Slashdot Mirror
A Working, Quantum-Encrypted Intranet
192939495969798999 writes "This article points out how BBN, developers of ARPANET, have actually created a quantum-encrypted intranet that serves pages to a small group of research scientists. I firmly believe this is as significant as the very first internet transmission some years back. If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!"
Reader Kent adds "A New York based company, MagiQ
Technologies, has begun selling units for
commercial use while a group in Europe recently made the first quantum encrypted
bank transaction in Vienna, Austria - April 2004. But the Boston network -
though limited to three locations - is believed to be the first Internet-integrated
system
that runs
continuously
between multiple distant locations."
Not really. But it will show if it's been viewed or tampered with, so you can declare the transmission null and void.
this doestn mean that a buggy iis connected to the quantum network will be any more secure if it would be connected by rj45 or fibre ethernet.
this means only, that man-in-the-middle attack cant be done, or data during the flow cant be altered without recognization.
this is just a new transport media but not making the services and clients at both ends any more secure.
think of this as an ssl/ssh/vpn replacement.
if you have bugs in the rest of your software/hardware ssl/ssh/vpn/quantum cant help either.
nuff said
There was a good discussion about quantum crypto on The Cryptography Mailing List last month.
While quantum cryptography is, depending on implementation, not hackable, that doesn't account for all the other parts of the system. Bascially, quantum cryptography protects the data in transit, but does nothing to protect the machines its being sent to/from, and certainly doesn't address issues like storage of the data.
Further, what it secure? Not being altered by unauthorized parties (webpages need this), or not being read by unauthorzied parties (goverments need this) or somewhere in between (can't be read without the sender/receiver being notified)?
Security may well be one of the most misunderstood topics, with quantum physics just above it... =)
it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on. say the key is 100 bits long. after the transmission of the key, the sender and reciever compare, say, 50 of these bits publicly. if the receiver's bits are different than the sender's they know someone has tampered with it (since any measurement by an outsider will alter the state) and they throw that key away. if they are exactly the same, they know no one listened in and they can use the other 50 bits as the actual key.
they send the encrypted data only after they are sure no one else has the key.
Its because of how quantum encryption works. Basically, I'll make an explanation here for everyone. We'll have two computers, Alice and Bob. Alice sends a bunch of *RANDOMLY* polarized photons, each polarized RANDOMLY with one of two polarizers--up-down, or diagonal. So you could have one of the following four photons: / \ | --
Bob at the other end RANDOMLY switches between filters, and thus gets only about 3/4 of the photons right (this is a little long and thus I won't do the math here). So he reads off, over an insecure line, which filters he used when. Alice tells him when he was right and when he was wrong. The series of bits that he got right will be used for a one time pad cipher. However, Eve, the evesdropper, can't get the one-time pad! Why? Because she and Bob will have used a different sequence of polarizers, and thus she would have gotten some of the one-time pad wrong. Plus, when Eve measured any photon along the line, it would change its polarization, so therefore before doing the encrypted transmission, Alice could send a portion of the one-time pad to Bob. If any of it changed, then obviously Eve was on the line.
Well in this case that "obnoxious killjoy" would need to defy the laws of physics as we understand them (granted that perhaps we don't fully understand the laws in this case).
The idea is that the quantum technique guarantees that the information in the message can be read exactly once. If that read is performed by the party you are trying to communicate securely with, all is well. If the read is performed by an eavesdropper, then the trusted party will be unable to properly read the communication, and this will be an indication that the transmission was interfered with.
You can measure _some_ in quantum mechanics things without changing them, and that's the way these systems work. If I send you a horizontally polarized photon then if you measure it along the horizontal direction you won't change its state, but if you measure along any other direction you will. These systems work by the receiver measuring in one of two possible directions selected at random. The receiver and the sender then tell each other what direction the measurements were done so that they can decide what information is valid and what isn't.
An eavesdropper will inevitably destroy some of the valid information which will introduce noise into the sent signal. The sender and receiver can detect this noise and deduce that they are being eavesdropped on.
Incidentally, the security of the most common scheme has been proven mathematically by Shor and Preskill.
No, I actually did mean "perfectly secure" against physical eavesdropping. The laws of quantum physics are odd; they guarantee (with probability arbitrarily close to 1) that if you try to listen to the message in transit, you'll wreck it. The Patriot Act may let the eavesdropper mess with the endpoints of the channel, but the channel itself is secure against everything but attacks on the fundamental laws of nature :-).
Would it not also be true that in most hacking attempts not only would it show evidence of tampering, but wouldn't the data be unusable on either the hacker or the recipient's end?
Slashdot: Where anecdotes and generalizations can be freely substituted for facts, logic, or intelligence
It's like replacing a steel deadbolt with titanium, meanwhile the door is still wooden, the hinges are brass, and there's a large window right next to it.
The only uses are extremely high-value applications like banking and the military. Even then I'd spend my money elsewhere.
Democracy is two wolves and a sheep voting on lunch.
That is true, but denial of service is already achievable with a pair of cable cutters. The benefit of quantum encryption is that you can be sure that if a message does arrive, it hasn't been read by anyone else. You still need to protect the physical link. Having said that, if your cable is protected from cutting, it is also protected from installation of eavesdropping devices, so I'm not sure what QE actually achieves in practice. I suppose it's worse to have your messages covertly eavesdropped than to not receive them at all... But you're pretty stuffed either way!
