Cleaning off Sasser from the new install. Don't expect me to be particularly tolerant of running stuff on my computer, which I don't have control over.

I have hardware support problems, so I'm stuck on Windows for the time being. Seeing as my parents chose the computer, and I didn't get any choice, I'm stuck on hardware with Windows-only support. My parents don't know a lot (read: anything) about running a LAN, or even a single computer. So I have the root password. Since I use the computer with the internet connection, I can bypass any security measures.

And also, do you run every port through grep? If not, there's a way around. Sure, sniffing port 1863 will scan all MSN traffic, but what if she gets a friend to set up a proxy? I'd do it for my friends, and if one of her friends is tech-inclined, he/she may set one up.

My point was that kids should have just as much right to privacy as anyone else. How would you react to know that your daughter was sniffing your email/IM?

Re:What Every Teenager Wants

[DLR]

Does that mean he shouldn't try? Children are the responsibility of their parents. It is our job to try to protect them from some things while allowing them to make mistakes they can learn from with others. What he's doing is no more than a saftey net to catch what might slip through otherwise. It sounds to me as if he is going to depend on having a good relationship with his kids for most of the work, but protect them the unsavory parts (and denizens) of the Internet. As a parent I see nothing wrong with this.

Re:What Every Teenager Wants

[Paulrothrock]

Restrictions like that are great ways to teach your kid valuable job skills.

My parents locked me out of the Internet once, so I installed a keytracker on the computer, got their password, and got back on the net, always careful to wipe my tracks clean after each session.

. Quantum encryption?

[Eudial]

"What? That was a report when i sent i... -" No. No. No. No, It did not say "All work and no play makes Bob a dull boy." when i sent i-..." No. Yes sir. Yes. Yes. I know. Yes. No i don't need any money this month. Yes. Yes. No."

A better question...

[ral315]

If they can create a 'Quantum-Encrypted' server, can't they make the IT section look good?

Re:Impressive...

[Retric]

Hackers don't sniff out data over the network we explot security holes at the end points. If your link uses 2048 bit RSA encription I will leave it alone and hack your webserver just the same. Now as to seting up a private network that could be usefull but you can still use a man in the middle atack vs a quantum encrypted network just takes the same hardware you are using to send the data.

You're both right

[Chagatai]

Actually, both you and the parent are correct. If someone was "eavesdropping" on the quantum network, yes, it would be impossible for them to do it or to do it without being noticed. But the parent is correct in that if the data being accessed on the remote network only requires a simple password, there would be a substantial weak point. Think of it this way: if someone were running a brute force attack on a password, it wouldn't matter if there was integrity on the network being used. The trick is to come up with a quantum "key" on each system that can do the purpose of authentication such that if someone tried looking at the key the other party would be alerted.

Re:You're both right

[dissy]

> But the parent is correct in that if the data being accessed on the remote
> network only requires a simple password, there would be a substantial weak
> point.

The article is about quantum encryption... Has nothing to do with security outside of quantum encryption.
Bad passwords cant be fixed with quantum encryption anymore than bad passwords can be fixed with an ethernet cable or a fiber strand.

It's amazing how this technology comes about and says 'we solved this one problem' and everyone bitches that it doesnt solve every last security problem that does or could exist.

The grandparent is totally wrong in that a bad password is a problem with quantum encryption. This doesnt even TRY to address that, so the fact its not fixed is called 'irrelivant', not 'a problem'.

Parallel Network Required

[uedauhes]

I sounds like a parallel network is required just for transmission of the keys. I'm sure that will be happening in short order.

Re:Impressive...

[Rei]

I'm not so sure; it really depends on how they're routing this. If it is a single dedicated line between each machine, sure. However, if they're routing on an unsecured connection to a router, then across a quantum encryption tunnel, and then decrypted and routed across another unsecured connection, then you can listen in to the connections at any point outside the quantum tunnel, and could very well crack the routers.

Trying to route data that was encrypted "as it leaves the computer"... I'm not sure if that can even be done. I suppose, if you had a one-time pad with your router, and it had a one-time pad with the next hop... etc - and you knew how many hops there were going to be - you could do it. Although you'd have to send many, many times more photons, since half will be lost at each step of the way (if I'm recalling correctly), and nothing would make the routers unhackable.

