Slashdot Mirror
Scientific American on Quantum Encryption
prostoalex writes "Scientific American claims that advances in commercially available quantum encryption might obsolete the existing factorization-based solutions: "The National Security Agency or one of the Federal Reserve banks can now buy a quantum-cryptographic system from two small companies - and more products are on the way. This new method of encryption represents the first major commercial implementation for what has become known as quantum information science, which blends quantum mechanics and information theory. The ultimate technology to emerge from the field may be a quantum computer so powerful that the only way to protect against its prodigious code-breaking capability may be to deploy quantum-cryptographic techniques.""
Someone needs to write a Encryption routine that uses the source text as the key. THAT will really show 'em!
"Everything you know is wrong. (And stupid.)"
Moderation Totals: Wrong=2, Stupid=3, Total=5.
And who's to say that the NSA hasn't had this technology available to them for a while?
And if they have quantum encryption, their quantum decryption (code breaking) devices are probably a little more advanced than what those two companies *cough*flybynight*cough* are selling.
As far as I can tell, no cats were harmed in the making of these quantum cryptographic devices, although if you look inside the box, the act of looking at the cat inside may (or may not) kill it
"And we have seen and do testify that the Father sent the Son to be the Savior of the World" 1 John 4:14
Why does quantum computing threaten present encryption?
Someone set us up the bomb, so shine we are!
Too bad that once the connection channel is completely secure (with quantum cryptography), people who *really* want to read the information will find otehr ways around it, i.e. infiltration, burglary, etc.
The arm's race continues. Then they'll have to invent Super Turbo Quantum Mofo Encryption to stay one step ahead.
a book on encryption and all the good stuff associated with it
and the book's main point was that, while encryption is generally great,
given time, no encryption has ever stood..
its just a matter of time, until "Quantum Encryption" takes its place among these facts too.
The printer-friendly version puts it all on one nice and image free page.
Article here
It's already available in some universes. Which is why R&D for quantum computers is one of the best jobs you could possibly get; you just hang around until one pops up.
I think this is only another example in a long line of encryption that was quite secure when envisioned, but then as computers became more and more powerful, became less and less secure. Eventually, we will have quantum computers capable of brute-forcing even quantum encryption...
How about they just issue LOP's on silk?
A feeling of having made the same mistake before: Deja Foobar
I for one welcome our new quantum-cryptographical overlords.
tshtuatpptenaynrirragagcuoyomq
so long bits, hello tits.
Trinary digITs here we come!
lol: You see no door there!
Will the need for an unbroken end-to-end light pipe finally lead to enough demand to light up some of that dark fibre that is sitting on the telco's books?
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Quantum cryptography is a solution in search of a problem. It cannot implement public key/private key cryptography, and it can transmit only through a single uninterrupted fiber-optic cable, not over the internet at large. Given those limitations (which I don't think can be surmounted), one might as well use tremendous, digital one-time pads. Transmission of the pads to the relevant parties should be strictly easier than the quantum cryptographic solution: if nothing else, generate terabytes of noise, store it on a RAID, and put it in a car with ten intensely loyal guys. After you've done that, you can send up to that amount of data securely over the internet at large, and no amount of quantum hocus-pocus will be able to decode it.
"Jon, we have a situation. We need your to do your stuff."
The real advantage of using entangled photons would be in sending information faster than light. Entangled Photons in Computers actually might solve all the copper issues in speed we're having in chip DIE size vs clock speed (as in how to get a signal from one end of the chip to the other in a single clock signal).
Quidquid latine dictum sit, altum videtur
"...a quantum computer so powerful that the only way to protect against its prodigious code-breaking capability may be to deploy quantum-cryptographic techniques."
scary stuff....however, a simpsons quote comes to mind:
Alien 1: It seems the earthlings won.
Alien 2: Did they? That board with a nail in it may have defeated us. But the humans won't stop there. They'll make bigger boards and bigger nails, and soon, they will make a board with a nail so big, it will destroy them all!
[both aliens laugh evilly, for quite some time]
This sig contains repetition and redundancy.
