Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Working, Quantum-Encrypted Intranet

Posted by timothy on from the it's-the-new-tin-can-and-string dept.

192939495969798999 writes "This article points out how BBN, developers of ARPANET, have actually created a quantum-encrypted intranet that serves pages to a small group of research scientists. I firmly believe this is as significant as the very first internet transmission some years back. If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!" Reader Kent adds "A New York based company, MagiQ Technologies, has begun selling units for commercial use while a group in Europe recently made the first quantum encrypted bank transaction in Vienna, Austria - April 2004. But the Boston network - though limited to three locations - is believed to be the first Internet-integrated system that runs continuously between multiple distant locations."

85 of 305 comments (clear)

  1. common logical fallacy by Anonymous Coward · · Score: 5, Insightful
    If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!

    Just because a computer uses encryption, doesn't mean that it is unhackable.

    1. Re:common logical fallacy by ThomaMelas · · Score: 5, Informative

      Not really. But it will show if it's been viewed or tampered with, so you can declare the transmission null and void.

    2. Re:common logical fallacy by evslin · · Score: 4, Funny

      "Make something idiot-proof and they'll build a better idiot."

    3. Re:common logical fallacy by Anonymous Coward · · Score: 3, Insightful
      The question isn't if quantam encryption is unhackable. The question is if a computer that uses quantum encryption magically loses all of the flaws in the rest of the software (httpd/kernel/etc) on the machine. The answer to that is no.

      Encryption is often sold like this. I remember watching an interview with a salesman for a voting machine company. When asked if the voting machine had security problems, his response was that it used unbreakable encryption. So what does that mean? Nothing at all. Just because it uses unbreakable encryption (for what I can't even guess) doesn't mean that a single person can't vote twice, just for example.

    4. Re:common logical fallacy by Senzei · · Score: 2, Informative

      Would it not also be true that in most hacking attempts not only would it show evidence of tampering, but wouldn't the data be unusable on either the hacker or the recipient's end?

      --
      Slashdot: Where anecdotes and generalizations can be freely substituted for facts, logic, or intelligence
    5. Re:common logical fallacy by Retric · · Score: 2, Interesting

      You don't need to hack the transmission to hack the computer at the other end. Which is the goal sniffing the network is just one of many ways to hack the device. And the least used now that most people use switches let alone encripted tunnels.

    6. Re:common logical fallacy by ssewell · · Score: 3, Insightful

      Either way, this is referring to encrypted *transport*, which in no way prevents a machine from being compromised.

      Although, validating the authenticity of the source of data using these means could potential reduce script kiddies (think non-reputability)

    7. Re:common logical fallacy by AndrewHowe · · Score: 3, Informative

      That is true, but denial of service is already achievable with a pair of cable cutters. The benefit of quantum encryption is that you can be sure that if a message does arrive, it hasn't been read by anyone else. You still need to protect the physical link. Having said that, if your cable is protected from cutting, it is also protected from installation of eavesdropping devices, so I'm not sure what QE actually achieves in practice. I suppose it's worse to have your messages covertly eavesdropped than to not receive them at all... But you're pretty stuffed either way!

    8. Re:common logical fallacy by JDevers · · Score: 2, Interesting

      Well, that would depend on the message itself. There are definitely situations where having the message not arrive at all is infinitely better than having it overheard.

    9. Re:common logical fallacy by Haertchen · · Score: 3, Insightful

      The encryption technology is based on science that was developed very early in quantum theory, namely the uncertainty principle. Basically this says that there are some features of a system you cannot simultaneously know-if you measure one, the other is uncertain, and if you then measure the other, the original quantity has been scrambled. The fact that this is true can and has been measured experimentally. Repeated measurements have been made on a simple, uncoupled system, and the results of traditional quantum mechanics have been verified in great detail. More complicated theories have been based off of these assumptions, which predict such things as the behavior of electrons in computer chips, and most of these theories match reality better than anything anyone has come up with.

      One could possibly argue that quantum mechanics always gives the correct answer, but there must be more information hidden away somewhere that we just can't get at. Unfortunately, it is not difficult to prove that any hidden values will produce some experimental results different from quantem theories, and all the experiments have indicated that quantum theory is the correct one. (This results from Bell's inequality, an idea which has spawned more philosophy about physics than any other idea I've seen.) So modern scientists have good reason to think quantum theory, at least the part used for encryption, is excellent for these uses.

      Before you start bashing quantum theory, remember that physicists, especially experimental physicists, don't really want to make the world more complicated than they have to. They've accepted quantum theory because it's better than anything anyone has has come up with.