One of the big problems with a quantum encrypted network is that it's for a very specialized purpose. The bandwidth and latency on such a network will always be very lousy, not only due to the increased transmission complexity, but simply from the fact that you transmit so many photons for a single byte.

Illegal in US?

[raisedbyrobots]

Would the US government really allow a technology that it couldn't eavesdrop?

Re:Illegal in US?

[sexylicious]

Yes. But it would put a lot of resources into ways of breaking it.

Keys Quantum Encrypted: Messages NOT

So all they're doing is using QE to send KEYS. Fine, the messages can still be tapped/intercepted/carnivored, and unless they use a really effective key, brute force (remember DES?) can crack the message.

Alternatively, some l33t haxx0r might simply try to subvert the servers handling the exchange. Then it doesn't matter whether the keys are secure if the machines are running XP.

Re:Keys Quantum Encrypted: Messages NOT

[Mikeydude750]

One time pad. Impossible to crack, as the key is as long as the message itself.

As for subverting the servers...use an OS designed for security and minimize the chances of an exploit.

Re:Impressive...

[Alain_G]

I was under the impression that this "interceptable" feature (on network level) also limits the power of the network to p2p and limits its length. Since repeaters, switches and routers also change the state of the photons.

It still is interceptable on application level at the two end nodes.

And it only is "non-interceptable" while there is no technology to manipulate at a moleculair level.
If thats available to build repeaters etc. it also is interceptable.

The last thing there are always two sides of the mirror. It could also be usefull for the crackers to secure their data in transfer and devastating for security managers.

Uncrackable encryption

I understand that the only way to relly tell if an encryption algorithm is foolproof is to subject it to peer review.

So here. Decrypt this hex:

1A 3F 23 31 37 F3 18 0B 12 66 20 DB 3D 28 2D 15 5E 80 1B 3F 12 82 FE 14 98 1D E6 23 D2 9F 88 26 D6 2A 38 77 23 90 E8 AB 23 A7 28 87 10 9E C3 B0 38 39

if no one can decrypt it, then I think I can publish it and

4) Profit

Only point-to-point security

[maraist]

This might be the end of the hacked by Chinese index pages!" Reader Kent adds

If you use https, then China couldn't hack your pages today. Now if you're implying that even https could be hacked, then quantum encryption doesn't provide you any benifit.

The reason is that you can only quantumly encrypt a single point-to-point channel (haven't read the article, so you could make a lier out of me). And unless you have a direct connection to the end-point in question, you're going to have to go through a gateway. That gateway necessarily needs to see the contents of your message [header]. And more importantly I believe all chinese internet connections run through state-owned gateways.

Additionally, even fiber-optics have limited range, and I suspenct that the quantum-encrypted messages are passing through such a medium. Thus there must be repeaters which will establish separate quantum connection segments. Each repeater is a possible exploit point. (Again, the article could prove me wrong).

A little fly in the quantum ointment...

[Ancient_Hacker]

This is all fine and good if you can string a short unbroken fiber cable from endpoint to endpoint, one with very little attenuation so there's a good chance each little photon will get thru to the other end. The catch is the photon has to go from one end to the other while making NO impact on the Universe. The first time it makes a nudge in the time-space continum, it loses its magical quantum state. That makes it really hard to say, route messages, as the act of inspecting the message is going to ruin its quantum goodness.

Overkill?

[nurb432]

Isnt this a bit overkill? We dont need *everythig* encrypted..

Besides, if its decryptable, its breakable. May not be worth the time/cost to read the average Joe's email, but if you belive you are 100% safe, you are a fool..

Network?

[arose]

I don't see how you can make a network when every connection needs a physical end-to-end connection.

Re:Yess!

[idontgno]

No, she exists in BOTH states, as in, having and not having hot grits in her pants. :)

I said that.
superposition

not a big deal

[eddeye]

Quantum "encryption" is for the most part useless. It's just another way to exchange symmetric keys. The advantages are purely information-theoretic; in the real world, classical methods are just as good and a whole lot cheaper.

It's like replacing a steel deadbolt with titanium, meanwhile the door is still wooden, the hinges are brass, and there's a large window right next to it.

The only uses are extremely high-value applications like banking and the military. Even then I'd spend my money elsewhere.

Can't think of the possibilities?

[sevinkey]

"It is really a futuristic technology," said Harvard project scientist John M. Myers. "Its applications are going to be a lot like the laser and the transistor, in that early people could not think of all the possible applications and uses of it."

I gotta call bullshit on this... I'm having trouble thinking of ways to not apply this technology!

Re:Can't think of the possibilities?

[narcc]

I'm having trouble thinking of ways to not apply this technology!

Yeah, like feline euthanasia.

PETA Members not comofrted by Quantum kitties

[iamatlas]

PETA members were ouraged by the mind boggling number of cats that were killed to perfect this project. PETA members were not soothed by the scientists claims that, theoretically, there are an infinite number of realities in which the cats did not die.

let me help you understand

[192939495969798999]

If tampering can be detected, then the HTML page mangling can be prevented by ensuring that only trusted parties can change the site, right?

You SECURE the server using the new encryption, and then it's much harder to hack. Encryption definitely doesn't EQUAL security, but great encryption can lead to great security if you implement it correctly.

Re:let me help you understand

The buffer overflow leading to the "hacked by chinese" worm was in relation to a GET request. How would encryption help there?

Re:let me help you understand

[leerpm]

No, I'm afraid you don't understand. HTML page mangling (at least the kind referred to by the article summary) doesn't happen by man-in-middle attacks. You don't fix exploits by using encryption.

Securing the transmissions does not nothing to protect against exploits. You have to actually patch the faulty code on the server to protect against them. It only makes hacking slightly harder as the attacker has to send their malicious HTTP request thru HTTPS/SSL, rather than plain HTTP. It does not make it any harder to hack other than the attacker has to write an HTTPS harness.

An impossible claim!

[GMFTatsujin]

I'd say "I'll believe it when I see it," but by seeing the quantum crytography in action, I'd be observing it, and, well...

Re:Uncrackable encryption - CRACKED

This one was easy:

ALL YOUR BASE BELONG TO US

One time PAD:
39 1A 3F 23 31 37 F3 18 0B 12 66 20 DB 3D 28 2D 15 5E 80 1B 3F 12 82 FE 14 98 1D E6 23 D2 9F 88 26 D6 2A 38 77 23 90 E8 AB 23 A7 28 87 10 9E C3 B0 38

Old joke

[dpilot]

Wanted: Quantum Mechanic, must bring own tools.

Are polarization changes predictable?

I.e. will something that once inspected, change states to another known state? Or better put, let's say a bit polarized to '/' is inspected. Will it revert to a bit of '|', or is the random polarization also carried forth into mutations? If it can be predicted, then you don't need to alter it, you just need to inspect it a certain number of times to get it back to whatever it should be...

I figure it's not that simple since it just came to me that quickly, but if ANY part of the transmission, whether it be original bits or the altered state of an encrypted bit are predictable, randomness is thrown out the window.

Re:common logical fallacy, about qbits.

[neuraloverload]

i don't know how the parent got a 5 for insightful, the person doesn't know his q-bits. this system is not only providing secure communication for this particular research group, it is also being used by several u.s. banks for data transmission (read-money) http://www.commsdesign.com/news/tech_beat/showArti cle.jhtml?articleID=29106041
as entanglements proceed between the computers and industry, expect to see further complexity by the seperation of quantum state pairs into phone tech and the end of cel towers. if 2 electrons can talk across the gulf of space, i should be able to get a hold of the guy on the other phone despite the tunnel. of course, it puts another scary spin on rfid, now to be known as qfid, and far more difficult to spoof should the occassion arise.

Bruce Schneier disagrees

From Bruce Schneier's Crypto-gram: "MagiQ Technologies is now selling an actual product that uses single photons to exchange keys over fiber optic lines.
..
I don't have any hope for this sort of product. I don't have any hope for the commercialization of quantum cryptography in general; I don't believe it solves any security problem that needs solving. I don't believe that it's worth paying for, and I can't imagine anyone but a few technophiles buying and deploying it."