Does anyone know what changes are needed to the current fibre infrastructure to support quantum encryption?
You need a dedicated fiber and can only do point-to-point, i.e. no routing. As a consequence the connection can be broken into at any router.
Funny, that is pretty much the same security level a modern fiber has, unless the attacker has some very sophisticated equipment.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
No, quantum encryption in its current implementations can not be routed. This is why it is not as common as it could be. If anything even sees the transmission, as in any external force that in some way, shape, or form can affect the photons polarization (just about anything will do this), the entire tranmission is made void, at that point you can only verify that the line has been tampered with. As a result of that, there is no way to remotely verify what is legit and what isn't. You must start over. Technically a router could act like a man in the middle but then thats one more machine you must trust and there is no way to directly verify from Alice what she said, but rather you only receive verification through a "3rd party". This doesn't sound so bad until you realize that its useless in any network scenario that is available to public use. Right now if the Feds want to tap you, they go to your ISP, if the internet was quantumly encrypted and routed as you propose, the feds will still just go to the ISP and tap the box. What I'm getting at is that by throwing in a middle man, it kind of ruins the whole point. Now your thinking, "Well, if the connection has to be point to point, then why don't they just use ethernet". Basically because I can splice a Cat5 cable and listen in without you ever knowing, but if you even accidentally bump the fiber optic cable for quantum encryption, you will set off bells and whistles. The light used in the encryption is so sensitive that it can't even be amplified (although rumor has it that some company is making progress in that regards). Becuase it can't be amplified, tis range isn't very long. Hope this clears things up.
Regards,
Steve
Yes, it is theoretically possible.
If you're happy for the destination address of a message to be visible, then you don't have to encrypt that part. The router looks at that, and can route the rest of the message without affecting the quantum encryption (e.g. by moving a mirror to reflect the quantum encrypted signal to the destination port).
If you don't want that, then you can use onion source routing. Your message begins with an encrypted sequence which tells the first router where to forward the rest of the message. Only the first router can decrypt it. The next part of the message begins with an encrypted message for the next router, and so on. You have to establish a private key with each router, so that you can tell it how to forward the messages, but no router can ever see the source and destination address together.
If a router is not trustworthy, then it may fail to route your message, and try to read it or send it somewhere else. In that case, the message still cannot be copied, so the destination will still detect the untrustworthy router. (This also means that replay attacks are impossible). In particular, the Feds can't tap the channel in the hopes of using fancy equipment to break the crypto - it's physically impossible for them to copy the messages undetected, even if they do manage to get hold of your private encryption keys.
A weakness of this system is that if all the routers on your path collaborate, then they can determine a relationship between source and destination. They can't read the messages, or even copy them, but the association may be something you wanted to hide. This only happens if the routers collaborate - but they might, if the Feds are tapping every router for address information.
Another weakness is if the channel is lossy, which tends to happen with routed networks because of congestion: too many senders hitting a receiver at once, some messages must be dropped. We use TCP/IP to compensate. With this kind of routed quantum channel, if it's lossy, and you use something like TCP to compensate by retransmitting, then somebody can copy your messages undetected, by causing the messages to be lost. So, you might not want to use TCP.
-- Jamie
you try something like TCP/IP over this channelI just wanted to get into this, because it seems like a lot of people are missing an important point.
Sure, it's true, nothing is 100% secure, or at least nothing worthwhile is. You can put an unpatched SQL server on this quantum network and it won't matter that no one can sniff the network. I'll go back to a quote I remember wrong, and will (possibly wrongly) attribute to some openssl documentation: "SSL does not make your application secure. SSL only protects your application's network connections from eavesdropping."
It's not the same thing. The person who said Breaking quantum encryption would most likely net you a Nobel Prize in Physics, since it implies breaking QM. I guess was right...but his larger point, that this was a sea-change in overall security, was wrong.
This does tremendously raise the bar for network-layer security. It means a network that can unquestionably be trusted to be free from sniffing. Yet this is not a security panacea. We have had very good security of this variety (or emulating it) for some time. However, it is important that we keep going forward with it; note the slashdot story last week about SSL being declared insufficient for the truly hardcore.
In other words, this is a major breakthrough for secure local transmissions...but not so much for security in general.
Given a choice between free speech and free beer, most people will take the beer.
Neither one helps the "hacked by Chinese" problem. That's because the hacked sites have connections to the public internet, so anybody in the world can send them packets, servers that listen to those packets, and buggy software that can be abused. Your web server might also be connected to your corporate data center using an IPSEC tunnel running on a quantum-encrypted dedicated fiber in a pressurized titanium conduit running through a moat protected by sharks with frickin' lasers on their heads, but that's not the path the Chinese hackers will use - they'll use your regular Internet connection.
Alternatively, if you're using the quantum-encrypted or mathematically-encrypted tunnel to connect to people who you shouldn't have trusted, they can still hack you, or if they have an open Internet connection on their machine as well as the tunnel to your machine, you may still be vulnerable.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks