Using Diamonds to Create Unhackable Code

IAmTheDave writes "Researchers at Melbourne University have grown diamond particles 1/1000 of a millimetre on optical fibres which they can use to transmit single photons of light at a time. The diamonds are grown on the optical fiber by raining carbon molecules onto the tip of the fiber. They claim that by transmitting information in single photons, any interception of transmitted photons will be useless to the interceptor, and thus the message will be completely unhackable. Transmission speeds are currently slow - 120km/h, but are expected to speed up."

That's unhackable TRANSMISSIONS, not code

[Chas]

Jeeze.

Re:That's unhackable TRANSMISSIONS, not code

[znu]

The headline probably means code defined as "a system of signals, such as sounds, light flashes, or flags, used to send messages." Rather than computer code.

Re:That's unhackable TRANSMISSIONS, not code

[KillShill]

no, no such thing as "unhackable"

time and time again we've been shown this to be false.

it may take time/energy/effort etc but it's clearly possible. always.

Re:That's unhackable TRANSMISSIONS, not code

[nametaken]

In light of the fact that we just found the "biggest compromise in history" of secure data was perpetrated by idiot employees selling peoples profiles for $10 (USD) a pop, I'm less worried about unhackable transmissions and more worried about the people at each end.

Lets remember to call our banks.

Now for my master plan...

[Bananatree3]

Stretch 3000 miles of this across the atlantic, set up a secret recieving station on the African coast, and voila! One secret, untappable method for my world takeover, I mean, world communication plan!

"Unhackable Code"?

[cbrocious]

This is far from an "unhackable code". In fact, it's not even a code. Please stop thinking that "quantum cryptography" is a form of cryptography. It's simply an interception-resistant media.

Re:"Unhackable Code"?

[hotspotbloc]

Exactly. When it's too tough to crack the technology then it's time to use social engineering or a key capture hardware device built into a keyboard.

There is nothing unhackable.

Re:"Unhackable Code"?

[cbrocious]

Speaking from the standpoint of someone who does a lot of reverse-engineering (PyMusique/pyTunes was my baby) I'd say that 99% of the time, neither of those methods are neccesary. Usually you can get what you need from either the source or destination directly. Most people seem to overestimate security in computer systems. I just can't wait for "quantum cryptography" to be used for DRM keys so we can have a bit of fun ;)

Re:"Unhackable Code"?

[Kainaw]

Please stop thinking that "quantum cryptography" is a form of cryptography.

That depends completely on how it is used. If I simply send a message in 1s and 0s over the photon stream, it isn't encrypted. I can only be certain that it either got there or it didn't get there.

Cryptography comes in when you encode a message using a photon stream. The mechanics of doing this are old hat by now. It is done in the following steps:

1. Send a stream of, say, 2,000 random 1s and 0s to the other end.
   
2. The other end pics, at random, 500 of the 1s and 0s and sends a plain message back saying only which are chosen - the index, not the value. So, you can both form a 500 bit key (the number of bits is to your choosing)
   
3. Encrypt the message using the key you just worked up and send it.
   

This is commonly said to be 'mostly secure' because it is vulnerable to a man-in-the-middle attack. However, it is tamper-proof once it begins. If anyone attempts to read any of the photons as they travel down the stream, they alter the photons. So, you get a scrambled message at the other end and the hack is immediately known.

Because it cannot be copied enroute without giving away that it is being copied, it is commonly called unhackable. You cannot make a copy of it and send it along while you try and hack it. I know, you are thinking you can just copy the photons and resend new ones with the same message. Nope - you have to know the spin orientation of the photons BEFORE you can read them for a 1 or a 0. If you read it with the wrong spin orientation, you will force it to the orientation you read it as and get an errant 1 or 0 that you incorrectly send down the line. So, you could say it is doubly-encrypted and doubly-protected from in-line hacking.

Re:"Unhackable Code"?

[Anonymous+Luddite]

>> There is nothing unhackable.

and if it's difficult to hack the transmission media, there is probably cleartext versions of the transmission at either end.

"un-crackable" transmission will just change the point of attack...

Re:"Unhackable Code"?

[xiphoris]

Mod parent and grandparent down. Quantum Cryptography is indeed real cryptography. It uses the encryption system known as the One Time Pad. The "Quantum" aspect of it is used in transmission (really, creation) of the random pad on both sides of the communications line.

There is nothing unhackable.

Perhaps, but information encrypted with quantum cryptography is un-interceptable. Because of the way a one time pad works, you have no way to verify that you've cracked a message -- any "decrypted" result is the same as any other.

This is distinct from other encryption methods, which use complicated math to encrypt and decrypt things.

A one-time pad is merely a block of random data. You XOR your pad with your plaintext to get ciphertext. With a given ciphertext block, you have no way to verify what the correct plaintext is. For example, if I have a ciphertext message: ABCD, that could just as equally be the plaintext HELO as ROFL.

Quantum cryptography is the usage of quantum mechanisms to generate the same random data at two different locations. Because of properties of quantum physics that I don't personally understand, interception of that quantum data is impossible.