WI-FI

[ekc]

While I doubt quantum cryptography could ever really take off in the public Internet what with the packets changing hands so many times on route, I was wondering how applicable it might be to wireless LANs? Is it even possible to demonstrate it at microwave frequencies? Will the day come when I can utter the words "secure WI-FI" without an involuntary chuckle?

It won't help hacking at all...

[cryogenix]

It won't mean anything for hacked web pages. It's just a secure link between those two points that isn't vulnerable to sniffing. Those points still connect to the internet and therefore one can worm their way in that way and possibly intercept the traffic at the points of origin, thus defeating the quantum encryption. The only way that will be secure is if you have an isolated network using only quantum links.

Compelling reasons?

[Catullus]

Please could you provide some of these reasons? AFAIK, up till now, all the predictions of quantum theory have been handsomely confirmed by experiment.

Re:common logical fallacy, about qbits.

You aren't paying attention. The original submitter of the article implied that computers using quamtum encryption are unhackable. Sure, you can't sniff the packets and spy on them. The encryption is sound. What you can do is use a run of the mill remote exploit on their XP box and then install a keylogger completely bypassing the encryption.

Encryption is a great component to security, but it isn't everything. It shouldn't (and doesn't) try to be.

Message integrity

[koffie]

Eavesdropping is one thing, message integrity another.

Consider this: with (good) encryption you know that the message you get hasn't been tampered with. Without you have no idea if it's the same message that your correspondent sent off at you.

Re:Message integrity

[AndrewHowe]

Yes, that's also true, my point was just that DOS can be pretty bad if you have important messages...
Also, what about the scheme where Eve first pretends to be Bob, receives the message, then pretends to be Alice and sends it on to Bob? Is this always detectable due to latency? It seems to me that it should be, as long as Alice and Bob can keep their clocks synchronised...

Re:Message integrity

[TheCarp]

Um yes you are right, the properties of a technology should be considered before it is deployed to solve a problem.

However, for the set of problems where the requirements include the ability to send a message and be sure, absolutly, that it has not been intercepted by a man in the middle, and may need to detect that someone is listening, then you
have a good match.

If you need to get a message through whether someone is listening or not, and have no need to know absolutly if someone is eavesdropping, then maybe this is not a good solution to your problem.

So yah, this isn't a panecea. But its damned cool.

Its like the point about military encryption. Sometimes you need to transmit data one way and need to be sure that the end points are obscured and that the message is not captured by the enemy.... so you get a short wave radio and transmit using a one time pad. (see Numbers Stations) Think of these as leaked secrets, you don't want the british spooks to find out the queens maid is relaying to you the details of overheard meetings do you?

Or maybe its troop movements. You don't really care if your enemy can decode messages that will tell him where you were planning to strike him if it takes him so long to decode it that the resulting message tells him where you struck him two days ago.

Its all a matter of application.

-Steve

[groan]CRIKEY, gimme a fscking BREAK

[nusratt]

I reported this story TWO MONTHS ago.

Oh no it isn't!

[bloo9298]

I firmly believe that this is insignificant. Honestly, point-to-point encryption is not a big problem. Key management is much more of a problem.

NewsScientst.com article

[kc_cyrus]

This is an article about the quantum encrypted bank transaction in Vienna, Austria, which was mentioned in the post.

Re:Impressive...

[kulack]

From the article:

On the quantum network, a laser separates individual photons, and sends them to a device called a modulator. The modulator pumps them out to other network nodes on fiber optic cable. The photons are encoded by sending them out at different intervals: a long gap indicates one bit of information, and a shorter one a different bit.

On the receiving end, another device accepts the photons and recognizes how they're modulated. If the sequence matches what was originally sent, then the keys are stored and used to unscramble data sent through conventional means between the different network nodes, such as over the Internet.

So let me get this...

Cut the fiber cable (at some 3am nobody is gonna notice), stick in a laptop at the cable break with two modulators connected to each end. The system accepts the incoming keys, stores the keys, then sends the same bit pattern out using the other modulator.

You now have two connections, neither of which are observed. 1) Alice to Eve 2) Eve to Bob

Now, Eve also sniffs the traffic on the conventional network, decrypting easily because Eve's got the keys. What am I not understanding?

Re:Impressive...

[Mikeydude750]

The fact that you cannot measure the photons without changing their orientation.