    10. Re:common logical fallacy by Thomas+Shaddack · · Score: 2, Insightful
      Even if the computer is unhackable - the operators probably aren't.

      The biggest vulnerabilities are usually located between the chairs and the keyboards.

  2. Beam me to my computer by Anonymous Coward · · Score: 5, Funny

    BAH! , Until they have me beaming back and forth from my bed to my computer I'm not giving quantum computing a dime.

  3. FP? by hackronym0 · · Score: 4, Interesting

    I just wanted to pose the question, how can you prove that it has not been tampered with? You can't measure anything without changing the state, right? So you shouldn't really be able to prove that its secure either. Anyone else think that this is BS?

    --
    This is completely false. This is not a sig.
    1. Re:FP? by Anonymous Coward · · Score: 3, Insightful

      I do not think it is BS. I think you need to do some more research on the subject.

    2. Re:FP? by i_should_be_working · · Score: 5, Informative

      it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on. say the key is 100 bits long. after the transmission of the key, the sender and reciever compare, say, 50 of these bits publicly. if the receiver's bits are different than the sender's they know someone has tampered with it (since any measurement by an outsider will alter the state) and they throw that key away. if they are exactly the same, they know no one listened in and they can use the other 50 bits as the actual key.
      they send the encrypted data only after they are sure no one else has the key.

    3. Re:FP? by Silverlancer · · Score: 5, Informative

      Its because of how quantum encryption works. Basically, I'll make an explanation here for everyone. We'll have two computers, Alice and Bob. Alice sends a bunch of *RANDOMLY* polarized photons, each polarized RANDOMLY with one of two polarizers--up-down, or diagonal. So you could have one of the following four photons: / \ | --

      Bob at the other end RANDOMLY switches between filters, and thus gets only about 3/4 of the photons right (this is a little long and thus I won't do the math here). So he reads off, over an insecure line, which filters he used when. Alice tells him when he was right and when he was wrong. The series of bits that he got right will be used for a one time pad cipher. However, Eve, the evesdropper, can't get the one-time pad! Why? Because she and Bob will have used a different sequence of polarizers, and thus she would have gotten some of the one-time pad wrong. Plus, when Eve measured any photon along the line, it would change its polarization, so therefore before doing the encrypted transmission, Alice could send a portion of the one-time pad to Bob. If any of it changed, then obviously Eve was on the line.

    4. Re:FP? by mhesseltine · · Score: 3, Insightful
      it's the key to the encryption that they have to make sure isn't tampered with or eavesdropped on. say the key is 100 bits long. after the transmission of the key, the sender and reciever compare, say, 50 of these bits publicly. if the receiver's bits are different than the sender's they know someone has tampered with it (since any measurement by an outsider will alter the state) and they throw that key away. if they are exactly the same, they know no one listened in and they can use the other 50 bits as the actual key. they send the encrypted data only after they are sure no one else has the key.

      This raises a question for me; if I (a theoretical man-in-the-middle bad guy) know of a quantum-encrypted channel that is being used, for example, by banks, what prevents me from tapping the wire, disrupting the quantum state, and forcing another attempt at transmission? Couldn't a man-in-the-middle become a denial-of-service between two parties by never allowing them to secure a line in the first place?

      --
      Overrated / Underrated : Moderation :: Anonymous Coward : Posting
    5. Re:FP? by Have+Blue · · Score: 2, Informative

      The idea is that the quantum technique guarantees that the information in the message can be read exactly once. If that read is performed by the party you are trying to communicate securely with, all is well. If the read is performed by an eavesdropper, then the trusted party will be unable to properly read the communication, and this will be an indication that the transmission was interfered with.

    6. Re:FP? by radamson · · Score: 5, Informative

      You can measure _some_ in quantum mechanics things without changing them, and that's the way these systems work. If I send you a horizontally polarized photon then if you measure it along the horizontal direction you won't change its state, but if you measure along any other direction you will. These systems work by the receiver measuring in one of two possible directions selected at random. The receiver and the sender then tell each other what direction the measurements were done so that they can decide what information is valid and what isn't.

      An eavesdropper will inevitably destroy some of the valid information which will introduce noise into the sent signal. The sender and receiver can detect this noise and deduce that they are being eavesdropped on.

      Incidentally, the security of the most common scheme has been proven mathematically by Shor and Preskill.

    7. Re:FP? by BondHeadGuy · · Score: 4, Insightful

      Well, yes, but it's like exception handling vs. error codes: using exceptions doesn't get rid of the error handling problem, but at least they ensure that things can't fail silently. Presumably the two parties do not want to use the line at all if it has been tapped. Better a DOS than a leak of confidential information.