Is this new? A proof of concept for any encryption cracking should be a video game patch. So it stands on top for a couple hours, only to be knocked down by crackers a short time later. Is this really something new? Every time a new patch comes out it's like the world expects it to stop everything.
Lets be realistic, if we didn't leave our trash on the table at the mall where would the guy that gets paid to clean it up go? Same with security. If we didn't have people to break into stuff, where would all the security professionals go? There's no stopping it, might as well enjoy it. Keep quantum costly and that will be its firewall, keep quantum available to only the elite and that will be the encryption, put it on newegg and watch me buy one, meaning the technology is no longer useful and has been hacked.
I truly don't see how anything that travels outside of ones' self could ever be secure. As soon as your password reaches your fingertips and is typed, data is no longer secure.
'a quantum computer so powerful'
See those fjords? Those are mine!
It's like replacing a steel deadbolt with titanium, meanwhile the door is wooden, the hinges are brass, and there's a large window right next to it.
The only possible uses are extremely high-value applications like banking and the military. Even then I'd spend my money elsewhere.
The breaking RSA stuff is unrelated (quantum computers, not quantum key exchange) and pure speculation. RSA isn't going away for a loooong time.
Democracy is two wolves and a sheep voting on lunch.
If someone tries to intercept this stream of photons--call her Eve--she cannot measure both modes, thanks to Heisenberg.
That's wrong. The Uncertainty Principle merely states that an observer cannot measure both position and momentum with arbitrary precision.
Not strictly ontopic, but worth to mention: QubitNews, a slash site on quantum computers and quantum information, is getting some activity lately. Drop by once in a while, if you are interested. You might read some insightful comment from insiders of the field!
Quantum encryption is a misnomer, it should be called (and is, in some circles) quantum key distribution. It's all about how the key is transmitted, not how the data is secured. The encryption method is independant of how the key is distributed. Contrary to popular belief, it typically cannot be a one-time pad, since the bandwidth on the "key" channel is very limited due to the exact nature of the transmission. It can be, though, a constantly shifting AES key, or other type of data, making the datastream as a whole effectively unbreakable.
The problem lies in that you have to have a single, unbroken fiber optic connection between the two points, and this fiber optic connection is very limited in the amount of loss that it can withstand. That means you're geographically limited on how far the circuit might be able to travel. You're looking at a few hundred kilometers, at the absolute maximum.
Considering the amount of money you'd spend on putting the circuit in place versus the amount of money you'd lose if the data was compromised, it's very unlikely that anyone, anywhere will have a practical use for QKD/QE. Government and defense, maybe, but then only in very limited applications.
There is a chance that, should quantum computing become a reality and modern encryption algorithms can suddenly be cracked very, very easily that this method may see some use, and by no means is development a waste of time and effort. But, QC is still very much in the early stages, if a working system is ever developed at all.
Thta being said, PKI and courier delivery of key material will continue to be the order of the day for quite some time.
give it a shot.
Particles that are treated best by quantum theory (such as photons, here) exhibit quantum states. Just think of them as metainformation about the particle, which is accurate to a first approximation and appropriate for this explanation. In this case, the light is polarized, which dictates some of its quantum metainformation.
The Heisenberg principle, which you've probably heard about, says that you cannot know the position and momentum of a particle exactly, simultaneously. You can know one or the other exactly, you can know both with noninfinitesimal error, but you can't know both. For big, heavy things, like macroscopic objects, the uncertainty is so small as to be irrelevant.
The quantum weirdness which results is as follows: an unobserved object simultaneously exists in a linear combination of multiple quantum states. That is, it exists as
(x*A+y*B+z*C)/(x+y+z)
Where A,B,C are quantum states and x,y,z are relative probabilities. If they add to 1, the x+y+z term falls out.
This is where schrodinger's cat. If you wait exactly long enough that the probability of the cat dying is 50%, the cat is exactly equal parts dead and alive. It's accurate, but I think it's confusing because it confuses the fact that quantum states really only apply to very small things, except in isolated cases like this.
