Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Working, Quantum-Encrypted Intranet

Posted by timothy on from the it's-the-new-tin-can-and-string dept.

192939495969798999 writes "This article points out how BBN, developers of ARPANET, have actually created a quantum-encrypted intranet that serves pages to a small group of research scientists. I firmly believe this is as significant as the very first internet transmission some years back. If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!" Reader Kent adds "A New York based company, MagiQ Technologies, has begun selling units for commercial use while a group in Europe recently made the first quantum encrypted bank transaction in Vienna, Austria - April 2004. But the Boston network - though limited to three locations - is believed to be the first Internet-integrated system that runs continuously between multiple distant locations."

10 of 305 comments (clear)

  1. Re:common logical fallacy by ThomaMelas · · Score: 5, Informative

    Not really. But it will show if it's been viewed or tampered with, so you can declare the transmission null and void.

  2. 100% secure - but the transport medium only by Anonymous Coward · · Score: 5, Informative

    this doestn mean that a buggy iis connected to the quantum network will be any more secure if it would be connected by rj45 or fibre ethernet.

    this means only, that man-in-the-middle attack cant be done, or data during the flow cant be altered without recognization.

    this is just a new transport media but not making the services and clients at both ends any more secure.

    think of this as an ssl/ssh/vpn replacement.

    if you have bugs in the rest of your software/hardware ssl/ssh/vpn/quantum cant help either.

    nuff said

  3. A Good Thread About Quantum Crypto by bahamutirc · · Score: 5, Informative

    There was a good discussion about quantum crypto on The Cryptography Mailing List last month.

  4. Perhaps a more accurate characterization... by rpdillon · · Score: 4, Informative

    While quantum cryptography is, depending on implementation, not hackable, that doesn't account for all the other parts of the system. Bascially, quantum cryptography protects the data in transit, but does nothing to protect the machines its being sent to/from, and certainly doesn't address issues like storage of the data.

    Further, what it secure? Not being altered by unauthorized parties (webpages need this), or not being read by unauthorzied parties (goverments need this) or somewhere in between (can't be read without the sender/receiver being notified)?

    Security may well be one of the most misunderstood topics, with quantum physics just above it... =)

  5. Re:FP? by i_should_be_working · · Score: 5, Informative

    it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on. say the key is 100 bits long. after the transmission of the key, the sender and reciever compare, say, 50 of these bits publicly. if the receiver's bits are different than the sender's they know someone has tampered with it (since any measurement by an outsider will alter the state) and they throw that key away. if they are exactly the same, they know no one listened in and they can use the other 50 bits as the actual key.
    they send the encrypted data only after they are sure no one else has the key.

  6. Re:FP? by Silverlancer · · Score: 5, Informative

    Its because of how quantum encryption works. Basically, I'll make an explanation here for everyone. We'll have two computers, Alice and Bob. Alice sends a bunch of *RANDOMLY* polarized photons, each polarized RANDOMLY with one of two polarizers--up-down, or diagonal. So you could have one of the following four photons: / \ | --

    Bob at the other end RANDOMLY switches between filters, and thus gets only about 3/4 of the photons right (this is a little long and thus I won't do the math here). So he reads off, over an insecure line, which filters he used when. Alice tells him when he was right and when he was wrong. The series of bits that he got right will be used for a one time pad cipher. However, Eve, the evesdropper, can't get the one-time pad! Why? Because she and Bob will have used a different sequence of polarizers, and thus she would have gotten some of the one-time pad wrong. Plus, when Eve measured any photon along the line, it would change its polarization, so therefore before doing the encrypted transmission, Alice could send a portion of the one-time pad to Bob. If any of it changed, then obviously Eve was on the line.

  7. Re:FP? by radamson · · Score: 5, Informative

    You can measure _some_ in quantum mechanics things without changing them, and that's the way these systems work. If I send you a horizontally polarized photon then if you measure it along the horizontal direction you won't change its state, but if you measure along any other direction you will. These systems work by the receiver measuring in one of two possible directions selected at random. The receiver and the sender then tell each other what direction the measurements were done so that they can decide what information is valid and what isn't.

    An eavesdropper will inevitably destroy some of the valid information which will introduce noise into the sent signal. The sender and receiver can detect this noise and deduce that they are being eavesdropped on.

    Incidentally, the security of the most common scheme has been proven mathematically by Shor and Preskill.

  8. Re:QC is not an encryption tech by po8 · · Score: 3, Informative

    No, I actually did mean "perfectly secure" against physical eavesdropping. The laws of quantum physics are odd; they guarantee (with probability arbitrarily close to 1) that if you try to listen to the message in transit, you'll wreck it. The Patriot Act may let the eavesdropper mess with the endpoints of the channel, but the channel itself is secure against everything but attacks on the fundamental laws of nature :-).

  9. not a big deal by eddeye · · Score: 4, Informative
    Quantum "encryption" is for the most part useless. It's just another way to exchange symmetric keys. The advantages are purely information-theoretic; in the real world, classical methods are just as good and a whole lot cheaper.

    It's like replacing a steel deadbolt with titanium, meanwhile the door is still wooden, the hinges are brass, and there's a large window right next to it.

    The only uses are extremely high-value applications like banking and the military. Even then I'd spend my money elsewhere.

    --
    Democracy is two wolves and a sheep voting on lunch.
  10. Re:common logical fallacy by AndrewHowe · · Score: 3, Informative

    That is true, but denial of service is already achievable with a pair of cable cutters. The benefit of quantum encryption is that you can be sure that if a message does arrive, it hasn't been read by anyone else. You still need to protect the physical link. Having said that, if your cable is protected from cutting, it is also protected from installation of eavesdropping devices, so I'm not sure what QE actually achieves in practice. I suppose it's worse to have your messages covertly eavesdropped than to not receive them at all... But you're pretty stuffed either way!