    8. Re:FP? by Retric · · Score: 2, Insightful

      Sorry but that's wrong.
      I can still use a man in the middle attack I just need to intercept both transmistions.

      AKA you send 100 bits I tell you the 50 bit's I saw mean while I send you 100 bits and you tell me the 50 bits you saw. Then I send data back and forth while keeping a copy of everything or even changing the data sent to each person. You say move 100,000$ from act 100 to 123 and I tell them move 100,000$ from act 100 to 437. And then send you the ack signal on the transfer while spoofing it so you think everything is OK.

      But thanks for playing.

    9. Re:FP? by eegad · · Score: 5, Funny

      Bob was sent to the store by Alice for polarized one-time pads but as usual he came back with the wrong filter. She should have just sent Eve to begin with.

    10. Re:FP? by NoData · · Score: 4, Insightful

      I have a question regarding this. It sounds like quantum encryption requires a direct optical connection between the sender and receiver. Is it theoretically possible make it "routable?" That is to say, would it be usable in the post office type model the internet uses, where packets have to be inspected (and, thus presumably destroying the message in a quantum transmission) to determine where they're going, or would a completely new model need to be developed?

    11. Re:FP? by E_elven · · Score: 2, Interesting

      Your explanation is a bit too short. What's stopping Eve from doing a MitM at the point Alice and Bob are comparing over an insecure line?

      --
      Marxist evolution is just N generations away!
    12. Re:FP? by stevelinton · · Score: 3, Insightful

      Sure. A pair of scissors will do this perfectly. A man-in-the-middle can always deny service.

    13. Re:FP? by LnxAddct · · Score: 2, Informative

      No, quantum encryption in its current implementations can not be routed. This is why it is not as common as it could be. If anything even sees the transmission, as in any external force that in some way, shape, or form can affect the photons polarization (just about anything will do this), the entire tranmission is made void, at that point you can only verify that the line has been tampered with. As a result of that, there is no way to remotely verify what is legit and what isn't. You must start over. Technically a router could act like a man in the middle but then thats one more machine you must trust and there is no way to directly verify from Alice what she said, but rather you only receive verification through a "3rd party". This doesn't sound so bad until you realize that its useless in any network scenario that is available to public use. Right now if the Feds want to tap you, they go to your ISP, if the internet was quantumly encrypted and routed as you propose, the feds will still just go to the ISP and tap the box. What I'm getting at is that by throwing in a middle man, it kind of ruins the whole point. Now your thinking, "Well, if the connection has to be point to point, then why don't they just use ethernet". Basically because I can splice a Cat5 cable and listen in without you ever knowing, but if you even accidentally bump the fiber optic cable for quantum encryption, you will set off bells and whistles. The light used in the encryption is so sensitive that it can't even be amplified (although rumor has it that some company is making progress in that regards). Becuase it can't be amplified, tis range isn't very long. Hope this clears things up.
      Regards,
      Steve

    14. Re:FP? by Jamie+Lokier · · Score: 2, Informative

      Yes, it is theoretically possible.

      If you're happy for the destination address of a message to be visible, then you don't have to encrypt that part. The router looks at that, and can route the rest of the message without affecting the quantum encryption (e.g. by moving a mirror to reflect the quantum encrypted signal to the destination port).

      If you don't want that, then you can use onion source routing. Your message begins with an encrypted sequence which tells the first router where to forward the rest of the message. Only the first router can decrypt it. The next part of the message begins with an encrypted message for the next router, and so on. You have to establish a private key with each router, so that you can tell it how to forward the messages, but no router can ever see the source and destination address together.

      If a router is not trustworthy, then it may fail to route your message, and try to read it or send it somewhere else. In that case, the message still cannot be copied, so the destination will still detect the untrustworthy router. (This also means that replay attacks are impossible). In particular, the Feds can't tap the channel in the hopes of using fancy equipment to break the crypto - it's physically impossible for them to copy the messages undetected, even if they do manage to get hold of your private encryption keys.

      A weakness of this system is that if all the routers on your path collaborate, then they can determine a relationship between source and destination. They can't read the messages, or even copy them, but the association may be something you wanted to hide. This only happens if the routers collaborate - but they might, if the Feds are tapping every router for address information.

      Another weakness is if the channel is lossy, which tends to happen with routed networks because of congestion: too many senders hitting a receiver at once, some messages must be dropped. We use TCP/IP to compensate. With this kind of routed quantum channel, if it's lossy, and you use something like TCP to compensate by retransmitting, then somebody can copy your messages undetected, by causing the messages to be lost. So, you might not want to use TCP.