But no, quantum cryptography is not breakable because it's impossible to know whether you have the correct plaintext, and it's impossible to get the one-time pad from the quantum transmission line (physics guarantees it). In other encryption systems, you know mathematically whether you have discovered the "key". The ciphertext of a one-time-pad, according to information theory (and the assumption that your pad is made of truly random data), provides you absolutely no information about the pad or the plaintext.

See more here: http://en.wikipedia.org/wiki/Quantum_cryptography

Re:"Unhackable Code"?

[eddeye]

Quantum Cryptography is indeed real cryptography. It uses the encryption system known as the One Time Pad.

Not long ago, I took a graduate course in quantum computing from a researcher in the field. I wrote a paper for that class specifically on quantum cryptography. In 2001, I worked in the same lab as a physicist building a quantum cryptography device (we had lunch almost every day). I've also studied quite a bit of conventional cryptography. Trust me when I say this:

Quantum cryptography has nothing to do with encryption, and barely anything to do with cryptography. It's an authentic channel with eavesdropping detection (but not prevention). In other words, QC is just a bootstrapping phase to distribute key material (random data) to two parties. Everything you do from that point forward, including everything involving your actual data, is classical crypto on classical channels.

QC has nothing to do with one-time pads. You could use the key material for OTPs, if you're deranged. More likely you'll use something like CBC-AES, CTR-AES, CBC-3DES for encryption, which are much faster (less key material, not limited by QC data rate), simpler, and safer (unless you have the resources of a major world government to oversee proper handling of the data and key material at every point from creation to destruction). At any rate, you'll still need integrity even with a OTP or your data is worthless. That means SHA1-HMAC, CBC-MAC-AES, etc.

Cryptography proper punts on the key distribution issue as it's not solvable mathematically. It's an administrative not an algorithmic problem, putting it outside the domain of modern cryptography. This applies equally to asymmetric crypto; public key databases and root certificates require proper oversight and maintenance. Hence the one problem QC solves, key distribution, is really external (but related) to the field of cryptography. That's why I say the two are orthogonal.

The funny part is, QC isn't even a good solution to key distribution. Its physical requirements are costly, stringent, and limiting. Unless you're an ultra-cautious damn-the-expense client like the US govt, there are more cost effective ways to exchange keys, and much better ways to improve your data's security. QC is a problem in search of a solution.

Re:"Unhackable Code"?

[tbo]

Summary: parent poster is being a twit.

Long version:
First, let's clarify what it means to say that "physics" guarantees that your quantum key distribution (QKD) system is unbreakable. Given a perfect implementation of the QKD protocol, or at least an implementation where the errors are within certain bounds and you haven't done anything stupid like reusing your OTP, you are guaranteed security if quantum mechanics is correct.

What do I mean by correct? I mean that quantum mechanics correctly describes the relevant systems--systems to which it is currently considered applicable.

We have many good reasons to believe quantum mechanics is correct. Its relativistic extension, QED, has given us some of the most accurately-verified theoretical predictions ever. Notable objections to the theory (such as the famous paper by Einstein, Podolsky, and Rosen, or "EPR") have proven false (google the Bell inequality and the Aspect experiment).

More specifically, some of the particular variations in quantum mechanics that one would imagine could be useful for defeating a QKD system, such as nonlinearity, would give rise to highly unphysical effects (superluminal signaling), which we have not observed.

It seems that quantum mechanics is an island in theory space--that is, any perturbation from the accepted theory seems to give something obviously unphysical, or at least something that does not agree with experiment.

In other words, this is as close to proof as it gets in science. Clearly, quantum mechanics isn't the final word on, say, quantum gravity, but we're not going to be throwing out the undergrad quantum mechanics books any time soon.

Yes, it would be nice to have information-theoretic security, but that doesn't seem to be possible for a key distribution protocol. Still, security predicated on the laws of physics is a hell of a lot better than security-based-upon-the-fact-that-we-haven't-heard -of-anyone-breaking-it, which is all RSA and other popular schemes have going for them (RSA isn't even computationally secure).

Re:"Unhackable Code"?

[Tango42]

It's more complicated than that. The act of observing the photon changes it, so you can't always read it accurately. The method of communication involves checking if you read all the bits correctly afterwards and discarding any you didn't - if you've been reading them in the middle they'll think they read it correctly, but will still have the wrong bit so will get nonsense out when they send a message (probably a simple test message that won't tell you anything useful) and they won't send the real message until they've got rid of you.

Yeah?

[Eyeball97]

I'm sure I'm not the only one who immediately thought "Titanic" when I saw the headline...

Wow!

[computerme]

So its really is true:

Diamond (encryptions) are forever!!

Buh wump dump.

(thanks. I will be here all week.)

Curious

I'm left wondering how it is they've managed to slow down the transmission of a photon to 120 kilometers in one hour, presumably in the glass fiber. Usually slowing down light that much takes a great deal of infrastructure and effort, it's rarely a side-effect.

Slashdot and the www.news.com.au couldn't have both made the same screamingly stupid mistake and meant 120 kilobits per hour, right? Right?