Where the unbreakability of quantum encryption comes in is the observer. If you open the box, the cat is no longer both, it's just dead or alive. If you look at the photon, it's A,B, or C. You have destroyed the metainformation contained in the photon, because up until when you observed it, it was x parts A, y parts B, and z parts C.
This is unavoidable and fundamental to quantum mechanics.
For quantum encryption/communication not to work this way, we have to be wrong about quantum mechanics, and the fact that it's just so WEIRD is part of the reason I suspect it will work. It's so counterintuitive people have verified this many times.
Even though the T in tits stands for Ternary, modding the parent OT displays a humourless soul.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
test please ignore
In my job as a contractor for a government agency, I've had the opportunity to read a lot about the history of crytopgrahy and code breaking. If there's one thing I've learned, it's that one time pads are unbreakable (when properly created and handled). Does quantum computing affect this unbreakability?
rot26 encryption works just fine for me.
simply, quantum computers dont work on the same principles as our relatively childish PC's. Only the most rudimentary Q/C's exist, or to be more specific, only the most rudimentary quantum processors exist, and thats only in cutting edge labs ala IBM and some very cashed up universities (under extreme temp/pressure/material conditions). so in other words, by the time theses things are available commercialy, 50+ years at best, the quantum entanglement solution to encyption, the infallible solution (excluding an 'insider') may well be viable to use in a Q/C network.
Referencing going postal, the semaphor towers would be the 'optical fibre' in discworld they erect a canvas sheeting to block the LOS between two towers, and:
a) send a sequence of messages to jam the machanics (a 'woodpecker' ala a buffer overflow worm)
b) send a creepy posthumous message
I am sure after they spend loads on quantum cryptography, and tell all theit employees that QUANTUM is protecting them, it will be easier than ever to call up and ask for the email they just received over quantum to be faxed to your office, because your 'damned' quantum line is down again.
Oh I forgot: ----spoiler warning----
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
Finally we can start research stating that P=NP without worry that our discovery would empty our accounts.
Anagram("United States of America") == "Dine out, taste a Mac, fries"
remeber folks, 99% of ALL quantum computer talk you hear is THEORY and not fact, let alone proven. :(
Not the content of the actual encrypted message. Distributing the encryption keys in this way guarantees that whenever a bit in the key is intercepted by an eavesdropper, the sender/receiver would detect it so that could abandon this bit. Then the receiver uses the key to encrypt the actual message and sends it on an open chanel, which is still interceptable by an eavesdropper, but as long as the encryption is One-Time Pads encryption and the previous key generation uses a true random source, crypt-analysis againsted the ciphertext would be impossible.
Alice sends Bob a stream of photons. Each photon that is sent, Alice encodes a state of '1' or '0' on each photon.
Unfortunately, Due to Quantum Mechanics, Bob only has a 50% chance of actually reading the state of the photon. 50% of the time he gets '0' or '1', and 50% of the time he gets 'Unknown', and the photon is destroyed..
This is ok, because after receiving 1 million bits, Bob phones up Alice on an unsecured line and says I managed to read photon numbers 5,6,9,12,13,16....(+ approx 500,000 more), so I will use the state of these photons as a one time pad. Alice looks up the states she sent these photons, and now both parties have a one time pad to encrypt data.
Now, lets say there was an intruder attempting to intercept the key exchange. The intruder is also constrained QM, and can only read 50% of the photons, with the other 50% Destroyed. Because, the 50% of photons the intruder would receive, would be different to the 50% bob had read, it is impossible for the hacker to use the information sent using by bob to Alice, via the unsecured phone call, to build an equivalent one time pad.
Also, as the intruder is only able to forward a exact copy of just 50% of the photons to Bob, with the other 50%, now destroyed. He could replace this 50% of photons with his own set of random state photons, but this will be detected by Bob and Alice, as the one time pads would be different on this 50%, and the transmitted data using the pads would be corrupted.
...has always been notable as hard to tap on. I fail to see much sense in extending protection on network part that is not likely to be attacked and leaks zero emission to sniff. How do you apply quantum encription on any given communication channel? How do you QE commands over MW link to a satelite?