      -- Jamie

      you try something like TCP/IP over this channel
  4. 100% secure? by Anonymous Coward · · Score: 2, Insightful
    If the technology is working and 100% secure, how long until it makes its way at least into government websites?
    nothing is 100% secure.
    1. Re:100% secure? by maxwell+demon · · Score: 5, Funny
      nothing is 100% secure.

      Where do I get this nothing stuff?
      --
      The Tao of math: The numbers you can count are not the real numbers.
    2. Re:100% secure? by I_Love_Pocky! · · Score: 2, Informative

      Well in this case that "obnoxious killjoy" would need to defy the laws of physics as we understand them (granted that perhaps we don't fully understand the laws in this case).

    3. Re:100% secure? by Jerf · · Score: 4, Interesting

      Breaking quantum encryption would most likely net you a Nobel Prize in Physics, since it implies breaking QM.

      This is indeed a truly new level of encryption. We probably can't say 100%, but breaking quantum encryption is definately a different order of difficulty than breaking conventional encryption.

  5. Encryption != Security by leerpm · · Score: 4, Insightful

    If the technology is working and 100% secure, how long until it makes its way at least into government websites? This might be the end of the hacked by Chinese index pages!"

    Just because the network and all of the transmissions are encrypted, doesn't mean the server is secure. Having IIS running HTTPS exclusively doesn't mean you don't have to patch it.

  6. What?! by Manip · · Score: 5, Insightful

    How will this stop worms or web-sites getting 'hacked'? It isn't even designed to! It is designed to stop sniffing or the modification of data while it is on the pipe. I think the poster needs get a clue.

    1. Re:What?! by xyzzy · · Score: 4, Funny

      That would require the slashdot editorial staff to actually a) read the article they're posting about, and b) understand said article.

      Makes quantum networking look easy, no?

  7. Re:Impressive... by watanabe · · Score: 5, Insightful
    hopefully the 'human' factor is addressed. You know, passwords like 'password' or the person's initials. The weakest link in the chain has always been the humans...well, save for that time in the 2001 movie, but I digress.


    Actually, you have literally no idea of how a quantum encrypted network works. What's interesting about the quantum encrypted network is not whether it keeps password cracking from L33T hackers, but how it makes sniffing along the connection either impossible, or impossible without being noticeable, depending on the implementation.

  8. Excellent .. by ReidMaynard · · Score: 5, Funny

    Tonight I'm adding "Quantum Network Engineer" to my resume...

    --
    -- www.globaltics.net

    Political discussion for a new world

    1. Re:Excellent .. by Anonymous Coward · · Score: 3, Insightful

      "fluent in Hindi and willing to relocate" would impress far more employers.

    2. Re:Excellent .. by nkh · · Score: 5, Funny

      I prefer: Engineer with 20 years of experience in quantum encryption (I'm sorry if you don't get this rather cryptic joke...)

  9. The EU too! by tcd004 · · Score: 5, Interesting

    Don't miss this bit on how the EU is planning to use Quantum Crypto to subert and avoid the U.S.'s rampant digital espionage.

    tcd004

  10. 100% secure? by jstave · · Score: 3, Insightful

    The article didn't say "100% secure", and with good reason (IMO). Historically, that "100% secure" claim hasn't panned out. Sooner or later, some obnoxious killjoy always seems to come along and break the encryption.

  11. what does this have to do with hacking websites. by Anonymous Coward · · Score: 3, Insightful

    Just becuase the transmisions are quantum encrypted doesn't meen the sites won't be hacked. Websites are hacked becuase their admins don't applly patches and use crappy passwords, not becuase their ssl encryption isn't strong enough.

  12. Does this mean Google will need to switch... by scotay · · Score: 5, Funny

    ...from pigeon-based indexing to using cats?

  13. Depends on implementation? by evslin · · Score: 3, Insightful

    We all read the the story about the Lexar Jump drive and how 256-bit AES encryption doesn't match up to the fact that the passwords weren't being encoded in a very secure manner.

    I would seriously hope that if this new encryption scheme goes anywhere the people that implement it have the common sense to lock it down tight. Otherwise those HACKED BY CHINESE pages aren't going anywhere anytime soon.

  14. QC is not an encryption tech by po8 · · Score: 4, Insightful

    This might be the end of the hacked by Chinese index pages!

    Uh, no. Quantum communication is not magic. (OK, maybe, but not that kind of magic.) What it is, is perfectly secure against physical eavesdropping. An attacker can't "tap the wire", as it were. The name "quantum encryption" is something of a misnomer, though: this technology is just a communication channel, albeit an uber-cool one.

    1. Re:QC is not an encryption tech by geomon · · Score: 2, Insightful

      "What it is, is perfectly secure against physical eavesdropping."