That's a basic law...nothing you can do will be able to overcome that.

what I'm curious about is....

...what is this small group of scientists in Boston working on that requires the very cutting edge of secure encryption? It really sucks knowing that there is all sorts cool new technology being worked on, and I will never get to know even a tenth of it...
: \

secure != eavesdropper-proof

[jusdisgi]

I just wanted to get into this, because it seems like a lot of people are missing an important point.

Sure, it's true, nothing is 100% secure, or at least nothing worthwhile is. You can put an unpatched SQL server on this quantum network and it won't matter that no one can sniff the network. I'll go back to a quote I remember wrong, and will (possibly wrongly) attribute to some openssl documentation: "SSL does not make your application secure. SSL only protects your application's network connections from eavesdropping."

It's not the same thing. The person who said Breaking quantum encryption would most likely net you a Nobel Prize in Physics, since it implies breaking QM. I guess was right...but his larger point, that this was a sea-change in overall security, was wrong.

This does tremendously raise the bar for network-layer security. It means a network that can unquestionably be trusted to be free from sniffing. Yet this is not a security panacea. We have had very good security of this variety (or emulating it) for some time. However, it is important that we keep going forward with it; note the slashdot story last week about SSL being declared insufficient for the truly hardcore.

In other words, this is a major breakthrough for secure local transmissions...but not so much for security in general.

Why you probably wont get Quatum Crypt

Don't you guys in the free world (usa) have some freedom protecting laws requiring communication device providers to build into their devices a mechanism for law enforcement (spooks) to be able to intercept your communications?

Protecting the Wrong Interface Doesn't Help

[billstewart]

Quantum Encryption lets you build a non-eavesdroppable tunnel between two ends of a fiber. Conventional encryption with adequately long keys lets you build non-eavesdroppable logical tunnels between two endpoints over any arbitrary set of IP transport. Most people haven't bothered deploying conventional IPSEC encryption which doesn't require stringing fiber, much less the harder-to-use quantum stuff.

Neither one helps the "hacked by Chinese" problem. That's because the hacked sites have connections to the public internet, so anybody in the world can send them packets, servers that listen to those packets, and buggy software that can be abused. Your web server might also be connected to your corporate data center using an IPSEC tunnel running on a quantum-encrypted dedicated fiber in a pressurized titanium conduit running through a moat protected by sharks with frickin' lasers on their heads, but that's not the path the Chinese hackers will use - they'll use your regular Internet connection.

Alternatively, if you're using the quantum-encrypted or mathematically-encrypted tunnel to connect to people who you shouldn't have trusted, they can still hack you, or if they have an open Internet connection on their machine as well as the tunnel to your machine, you may still be vulnerable.

Oh it's already possible

[aussie_a]

You just don't mind only having one organ beamed per trip do you?

(Spot the reference).

Re:Impressive...

[kulack]

Well, Right. That's the point. Eve never lets the original photons through. Eve sends out new photons with the same orientation.

I.e. Eve is not observing in this case, they're intercepting and resending new data that is indistinguishable from the original.

The End of Hacking

Does anyone know about Quantum Theory? True quantum encryption is unhackable wherever implemented. The data stream disappears if someone trys to view it. Afterall, isn't that what Quantum Theory says? This is a hacker's worst nightmare and a bank's dream. The question I would pose is "Was this properly implemented?" If it is anything less than true quantum encryption it will be hacked. True Quantum encryption implemented everywhere, including your PC, would be the fatal blow to hacking worldwide.

Re:The End of Hacking

True Quantum encryption implemented everywhere, including your PC, would be the fatal blow to hacking worldwide.

Absolute nonsense! It might be the fatal blow to packet sniffing worldwide, but buffer overflows and all kinds of crappy coding aren't going to dissapear with the wave of a quantum magic wand.

Again, all hype

[pyth]

I've pointed this out many times before. Quantum encryption is practically all hype.

Your super-duper encrypted communications line is as secure as your ISP. Worried about that? Use SSL. OH WAIT. That also makes plain old copper lines secure as well.