Actually, all of the quantum principles quantum computing is based on are actually experimentally proven. Indeed, quantum computers have been built, except that they are currently restricted to a few qubits. A factorization of 15 with Shor's algorithm has already succeeded.
An unsolved problem, however, is how to build larger quantum computers. Maybe it's impossible in practice to get more than a few individually controllable qubits sufficiently protected from the environment. But that's quite a different statement than the one you made.
Well, probably you just tried to troll anyway.
The Tao of math: The numbers you can count are not the real numbers.
Why do you assume the GP post is lazy. Perhaps they agree with Albert, I know I do. Mathematics can model reality extremely well. I think it breaks down when our Gravity Model says there can be an infinitely large mass in an infinitely small space. I also think QM breaks down with "spooky action".
Because I think that, I also think research (particularly emprical reseach) into black holes and entanglement is a "good thing" regardless of it's potential value. Albert (who like slashdotters could not understand the US patent office) started his ponderings because someone else discovered that the speed of light is constant, so he plugged it into Issac's maths and thunk fer awhile. Issac is said to have gained insperation from an apple but it is more likley it was from Kepler, Galileo, Copernicus,(Issac despised giving credit),... It may just be that we need another Issac to discover a branch of mathematics that will resolve these issues. Perhaps if we resolve it we will be able to talk to all our other multiverse selves who already know we haven't worked it out yet.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
So the big question is: Why does Alice have so many secrets? Why does she feel compelled to tell Bob everything? And what is up with Eve, always budding in?
Personally I think there's something going on between Eve and Bob, that they're not telling us. But damned if I can't break their code.
yo.
I've known about id Quantique for a while, and have no relationship with them other than I think they rock. One of the more interesting things they sell is Quantum Random Number Generators. These babies work by sending a stream of photons at a half-silvered mirror. Each photon will be either transmitted or reflected, though it is impossible to tell which beforehand. A single photon detector on the other side of the mirror turns the reflection/transmission event into a bit. This bit is PURELY RANDOM. This is one of the *few* ways to get purely random numbers.
If you encrypt a message with a purely random OTP, it is *impossible* to decipher without that pad. As opposed to mixing functions based on entrpic randomness which are merely insanely complicated to decipher. Freaking cool. Here's a url. http://www.idquantique.com/qrng.html
Have been looking for you a long time.
I have a new project for you.
What I want to know is why we can't just make a quantum computer in software, if we understand th e principle behind it.
I mean, people seem to be suggesting that quantum computers can do new kinds of logic operations and things. So why can't we just code a virtual CPU that has the right registers, and acts the way a quantum computer would?
Is it all about speed?
who are you talking about? and waht do you mean?
Shor's factorization algorithm has a higher degree running time than legitimate encryption and decryption. So you might have to use 1,000,000 bit keys and spend a minute calculating, but the poor bastard of a quantum computer has to compute for a year to break your code.
Okay, so I didn't RTFA. But, even with something that can break a 50-Million Bit Key, what if I'm writing it in my own language? Are computer's able to handle that?
I mean, assuming I'm recording something important enough to me that I wouldn't want anyone to ever see it and I'm encrypting it this much, why not just go the extra step and create Clonish, or Cowboy Bobish? I mean, I'm stuck using the characters provided to me on my keyboard, but I could make up my own fontset, and I'm no Grammar Nazi, as shown by this huge run-on sentence, so I don't need anything like semicolons, dollar signs, et cetera. Couldn't I just create, say, a 32 character alphabet and pretty much screw the NSA over?
1. Not all current public/private key schemes rely on factorization. RSA does though, as does DSA I think. But not ECC at least, I don't know so many other.
2. To implement Shor's algorithm, quantum computers have to scale. I don't know how it works but it couldn't possibly check more than 2^n keys at once, where n is the number of qubits.
Naturally if n is large, any key can be cracked. But I doubt that quantum effects scale well. So far it's been about a dozen qubits, and well... 2^12 at once is impressive. But compared to a 1024 bit RSA key (which has somewhere around 2^128 valid keys), you'd have to do 2^112 iterations.