      Don't you mean "theoretically perfect"?

      Observe! Invocation of the Patriot Act!

      All transport layers are now visible.

      --
      "Rocky Rococo, at your cervix!"
    2. Re:QC is not an encryption tech by po8 · · Score: 3, Informative

      No, I actually did mean "perfectly secure" against physical eavesdropping. The laws of quantum physics are odd; they guarantee (with probability arbitrarily close to 1) that if you try to listen to the message in transit, you'll wreck it. The Patriot Act may let the eavesdropper mess with the endpoints of the channel, but the channel itself is secure against everything but attacks on the fundamental laws of nature :-).

    3. Re:QC is not an encryption tech by Florian+Weimer · · Score: 2, Insightful

      It's only safe against some physical attacks. Man-in-the-middle attacks are still possible because the quantum key distribution protocols offer only very weak authentication of the communication partners. When telling secrets, you want to ensure that there are no eavesdroppers AND that you are talking to the right person.

      The trouble with quantum crypto networks right now is that you either need a fully meshed network (unrealistic for most applications), or the encryption can't be end-to-end (and your favorite three letter agency can eavesdrop at the relay stations). Quantum cryptography is a poor choice compared to proven cryptosystems if you are after actual security (and not some PR or research funding).

    4. Re:QC is not an encryption tech by po8 · · Score: 2, Insightful

      AFAIK (I am not a quantum cryptographer by trade, but I have degrees in physics and computer science), a quantum channel is secure against MIM attacks. You can make the probability that you are talking to an endpoint with the shared secret arbitrarily close to 1 by exchanging a series of authentication bits. (Or are you referring to the fact that you may leak a few bits before the MIM is caught? I think conventional crypto and unicity distance makes this not an effective attack in practice.)

      This is why you need a full mesh to provide a secure network. This is indeed unrealistic for applications with very many nodes involved, limiting the use of quantum channels.

      They're still really cool, though.

  15. 100% secure - but the transport medium only by Anonymous Coward · · Score: 5, Informative

    this doestn mean that a buggy iis connected to the quantum network will be any more secure if it would be connected by rj45 or fibre ethernet.

    this means only, that man-in-the-middle attack cant be done, or data during the flow cant be altered without recognization.

    this is just a new transport media but not making the services and clients at both ends any more secure.

    think of this as an ssl/ssh/vpn replacement.

    if you have bugs in the rest of your software/hardware ssl/ssh/vpn/quantum cant help either.

    nuff said

  16. It's gotta be said: by El_Smack · · Score: 4, Funny

    So that's what Al Gore has been up to!

    --


    There are 01 kinds of cars in the world. The General Lee, and everything else.
  17. Re:Yess! by idontgno · · Score: 4, Funny
    Quantum Encrypted Pr0n Surfing!

    Hmm...Beyond the index page, Natalie Portman exists in a superposition of having and not having hot grits in her pants...until you click "ENTER"...

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  18. Live/Dead Cat Powered Router... by mark0 · · Score: 2, Funny

    Just don't look inside.

    1. Re:Live/Dead Cat Powered Router... by maxwell+demon · · Score: 4, Funny

      Recall: The routers of type l/d cat XY have a defect which causes an uncertainty relation between destination IP and destination port. That is, if you know exactly to which IP the packet should be routed, the port is completely unknown and vice versa.

      --
      The Tao of math: The numbers you can count are not the real numbers.
  19. Quantum encryption is simple by WindowlessView · · Score: 2, Funny
    I want them to decrypt what that Genuity Black Rocket campaign was suppose to be about.

    You go BBN. You survived that monstrosity.

    --
    Leave the gun, take the cannolis.
  20. quantum: viewing changes Data.. by rockclimber · · Score: 5, Funny

    Now I understand! when word was randomly messing up my settings and files, it was because I was viewing them.

    so it WAS a feature, not a bug.

    who d'have thunk that MS had such advanced SECURITY tech... :-)

  21. A Good Thread About Quantum Crypto by bahamutirc · · Score: 5, Informative

    There was a good discussion about quantum crypto on The Cryptography Mailing List last month.

  22. Perhaps a more accurate characterization... by rpdillon · · Score: 4, Informative

    While quantum cryptography is, depending on implementation, not hackable, that doesn't account for all the other parts of the system. Bascially, quantum cryptography protects the data in transit, but does nothing to protect the machines its being sent to/from, and certainly doesn't address issues like storage of the data.

    Further, what it secure? Not being altered by unauthorized parties (webpages need this), or not being read by unauthorzied parties (goverments need this) or somewhere in between (can't be read without the sender/receiver being notified)?

