Using Diamonds to Create Unhackable Code

IAmTheDave writes "Researchers at Melbourne University have grown diamond particles 1/1000 of a millimetre on optical fibres which they can use to transmit single photons of light at a time. The diamonds are grown on the optical fiber by raining carbon molecules onto the tip of the fiber. They claim that by transmitting information in single photons, any interception of transmitted photons will be useless to the interceptor, and thus the message will be completely unhackable. Transmission speeds are currently slow - 120km/h, but are expected to speed up."

That's unhackable TRANSMISSIONS, not code

[Chas]

Jeeze.

"Unhackable Code"?

[cbrocious]

This is far from an "unhackable code". In fact, it's not even a code. Please stop thinking that "quantum cryptography" is a form of cryptography. It's simply an interception-resistant media.

Re:"Unhackable Code"?

[hotspotbloc]

Exactly. When it's too tough to crack the technology then it's time to use social engineering or a key capture hardware device built into a keyboard.

There is nothing unhackable.

Re:"Unhackable Code"?

[cbrocious]

Speaking from the standpoint of someone who does a lot of reverse-engineering (PyMusique/pyTunes was my baby) I'd say that 99% of the time, neither of those methods are neccesary. Usually you can get what you need from either the source or destination directly. Most people seem to overestimate security in computer systems. I just can't wait for "quantum cryptography" to be used for DRM keys so we can have a bit of fun ;)

Re:"Unhackable Code"?

[Kainaw]

Please stop thinking that "quantum cryptography" is a form of cryptography.

That depends completely on how it is used. If I simply send a message in 1s and 0s over the photon stream, it isn't encrypted. I can only be certain that it either got there or it didn't get there.

Cryptography comes in when you encode a message using a photon stream. The mechanics of doing this are old hat by now. It is done in the following steps:

1. Send a stream of, say, 2,000 random 1s and 0s to the other end.
   
2. The other end pics, at random, 500 of the 1s and 0s and sends a plain message back saying only which are chosen - the index, not the value. So, you can both form a 500 bit key (the number of bits is to your choosing)
   
3. Encrypt the message using the key you just worked up and send it.
   

This is commonly said to be 'mostly secure' because it is vulnerable to a man-in-the-middle attack. However, it is tamper-proof once it begins. If anyone attempts to read any of the photons as they travel down the stream, they alter the photons. So, you get a scrambled message at the other end and the hack is immediately known.

Because it cannot be copied enroute without giving away that it is being copied, it is commonly called unhackable. You cannot make a copy of it and send it along while you try and hack it. I know, you are thinking you can just copy the photons and resend new ones with the same message. Nope - you have to know the spin orientation of the photons BEFORE you can read them for a 1 or a 0. If you read it with the wrong spin orientation, you will force it to the orientation you read it as and get an errant 1 or 0 that you incorrectly send down the line. So, you could say it is doubly-encrypted and doubly-protected from in-line hacking.

Re:"Unhackable Code"?

[eddeye]

Quantum Cryptography is indeed real cryptography. It uses the encryption system known as the One Time Pad.

Not long ago, I took a graduate course in quantum computing from a researcher in the field. I wrote a paper for that class specifically on quantum cryptography. In 2001, I worked in the same lab as a physicist building a quantum cryptography device (we had lunch almost every day). I've also studied quite a bit of conventional cryptography. Trust me when I say this:

Quantum cryptography has nothing to do with encryption, and barely anything to do with cryptography. It's an authentic channel with eavesdropping detection (but not prevention). In other words, QC is just a bootstrapping phase to distribute key material (random data) to two parties. Everything you do from that point forward, including everything involving your actual data, is classical crypto on classical channels.

QC has nothing to do with one-time pads. You could use the key material for OTPs, if you're deranged. More likely you'll use something like CBC-AES, CTR-AES, CBC-3DES for encryption, which are much faster (less key material, not limited by QC data rate), simpler, and safer (unless you have the resources of a major world government to oversee proper handling of the data and key material at every point from creation to destruction). At any rate, you'll still need integrity even with a OTP or your data is worthless. That means SHA1-HMAC, CBC-MAC-AES, etc.

Cryptography proper punts on the key distribution issue as it's not solvable mathematically. It's an administrative not an algorithmic problem, putting it outside the domain of modern cryptography. This applies equally to asymmetric crypto; public key databases and root certificates require proper oversight and maintenance. Hence the one problem QC solves, key distribution, is really external (but related) to the field of cryptography. That's why I say the two are orthogonal.

The funny part is, QC isn't even a good solution to key distribution. Its physical requirements are costly, stringent, and limiting. Unless you're an ultra-cautious damn-the-expense client like the US govt, there are more cost effective ways to exchange keys, and much better ways to improve your data's security. QC is a problem in search of a solution.

Re:Question

[The+Mighty+One]

http://en.wikipedia.org/wiki/Quantum_cryptography Quantum cryptography is an approach to securing communications based on certain phenomena of quantum physics. Unlike traditional cryptography, which employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, quantum cryptography is focused on the physics of information. The process of sending and storing information is always carried out by physical means, for example photons in optical fibres or electrons in electric current. Eavesdropping can be viewed as measurements on a physical object---in this case the carrier of the information. What the eavesdropper can measure, and how, depends exclusively on the laws of physics. Using quantum phenomena such as quantum superpositions or quantum entanglement one can design and implement a communication system which can always detect eavesdropping. This is because measurements on the quantum carrier of information disturb it and so leave traces.

Yes and no.

[rjh]

Yes and no. Quantum key exchange is, as you point out, a key negotiation protocol which relies on the laws of physics to keep the negotiated key safe from eavesdroppers. However, there's absolutely no limit on the size of key you can generate. If you need a million bits of key, then fine: make a million bit key.

Once you have as many bits of key as you have bits of data, you can treat it as a one-time pad. And that would be a perfectly secure transmission, as long as both sides make sure they destroy the key once it's been used to do an encryption or decryption operation.

In other words, QKE leads quite directly to (a) a cipher and (b) a traditional cryptographic system.

IAAGSSTS (I Am A Grad Student Studying This Shit).