I've seen a couple theoretical suggestions about how you could build a lattice grid using nanotechnology to allow it to scale, but it is all extremely theoretical. With any of the current methods of quantum computers, the noise would drown any quantum effects long before they gor to encryption-cracking scales.
Kjella
Live today, because you never know what tomorrow brings
The problem with Quantum key exchange is that it's unauthenticated. Since you don't know who's on the other end, you're vulnerable to a man-in-the-middle attach. Someone could be tapping into the line.
So you authenticate using standard public key techniques, making the whole shebang not much more secure than the (non-quantum) authentication mechanism you use. But vastly more expensive.
if each time you send a new random key using quantum, this key is bigger than the random one-time-pad key you use to authenticate the new key, then you only need a small one-time-pad to boot an infinite private communication !
...unless there's a flaw in this analogy, I don't see how this protects again a man-in-the-middle attack.
Alice is sending a key to Bob. Hacker intercepts the key exchange and sends his own key to Bob. Bob tries to report back, but is also intercepted. He reports back to hacker which bits he got of the hacker's key, hacker reports back to Alice which bits he got of Alice's key. Then the hacker sits in the middle reencrypting on-the-fly.
Personally, I thought it was only good to transfer messages securely. For example, if the key was known to the sender, reciever and the hacker, the hacker could still not intercept it without destroying the message in the process.
Kjella
Live today, because you never know what tomorrow brings
Before you'll know it the will be another hot-or-not spinoff called "is my cat dead-or-not" and it will be a bunch of blank pictures.
I don't get it.
OTP means it's only used once
so you won't get any new useful information by using a known plaintext to get the random bits that were used to encrypt it, since those bits won't be used again !
- weak measurement.
Just a thought, maybe off-topic. I think articles like this one show the inherent flaw in anti-circumvention laws. While the american government says "if you put a lock on something it's unlawful to break it, develop something that breaks it, tell someone how to make something that breaks it etc. etc." we're all seeing where technology is going: quantum computing (sorry if this term is not the right one, have mercy, I'm italian, I mean the ability to compute using quantum mechanics principles) could very well break any kind of lock we know today. This is more proof that high-level, modern technology and copyright/anti-circumvention laws can't possibly coexist as long as copyright has the form and shape it has today. Either laws change or technology stops. Sorry if this comment was too much off-topic.
problem with making a quantum computer, you have to somehow isolate a bunch of particles so they have absolutely no interaction with each other or with anything else. Kinda hard to do. It's been done for very small numbers of particles, for very short times. And if the theory is correct, there are really steep limiting curves to how many and how long you can have particles in the proper state before they decohere. So I wouldnt expect to see a quantum computer at Wal-Mart for many many decades.
I'm glad you're back, Santa!
Btw, do you know what happened to Trollback? There was no new issue since September... What's wrong?
http://www.lkb.ens.fr/recherche/qedcav/english/eng lishframes.html
I can't see PETA, or event myself for that matter, going along with a quantum encryption system when every time you unencrypt and open the box/vault/computer/etc. there is a 50/50 chance of killing a cat.
DNA encryption and carrier pigeons...
TFA says that by doing so you will corrupt the qubits unalterably in a way that is detectable by the sender and receiver, which is also why it is impossible to use signal amplifying repeaters to extend the range of the transmission.
Scientific American claims that advances in commercially available quantum encryption might obsolete the existing factorization-based solutions:...
Verbing weirds language.
Is it possible for the Quantum Computer to create an encryption mechanism that even it can't crack?
Apparently, yes.
A lot of people here are (rightly so) pointing out that QCrypt is of limited use because it's only good for a straight run of fiber and is therefore useless for anything over ~100km at most. Well, wouldn't it be a relatively trivial matter to install trusted amplification stations that could verify the integrity of the transmission over the last link, and then bang it out over the next link? It'd be like a normal network, except your links would be shorter and your "routers" would have to be a whole hell of a lot more secure, but is there any fundamental reason why it wouldn't work?
Facts do not cease to exist because they are ignored. - Aldous Huxley
Maybe I'm missing something here, but what prevents a MITM attack? Mallory pretends to be Bob, gets the bits from Alice and sends back which bits he read using which method. Alice tells him and *boom* he has the entire message. Mallory then starts a completely NEW quantum connection with Bob and repeats the message (possibly altered) sent to Mallory. With public key crypto, you have the advantage of having a public key you know belongs to a certain p erson. With this, you just know that it's some person on the other end, but you don't know who it is. How are we doing unique identification? I don't see how it's possible without relying on something crackable (password/key/etc...)
There's just not enough bandwidth available on existing QCrypt links to send an OTP - AFAIK the plan is to use a strong conventional aystem like AES and send the key, just a few dozen bytes, over the QCrypt network, then send the multi-megabyte encrypted message in a more conventional way.
Facts do not cease to exist because they are ignored. - Aldous Huxley
Is it possible to detect whether or not something quantum-encrypted is being transmitted? There's plenty of information you can garner from a transmission based on the start and stop time, frequency, source and destination, duration, etc. - Scott
In the mysterious future, moms all over the world will upgrade to Quantum computers and stumble upon and decrypt /.ers pr0n stash hidden in c:\school-project.dat back in 2005.
(The following is a post I wrote a month ago to a different forum.)
I don't really see Quantum Cryptography being wildly popular. The big downer is that you need a continuous, clear point-to-point transmission between the two people talking. If Alice is in Los Angeles and Bob is in Tokyo, then you need a trans-Pacific undersea QC fiber-optic channel temporarily dedicated to just Alice and Bob (no packet switching) AND you can't have any classic repeaters to boost signal strength. That second requirement pretty much kills it for distances greater than 50 miles or so.
You could add repeaters, and have each repeater decrypt/re-encrypt, but then an attacker can tap into a repeater undetected and the biggest benefit of QC is lost.
There's a technique for building a quantum repeater. Basically, the gist is something like this:
That is, you can entangle entangled particles to "transmit" the entanglement. If I'm getting this correctly, Alice would transmit half a pair to Randy, Randy would transmit half a different pair to Bob, then Randy would entangle his two halves so that Alice and Bob would have a direct pair. However, since you can't tell if two particles are still entangled without measuring them (and thus losing entanglement), the odds of an A:B pair staying coherent would be (A:R)*(R:B), or (A:R)^2 if all things are equal. Each repeater would add its own factor, so n hops (n-1 repeaters plus final delivery) means p^n chance of a good end-to-end entanglement. Since p<1, the channel bandwidth drops VERY rapidly with an increase in the number of hops. If you have 2Mparticle/s optic links (after accounting for the fact that you throw away every other photon), and 50% decohere on each link, that means 1Mbit/s bandwidth for a direct link, 500kbit/s bandwidth if you add one repeater, and continuing to drop in half for each extra repeater. My gut says there's a tradeoff between inter-repeater distance (big distance = less coherence) and hops (more repeaters = faster drop), and that you have to optimize for the local maxima depending on the exact link parameters. Ugh. That means if you upgrade to better link cables, you potentially need to re-locate all the repeaters in the world.
This might be bearable if you just use the QC link as a key exchange medium, then switch to classic secret-key crypto (e.g. AES) over the Internet once you've agreed on a key. Sending even a huge 512-bit AES key over 20 hops (same link parameters as above) would take just under 5 minutes, which is a pretty decent re-keying interval. 20 hops would get you 1000 miles with near-future tech. (Although 20 DS1-size links would be dedicated just to your re-keying channel, so it'd be hideously expensive. A single non-Internet-connected DS1 runs about $500/month in my area. But I could see it happening between e.g. universities or military bases.)
So, with all those problems in mind, don't expect QC to take over anytime in the next half-century or so. Until a working quantum computer is built (and quantum computers are actually harder than quantum crypto), public-key crypto like RSA and DSA (the stuff that SSL runs on) is still safe and doesn't have as much hassle. And, thankfully, quantum computers don't do jack shit against secret-key crypto. (They can shave 1 bit off your secret key, but that's trivial. They aren't magic wands.)
Range Voting: preference intensity matters
I've created all possible user accounts on the system, each with all possible passwords.
I can't tell you who is logged on, you may or may not be, if I looked, then we'd know, but it would defeat the point.
I think your disk is full and empty at the same time.
We reached a CPU resource bottleneck, or then again, maybe we haven't.
I'd like to say I got a good backup, what do you think?
O=='=++
How much you want to bet that the practical difficulty of building an n-bit quantum computer turns out to be exponential in n?
So building a 1024 qubit computer would be 2**1022 times harder than building a 2 qubit computer, in other words.
Even if these hypothetical systems crack at the rate of megaflops per nanosecond, it's still possible to scale conventional crypto to the point where brute force takes longer than universal proton decay. This looks like NSA fudd to me, analogous to those flying saucer reports in Iran.
``Tension, apprehension & dissension have begun!'' - Duffy Wyg&, in Alfred Bester's _The Demolished Man_
Everyone is saying a one time pad is "impossible" to break... I would like to respectfully disagree. I think it's amazingly improbable that you could break it. The reason? There is the remotest chance that you could guess the OTP correctly. Not very likely that you could luck into that... but still a mathematical physical real possibility. And I suppose the same would be true of the quantum encryption.
I haven't seen any. In fact, I'd have to call 90% of what Scientific American, Omni, Popular Science (since when was science a matter of popular opinion), and all the other newsstand science rag/mags say is... well... as reliable as what you expect to find in any of the other tabloids.
Well, I guess the vulnerability could be found in the repeaters. They move the state of one photon to another for longer distance transmissions. In the article: Ultimately cryptographers want some form of quantum repeater--in essence, an elementary form of quantum computer that would overcome distance limitations. Now, I understand that tapping a fiber line to grab photons would changer their state and allow for detection, but I can't believe it is impossible to grab the state of the photons somehow. My small brain has an idea, someone shoot it down please. Here goes. If a quantum repeater allows can 'mimic' a photons state, why can't a repeater be hacked to make copies? That is a repeater repeater. All of this is too Star Trek for me, going back to VB coding now... Brain hurts...
--Always, I mean never..., No I mean always check your references.--
Quantum cryptography is the encoding of communications using a quantum technique which allows the guaranteed detection of any intrusion or interception of the communication. Prototype systems now available. Not to be confused with quantum computers, a technology which could theoretically allow successful code-cracking computations which are beyond the power of current computers. Quantum computers are theoretically possible, but only the most basic building blocks of the technology have been demonstrated to date. And it should be noted that cryptographic engineers have already documented half a dozen techniques for intercepting quantum cryptographic communications without violating any laws of physics by simply outsmarting the builders and operators of such systems. For example, by taking advantage of the error correction built into the sender's hardware to make it repeat data blocks without notifying the human operator. Or overloading the receiver's detector by shining a laser down the optical fibre, causing it to read all zeroes.
None of them answer the most basic questions facing geeks today:
Screw public keys and I don't care how long a password I have to type: What's the best way to encrypt my network drive dedicated to porn?
How long before some big bad TLA gubmint agency will be able to break that encryption?
When one of these scholarly journals simply and directly answers those two questions, crypto-challenged geeks everywhere will rejoice.
The threat of quantum computing to conventional cryptography is twofold. First, it provides novel factoring algorithms that attack specific contemporary cryptosystems that rely on certain mathematical problems used for key exchange being 'hard'; in the future we defend against this by moving to new core problems that are hard int he new computational domain. The second (to simplify rather) is the potential to 'brute force' the key space of cryptosystems in general by trying exponentially many keys in parallel. One time pads remain secure, because they consume enough key bits to keep all decrypts equiprobable (up to length). Although for key distribution this property of equiprobable decrypts is essential (because the task is one of maintaining the size of the keyspace for an attack on subsequent stages in a protocol), for many tasks it suffices just to provide enough sufficiently probable alternatives that the correct candidate decryption cannot be recognised. For example, if I have as a front end to my cryptosystem a codebook that says '0 = sell the stock, 1 = meet me for lunch, 2 = I am having an affair with your wife, 3 = I think it may rain', then even a one-bit key should keep me safe from the SEC (though it now matters whether the recipient is, in the real world, married).
The point is this: the absolute mathematical defense against bruteforcing is a key space the size of the message space. But it also suffices to compress the message before encryption with sufficient competence that the full key space generates many plausible decrypts (where 'many' means specifically that the cost of verifying them exceeds the value of the message).
I suspect that since quantum computation is in principle limited by readout, increasing the difficulty of recognising a decrypt becomes the key defense to this attack.
This makes data compression very important to future security (and patents in the field a significant threat).
There are actually commercial products (MagiQ) that do quantum encrypted links over fiber. If this product is properly made, I could well see it obsoleting any classical crypto tunnels (like VPN etc). Hell, you just layer the classical crypto over the quantum secured link anyway. I have recently been talking with professors at a major North American university who will in fact be dissecting this equipment; but yeah, classical crypto simply can't compete with equipment like this. You put up the quantum crypto link on fiber, then any classical crypto underneath.
This implementation of quantum cryptography is, in essense, a secure negotiation of a one-time-pad that can be used in any symetric key algorithm.
You sly dog: you got me monologuing! - Syndrome
Look! Someone writing something new in FORTRAN! It's hardly ever seen outside of zoos now.
[aussie] This stuff is REALLY DANGEROUS! [/aussie]
$META_SIG_JOKE
Because light soft of "bounces" down a fiber optic, being reflected from the walls, could you (very carefully) strip off the insulation, and put a bend in the fiber, and collect the stray photons whose angle of incidence wasn't shallow enough to be reflected?
Chip H.
I happen to know a bit about the research going on in the area and it so happens that SciAm is just being sensationalistic as usual. They're nowhere near having useable Quantum Encryption devices. The experiments are starting to catch up to the theory, but aren't there yet.
That's amazing (re: distilling truly random bits from a biased bitstream). I had no idea that was possible, or even that simple, but of course it makes sense in 20/20 hindsight. Do you know if all methodologies to generate computed randomness via something like environmental sampling (e.g., /dev/random) take advantage of this to purify the random bitstream?
In case anyone was thinking, elliptic curve encryption will also be considered broken if a Quantum computer is built
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
Every time you use quantum encryption God kills a kitten.
An alternative to using RSA, DSA, or other encryption methods which rely on the difficulty of factoring is Elliptic Curve Encryption. As far as I know, nobody has come up with a theory for how quantum computing might be used to crack ECE. What I do not know is how hard it might be to come up with such a thing, or how long it might take to become available once the theory is mapped out.
RSA-oriented solutions are going to get the lion's share of the attention and development for a while, because it is so popular. Unless ECE catches on in a big way, and/or RSA is widely viewed as useless, there won't be much market incentive to develop an ECE-oriented solution. At least, that's my opinion. So in the meantime, ECE-encrypted data might be safer than RSA/DSA-encrypted data.
-- TTK
... there are a few exceptions to this rule - e.g. Aharanov
Is NOT doing this. She is not using a single photon to send the information, since there are no reliable single-photon sources. These quantum cryptography systems are a scam, since they really send some number of photons > 1. If Eve intercepts just one photon in the burst, the other photons get through and the eavesdropping can't be detected.
When reliable single-photon turnstiles are available, that problem may be fixed.
http://shit.slashdot.org/article.pl?sid=05/01/20/0 358215
...doesn't need a trillion dollar budget. In fact, it's almost as easy as splicing cables and putting in a "three way" connector.
Please correct me if I am wrong, but it seems that an effect that allows the eavesdropper to "clone" photons is already known: Stimulated Emission of Radiation, the same thing as used in lasers. Why doesn't this break QCrypt?
Quantum links have been around since the 80s.
http://www.qlinklives.org/
https://www.eff.org/https-everywhere