    Security may well be one of the most misunderstood topics, with quantum physics just above it... =)

  23. Re:No such thing... by lukewarmfusion · · Score: 4, Insightful

    They know that. Of course, you're going to have to explain it to a client one day and realize that when the client hears "it's not 100% secure," they will start looking for something that is. When some PR guy comes along and claims it's 100% secure, we snicker and the PR guy wins the project and gets a Porsche.

    I've spent a lot of time educating clients regarding the "nature of things" as you described. However, when the client isn't at that level of interest/ability to understand/etc., I simply say "SSL is the same level of encryption that banks and credit card companies rely on . Your data will be safe." Sometimes I also use the "it would take sixty million years or so to brute force the encryption. I doubt you'll be worried about your 2004 data in sixty million years."

  24. How will MS use this technology? by Trolling4Dollars · · Score: 4, Funny

    Considering that a secure OS is the purported "holy grail" for MS, how do you suppose they will utilize this technology? Let's think about how they integrated the TCP/IP and the Internet. Initially, they "had a better idea" in the forms of NetBEUI and the MSN service (pre-Internet proprietary service). Eventually they "got religion" and started using TCP/IP (albeit a little funky) and real Internet service instead of prepackaged proprietary content. So... with that history, can we expect MS to say, "pah! Quantum Encryption? We have something better". They roll out their "anti-matter encryption with 1 gigqbit strength" and then they start having problems with crackers starting DoE (denial of existence) attacks on remote computers by causing anti-matter overloads. Several hundred thousand deaths later, they "innovate" their own approach to quantum encryption and "save the day". Of course after that all of reality melts away in a wash of windows logos when a quantum worm gets released and all those entangled quanta fizzle apart the space time continuum. So... did MS create the big bang meta-retroactively? ;P

    --
    Un-news
  25. uhh, silly /.! by Lord+Graga · · Score: 3, Funny

    Those /. admins are getting lazy. They didn't even bother to decrypt the name of the person who added the article (192939495969798999) :P

  26. ET's: Can You Hear Us Now? by footNipple · · Score: 3, Interesting

    IIRC, In the movie "Contact" it was suggested that the ET's first heard from us when we began to beam our television signals into space for satellite relay or ground really...

    Now one might wonder if the data we are placing into a "quantum medium" will somehow be detected by entities who know how to detect such events.

    Hmmm...I wonder

  27. how about read only? by brainchill · · Score: 2, Interesting

    mounting the device serving the web content as read only would also put an end to "hacked by chinese" index pages!!

  28. Infrastructure for this? by gravityZ · · Score: 5, Insightful

    Does anyone know what changes are needed to the current fibre infrastructure to support quantum encryption? can you hook two boxes up at either end of a random cable? what about repeaters, etc, interfering with the signal?

    1. Re:Infrastructure for this? by gweihir · · Score: 2, Informative

      Does anyone know what changes are needed to the current fibre infrastructure to support quantum encryption?

      You need a dedicated fiber and can only do point-to-point, i.e. no routing. As a consequence the connection can be broken into at any router.

      Funny, that is pretty much the same security level a modern fiber has, unless the attacker has some very sophisticated equipment.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  29. And you are? by Erwos · · Score: 2, Insightful

    "I firmly believe this is as significant as the very first internet transmission some years back."

    I love it when /. submitters include their "expert opinion" on such matters. Who the hell are you? Maybe if Bruce was giving out such praise, it'd be worth mentioning.

    Sorry, personal gripe.

    -Erwos

    --
    Plausible conjecture should not be misrepresented as proof positive.
  30. Re:Schroedinger's Computer by DrSkwid · · Score: 2, Funny


    that's fine, 100% chance is finite enough for me

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  31. Re:No such thing... by J+Mack+Daddy · · Score: 2, Insightful

    Depends on your definition of 'usable' and your definition of 'secure'. For example, a message that is encrypted with a one-time pad is absolutely 100% safe from an attacker in the information-theoretical sense. And given enough care it is possible to do this in the real world. So in this sense, this is both 100% secure AND usable.

    --

    Jiggity

  32. You're both right by Chagatai · · Score: 3, Insightful
    Actually, both you and the parent are correct. If someone was "eavesdropping" on the quantum network, yes, it would be impossible for them to do it or to do it without being noticed. But the parent is correct in that if the data being accessed on the remote network only requires a simple password, there would be a substantial weak point. Think of it this way: if someone were running a brute force attack on a password, it wouldn't matter if there was integrity on the network being used. The trick is to come up with a quantum "key" on each system that can do the purpose of authentication such that if someone tried looking at the key the other party would be alerted.