Unless you're a moron, it's very easy to discover fundamental truths about computer security. Quantum encryption does not get around these truths.

secrets

[Doc+Ruby]

How do we know the Boston network isn't just the first publicly known quantum-encrypted ("enqrypted"?) network? If I owned, say, $40B worth of a large global software company, I'd spend some of that money developing a private instantaneous, perfectly encrypted, global network. It would be like having the only fax machines in the 1920s! Or the only palantirs in Middle Earth... OTOH, I might be too distracted by sponsoring my private cloning operation.

Re:LET'S GO VOLTRON FORCE!!!

Sometimes, to make sure my nerds are actually working (as opposed to jerking off here) I have to earn us an IP ban.

It's not hard to do... you just hit on one of the touchy subjects. Such as slashdot's rampant faggotry, the "hobby" nature of open source, or the fact that Natalie Portman goes much better with oatmeal.

No encryption scheme is 100% secure

Take a course on encryption theory.
Lesson number 1: All current encryption schemes rely on trying to design a one-way function (see a definition).
However, proving the existence of a one-way function has been mapped to the NP-Complete set, which (as we know) is a set of problems that have never been provably solved. We have several good candidates for one-way functions, but we're still searching for the proof. Until one is proven, no encryption is guaranteed 100% secure.

Also interesting to note: Use of Quantum Computing has been suggested as a way to speed up crafted brute-force attacks on existing encryption schemes. All existing encryption schemes rely on the principle of even probability key distribution to reduce attack vectors to simple or crafted brute-force attacks (trying some or all of the possible keys in the key-space.) With conventional computing, this means trying each key one at a time, until the correct key is found. Symmetric key encryption is generally fast, but can also be broken faster (months or years, for the average case). Public key encryption is slower, but takes decades or centuries to break (again, for the average case).

With Quantum Computing, however, every key of length n can be tried at the same time by a n-qbit computer. So if you have a 128-qbit Quantum Computer, you can try every 128 bit key all at once.

Fortunately (or unfortunately?), the last I heard (2 years ago) was that the most qbits formed was 7, and that was in a lab using chemical injections. Anyone know the current upper limit?

Re:LET'S GO VOLTRON FORCE!!!

fortunately most of the nerds who work with you know how to use open proxies...

toodles...

oh, and btw, we all think you're a fat fuck

Why bother with 'QE' when you have 'DH'

[iamcf13]

Seriously,

Why bother with quantum encryption when two parties can use Diffie-Hellman to create and share a secret key. All the eavesdroppers will see is a buncha big numbers shooting about on the wires. For the paranoid, the two parties could conduct some sort of secure passphrase exchange to authenticate themselves before the goodies are exchanged across the secure channel.

Isn't this just as secure and less complicated than quantum encryption?

Trust, not control

[gyg]

Well, it's a matter of degree, as most things. In this case, I see massive overkill. His oldest is 9 and not allowed to access the internet at all?

And consider this:
I can decide that as their parent and until they are 18, their privacy goes out the window when safety is in question
And who decides when safety is in question? Right, the parent. See, with five-year-olds, this is OK. Nine is pushing it. Teenagers - a recipe for bitter conflict (or rather, really creative lies and excuses - teenagers are good at that when there's no other way).

You want your children to be safe? Trust them enough to decide for themselves, gradually but certainly with virtually no "protection" by 13 (discipline re:homework etc. is a different thing, of course).

When a parent forbids so many things, many of them "just in case", how can a child distinguish between real danger and all the other forbidden things?

BTW I'm 28 with a 16yo sister[smile]

Re:Trust, not control

[DLR]

Ahh, but 16 is much different than 9 yrs old. Yes, the art of parenting is the art of the controlled release. I have a 14 and 12 yr old. But personal info really doesn't need to be going out on the net, even for a 16 yr old, don't you agree? And there are perverts all over. My 9 yr old daughter (several years ago) was playing PSO on the Dreamcast online (which she was allowed to do with one of her parents watching) and someone came into her "room" they chatted and the other person asked her age, she said 9, and the person's response was "so you've never had an orgasm then?" Her response what "What type of an organism?" and I terminated the conversation right there. Forbid Internet access to a 9 yr old? Probably not a bad idea, or at least only allow it when monitored. As the kids get older move the monitoring to the background where they don't notice it, but stop it? No, bad idea.