Re:Curious

[Anonymous+Luddite]

>> Usually slowing down light that much takes a great deal of infrastructure and effort, it's rarely a side-effect.

I think they did it by forming the photons into committees. They spend more time forming action plans and holding meetings than actually moving. Some of them actually go backwards...

Re:Curious

[tomRakewell]

Stop nitpicking about units! I have it on good authority that the author of this story made the Kessel Run in less than 12 parsecs, so he is a quite an expert on these matters.

Question

[Mark_in_Brazil]

OK, I RTFA, and there's something I don't get.
TFA says

But if the light was a single photon beam, others in the room could not see it, and the two friends would also know instantly if it had been intercepted.

How? What keeps a third party between the two friends from receiving the photons transmitted by one friend and retransmitting exactly the same sequence of photons to the other while keeping a record, and therefore, a copy of the message?
I'm pretty sure there's more to it than appeared in TFA, and that there is a way to be sure there isn't an eavesdropper between the two friends, but I don't know what it is.

Re:Question

[The+Mighty+One]

http://en.wikipedia.org/wiki/Quantum_cryptography Quantum cryptography is an approach to securing communications based on certain phenomena of quantum physics. Unlike traditional cryptography, which employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, quantum cryptography is focused on the physics of information. The process of sending and storing information is always carried out by physical means, for example photons in optical fibres or electrons in electric current. Eavesdropping can be viewed as measurements on a physical object---in this case the carrier of the information. What the eavesdropper can measure, and how, depends exclusively on the laws of physics. Using quantum phenomena such as quantum superpositions or quantum entanglement one can design and implement a communication system which can always detect eavesdropping. This is because measurements on the quantum carrier of information disturb it and so leave traces.

Anyone..

[Turn-X+Alphonse]

Anyone want a game of quake? We could have like 1000 pings. It'll be like old times again!

misleading

[delirium+of+disorder]

Not only is quantum cryptography not not a code or traditional cryptographic system, it is not exactly a perfectly "secure transmission medium" as some /.ers have suggested. It is a method of interception detection. It is a HARDWARE system that uses entanglement or the Heisenberg uncertainty principle to send photons in such a way that the communication system itself can always detect eavesdropping (and logically would cease transmission if interception is detected). It is not untapable....but any taping would do little good since it would be noticed.

Slower! Slower!

[Helpadingoatemybaby]

120 km/hr!?

I hope they don't speed the connection up, I hope they're able to slow it down! Think ultimate storage medium, the only limit being the number of photons you can put in the length of a pipe.

Running out of storage space? Hello sweet superposition! Yeah, my iPod stores 4.02 * 10^18 songs, but have to listen to them all in order.

Re:Ummmm....

Wouldn't the transmission speed have to be C?

Many people don't realize that C is the speed at which an electromagnetic wave propagates, not necessarily the charge carriers themselves. The electrons in a copper wire, for instance, move pretty slowly, on the order of several seconds per millimeter.

I didn't realize that drift velocity applies to photons in a medium, but it sounds like it may.

120 km/h

[kabz]

Transmission speeds are currently slow - 120km/h, but are expected to speed up.

So these are Canadian electrons, eh ?

Yes and no.

[rjh]

Yes and no. Quantum key exchange is, as you point out, a key negotiation protocol which relies on the laws of physics to keep the negotiated key safe from eavesdroppers. However, there's absolutely no limit on the size of key you can generate. If you need a million bits of key, then fine: make a million bit key.

Once you have as many bits of key as you have bits of data, you can treat it as a one-time pad. And that would be a perfectly secure transmission, as long as both sides make sure they destroy the key once it's been used to do an encryption or decryption operation.

In other words, QKE leads quite directly to (a) a cipher and (b) a traditional cryptographic system.

IAAGSSTS (I Am A Grad Student Studying This Shit).

let me get this straight

[layer3switch]

120 km/h to send single photon in order to establish a secure channel?

Hmm.. let me get this straight. So if I burn a DVD and send it to California from New York using FedEx 2Day service for $14.59, could I name this post as "Unhackable Transmission Medium for only $14.59"?

What about routers?

[BobPaul]

The problem I have with this is that it really doesn't have any place in the internet at large. Sure, it's great for point to point direct connections--ie, my secure installation has a direct diamond-fibre connection to your secure installation, but it really doesn't do much for more public transfers, like internet banking.

This will secure transmissions between banks and internally at banks, but a secure system is only as secure as it's weakest link, and this doesn't improve security on the internet.

Since the internet uses routers, switches, and hubs someone could always gain access to the router or pickup the broadcast from a hub through some other means and cause that system to log packets or duplicate them elsewhere, etc.

Or is there a way to incorporate this into a system similar to the internet as we know it and make my home connection to my bank/paypal/yahoo shopping more secure?

Unhackable... Unnecessary!

[WaR.KiN]

It's not that the code is unhackable, it's just that hackers won't be hacking into your bank account anymore. They'll just take the diamonds.

I've already diagramed a system of unhackable code

[Jekler]

It just relies on a perpetual motion device to power the division by zero generator.