    --
    --Chag
  33. Parallel Network Required by uedauhes · · Score: 2, Funny

    I sounds like a parallel network is required just for transmission of the keys. I'm sure that will be happening in short order.

  34. Re:Impressive... by Rei · · Score: 2, Interesting

    I'm not so sure; it really depends on how they're routing this. If it is a single dedicated line between each machine, sure. However, if they're routing on an unsecured connection to a router, then across a quantum encryption tunnel, and then decrypted and routed across another unsecured connection, then you can listen in to the connections at any point outside the quantum tunnel, and could very well crack the routers.

    Trying to route data that was encrypted "as it leaves the computer"... I'm not sure if that can even be done. I suppose, if you had a one-time pad with your router, and it had a one-time pad with the next hop... etc - and you knew how many hops there were going to be - you could do it. Although you'd have to send many, many times more photons, since half will be lost at each step of the way (if I'm recalling correctly), and nothing would make the routers unhackable.

    One of the big problems with a quantum encrypted network is that it's for a very specialized purpose. The bandwidth and latency on such a network will always be very lousy, not only due to the increased transmission complexity, but simply from the fact that you transmit so many photons for a single byte.

    --
    I was watching this thing on TV about some guy named Hitler. Someone should stop him!
  35. Illegal in US? by raisedbyrobots · · Score: 4, Interesting

    Would the US government really allow a technology that it couldn't eavesdrop?

    1. Re:Illegal in US? by sexylicious · · Score: 2, Insightful

      Yes. But it would put a lot of resources into ways of breaking it.

  36. Uncrackable encryption by Anonymous Coward · · Score: 2, Funny
    I understand that the only way to relly tell if an encryption algorithm is foolproof is to subject it to peer review.

    So here. Decrypt this hex:

    1A 3F 23 31 37 F3 18 0B 12 66 20 DB 3D 28 2D 15 5E 80 1B 3F 12 82 FE 14 98 1D E6 23 D2 9F 88 26 D6 2A 38 77 23 90 E8 AB 23 A7 28 87 10 9E C3 B0 38 39

    if no one can decrypt it, then I think I can publish it and

    4) Profit

  37. Re:What Every Teenager Wants by crimethinker · · Score: 3, Interesting
    "What teenager is worried his parents are using a packet sniffer to monitor their his/her instant messaging? "

    Mine.

    Actually, my oldest is 9, so no teenagers yet. The kids' computer is connected to the home network, but blocked COLD at the router from ever touching the internet. No, they can't use mine because they don't know the 18-character password and I can type it in 1-2 seconds, so they won't be shoulder-surfing it either.

    Some time in the future, when I allow internet access from that machine, there will be a sniffing process on a separate machine that has tamper indications. The sniffed data will be grepped for our street name, phone number, name of their school, words indicative of pr0n being sent/received, etc. and any match will trigger human review.

    Don't flame me and say I'm invading their privacy. This is a duty that I owe to my daughters. Furthermore, I can decide that as their parent and until they are 18, their privacy goes out the window when safety is in question. If you heard a window break in your kid's room, a scream, and an unfamiliar voice, would you knock on the door first and say, "are you dressed? Can I come in?" or would you grab the shotgun and kick the door open immediately?

    -paul

    --
    Pistol caliber is like religion: everyone has their favourite, and theirs is the only right choice.
  38. Only point-to-point security by maraist · · Score: 2, Interesting

    This might be the end of the hacked by Chinese index pages!" Reader Kent adds

    If you use https, then China couldn't hack your pages today. Now if you're implying that even https could be hacked, then quantum encryption doesn't provide you any benifit.

    The reason is that you can only quantumly encrypt a single point-to-point channel (haven't read the article, so you could make a lier out of me). And unless you have a direct connection to the end-point in question, you're going to have to go through a gateway. That gateway necessarily needs to see the contents of your message [header]. And more importantly I believe all chinese internet connections run through state-owned gateways.

    Additionally, even fiber-optics have limited range, and I suspenct that the quantum-encrypted messages are passing through such a medium. Thus there must be repeaters which will establish separate quantum connection segments. Each repeater is a possible exploit point. (Again, the article could prove me wrong).

    --
    -Michael
  39. Overkill? by nurb432 · · Score: 2, Insightful

    Isnt this a bit overkill? We dont need *everythig* encrypted..

    Besides, if its decryptable, its breakable. May not be worth the time/cost to read the average Joe's email, but if you belive you are 100% safe, you are a fool..

    --
    ---- Booth was a patriot ----
  40. not a big deal by eddeye · · Score: 4, Informative
    Quantum "encryption" is for the most part useless. It's just another way to exchange symmetric keys. The advantages are purely information-theoretic; in the real world, classical methods are just as good and a whole lot cheaper.

    It's like replacing a steel deadbolt with titanium, meanwhile the door is still wooden, the hinges are brass, and there's a large window right next to it.

    The only uses are extremely high-value applications like banking and the military. Even then I'd spend my money elsewhere.

    --
    Democracy is two wolves and a sheep voting on lunch.
  41. PETA Members not comofrted by Quantum kitties by iamatlas · · Score: 3, Funny

    PETA members were ouraged by the mind boggling number of cats that were killed to perfect this project. PETA members were not soothed by the scientists claims that, theoretically, there are an infinite number of realities in which the cats did not die.

  42. let me help you understand by 192939495969798999 · · Score: 2, Insightful

    If tampering can be detected, then the HTML page mangling can be prevented by ensuring that only trusted parties can change the site, right?

    You SECURE the server using the new encryption, and then it's much harder to hack. Encryption definitely doesn't EQUAL security, but great encryption can lead to great security if you implement it correctly.

    --
    stuff |
  43. An impossible claim! by GMFTatsujin · · Score: 4, Funny

    I'd say "I'll believe it when I see it," but by seeing the quantum crytography in action, I'd be observing it, and, well...

  44. Old joke by dpilot · · Score: 2, Funny

    Wanted: Quantum Mechanic, must bring own tools.

    --
    The living have better things to do than to continue hating the dead.
  45. [groan]CRIKEY, gimme a fscking BREAK by nusratt · · Score: 2


    I reported this story TWO MONTHS ago.

  46. Re:What Every Teenager Wants by HawkingMattress · · Score: 3, Insightful

    If you heard a window break in your kid's room, a scream, and an unfamiliar voice, would you knock on the door first and say, "are you dressed? Can I come in?" or would you grab the shotgun and kick the door open immediately?

    I'd kick the door opened immediatly if i heard that. But i would not put a cam and mic in their room and monitor all their personnal activities just in case it can happen, which is exactly what you plan to do with your sniffer...

    I think grepping for the house adress and phone, things like that is a good idea. Monitoring for porn or their personnal conversations is not. Did your mother search your whole room in every freaking corners every day to see if you hadn't hidden a porn book somewhere ? Would you have liked it ? If you had hidden one, and she had found and confiscated it, would that have helped you in any way in your life ?

  47. secure != eavesdropper-proof by jusdisgi · · Score: 2, Informative

    I just wanted to get into this, because it seems like a lot of people are missing an important point.

    Sure, it's true, nothing is 100% secure, or at least nothing worthwhile is. You can put an unpatched SQL server on this quantum network and it won't matter that no one can sniff the network. I'll go back to a quote I remember wrong, and will (possibly wrongly) attribute to some openssl documentation: "SSL does not make your application secure. SSL only protects your application's network connections from eavesdropping."

    It's not the same thing. The person who said Breaking quantum encryption would most likely net you a Nobel Prize in Physics, since it implies breaking QM. I guess was right...but his larger point, that this was a sea-change in overall security, was wrong.

    This does tremendously raise the bar for network-layer security. It means a network that can unquestionably be trusted to be free from sniffing. Yet this is not a security panacea. We have had very good security of this variety (or emulating it) for some time. However, it is important that we keep going forward with it; note the slashdot story last week about SSL being declared insufficient for the truly hardcore.

    In other words, this is a major breakthrough for secure local transmissions...but not so much for security in general.

    --
    Given a choice between free speech and free beer, most people will take the beer.
  48. Protecting the Wrong Interface Doesn't Help by billstewart · · Score: 2, Informative
    Quantum Encryption lets you build a non-eavesdroppable tunnel between two ends of a fiber. Conventional encryption with adequately long keys lets you build non-eavesdroppable logical tunnels between two endpoints over any arbitrary set of IP transport. Most people haven't bothered deploying conventional IPSEC encryption which doesn't require stringing fiber, much less the harder-to-use quantum stuff.

    Neither one helps the "hacked by Chinese" problem. That's because the hacked sites have connections to the public internet, so anybody in the world can send them packets, servers that listen to those packets, and buggy software that can be abused. Your web server might also be connected to your corporate data center using an IPSEC tunnel running on a quantum-encrypted dedicated fiber in a pressurized titanium conduit running through a moat protected by sharks with frickin' lasers on their heads, but that's not the path the Chinese hackers will use - they'll use your regular Internet connection.

    Alternatively, if you're using the quantum-encrypted or mathematically-encrypted tunnel to connect to people who you shouldn't have trusted, they can still hack you, or if they have an open Internet connection on their machine as well as the tunnel to your machine, you may still be vulnerable.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks