Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Video Conferencing via Quantum Cryptography

Posted by ryuzaki0 on from the hello-a77ghlfiyu-82md022x1x-bye dept.

Roland Piquepaille writes "If you use a webcam to talk with your mom, this tool is not for you. But if you're working for a company and that you have to routinely discuss about sensitive future projects or the possible acquisition of another company, you need more security, and this new video conferencing system based on quantum cryptography is a tool you need. According to this article from Nature, researchers from Toshiba have developed a system which can generate 100 quantum 'keys' every second, fast enough to protect every frame in a video exchange. This technology, which today is working over a distance of about 120 kilometers, could become commercially available within two years at an initial cost of $20,000. This overview contains more details and references."

15 of 163 comments (clear)

  1. The Star Wars Kid could have used this by Anonymous Coward · · Score: 4, Funny

    Maybe this "tool" isn't for having a chat with mom, but if you plan on making a Star Wars like lightsaber duel with a broom, make sure to use this.

  2. Hey Roland, I'm violating your copyright! SUCK IT! by Anonymous Coward · · Score: 5, Interesting

    Secure Video Conferencing via Quantum Cryptography

    If you use a webcam to talk with your mom, this tool is not for you. But if you're working for a company and that you have to routinely discuss about sensitive future projects or the possible acquisition of another company, you need more security, and this new video conferencing system based on quantum cryptography is a tool you need. According to this article from Nature, researchers from Toshiba have developed a system which can generate 100 quantum 'keys' every second, fast enough to protect every frame in a video exchange. This technology, which today is working over a distance of about 120 kilometers, could become commercially available within two years at an initial cost of $20,000. Read more...

    Here is the introduction from Nature.

    Scientists from Toshiba's Cambridge Research Laboratory unveiled their invention to business leaders and government officials at Britain's Department of Trade and Industry in London on 27 April.

    Their system is capable of generating 100 quantum 'keys' every second. This is fast enough for every individual frame of video to be protected by its own encryption. "This makes the system highly secure," says Andrew Shields, who leads the Cambridge team. "It would take an enormous computational resource to crack this frame by frame."

    Of course, today's videoconferencing tools using conventional encryption are already pretty secure. But if the NSA wants to check your conversation, I betit can. With quantum cryptography, this is a different story.

    Quantum cryptography promises to stop such eavesdroppers. The system works by first establishing a 'key' that provides instructions on how to decode an incoming message. This key is built into the quantum state of photons. Intercepting a message breaks the key and alerts the sender and intended recipient to the security breach, because the very act of observing a quantum state changes it.

    The Quantum Information Group at Toshiba gives more details on this subject on this page about Security from Eavesdropping . Below is a diagram illustrating the concept (Credit: Toshiba's Cambridge Research Laboratory).

    Using single photons to carry the bit material for the key prevents undetected eavesdropping. Because each bit is carried by a single photon, it is not possible for a hacker to tap in and remove part of the signal, as shown in the illustration. Single photons do not split, so if the hacker (Eve) measures the photons on the fibre, they will not reach the intended recipient (Bob). Only the photons that arrive at Bob are used to form the key, so Eve cannot gain any useful information by this crude 'tapping' attack.

    The first commercial applications of quantum cryptography are now about one year old. However, this new system offers new levels of performances, according to Nature.

    Unlike previous systems, which become unreliable when they heat up, this device can run continuously for more than four weeks, says Shields. The quantum information can only go so far before being corrupted by random interactions with surrounding material, however. "We've shown this can work over 120 kilometres of fibre," says Shields.

    Toshiba has already built a Quantum Cryptography Prot

  3. THE TRUTH ABOUT ROLAND PIQUEPAILLE by Anonymous Coward · · Score: 3, Informative

    I think most of you are aware of the controversy surrounding regular Slashdot article submitter Roland Piquepaille. For those of you who don't know, please allow me to bring forth all the facts. Roland Piquepaille has an online journal (I refuse to use the word "blog") located at http://www.primidi.com/. It is titled "Roland Piquepaille's Technology Trends". It consists almost entirely of content, both text and pictures, taken from reputable news websites and online technical journals. He does give credit to the other websites, but it wasn't always so. Only after many complaints were raised by the Slashdot readership did he start giving credit where credit was due. However, this is not what the controversy is about.

    Roland Piquepaille's Technology Trends serves online advertisements through a service called Blogads, located at www.blogads.com. Blogads is not your traditional online advertiser; rather than base payments on click-throughs, Blogads pays a flat fee based on the level of traffic your online journal generates. This way Blogads can guarantee that an advertisement on a particular online journal will reach a particular number of users. So advertisements on high traffic online journals are appropriately more expensive to buy, but the advertisement is guaranteed to be seen by a large amount of people. This, in turn, encourages people like Roland Piquepaille to try their best to increase traffic to their journals in order to increase the going rates for advertisements on their web pages. But advertisers do have some flexibility. Blogads serves two classes of advertisements. The premium ad space that is seen at the top of the web page by all viewers is reserved for "Special Advertisers"; it holds only one advertisement. The secondary ad space is located near the bottom half of the page, so that the user must scroll down the window to see it. This space can contain up to four advertisements and is reserved for regular advertisers, or just "Advertisers".

    Before we talk about money, let's talk about the service that Roland Piquepaille provides in his journal. He goes out and looks for interesting articles about new and emerging technologies. He provides a very brief overview of the articles, then copies a few choice paragraphs and the occasional picture from each article and puts them up on his web page. Finally, he adds a minimal amount of original content between the copied-and-pasted text in an effort to make the journal entry coherent and appear to add value to the original articles. Nothing more, nothing less.

    Now let's talk about money. Visit BlogAds to check the following facts for yourself. As of today, December XX 2004, the going rate for the premium advertisement space on Roland Piquepaille's Technology Trends is $375 for one month. One of the four standard advertisements costs $150 for one month. So, the maximum advertising space brings in $375 x 1 + $150 x 4 = $975 for one month. Obviously not all $975 will go directly to Roland Piquepaille, as Blogads gets a portion of that as a service fee, but he will receive the majority of it. According to the FAQ, Blogads takes 20%. So Roland Piquepaille gets 80% of $975, a maximum of $780 each month. www.primidi.com is hosted by clara.net (look it up at Network Solutions ). Browsing clara.net's hosting solutions, the most expensive hosting service is their Clarahost Advanced ( link ) priced at £69.99 GBP. This is roughly, at the time of this writing, $130 USD. Assuming Roland Piquepaille pays for the Clarahost Advanced hosting service, he is out $130 leaving him with a maximum net profit of $650 each month. Keeping your website registered with Network Solutions cost $34.99 per year, or about $3 per month. This leaves Roland Piquepaille with $647 each month. He may pay for additional services related to his online journal, but I was unable to find any evidence of this.

    All of the above are cold, hard, verifiable facts, except where stated otherwise. Now I will give you my personal opinion

    1. Re:THE TRUTH ABOUT ROLAND PIQUEPAILLE by benjamin_pont · · Score: 5, Informative

      How does this kind of thing happen? Just curious.

      benjamin_pont's Recent Submissions

      Title
      Quantum leap in secure web video

      Datestamp
      Friday April 29, @02:09PM Rejected

  4. ah.. by Keruo · · Score: 4, Funny

    video conferencing.. the politically correct way to say, streaming porn

    --
    There are no atheists when recovering from tape backup.
  5. Great til machine/user is virused/wormed/phished by G4from128k · · Score: 3, Insightful

    New encryption tools are cool, but they only secure the network. The end-terminals (and end-users) are still insecure. Holes in the OS, clicking on the wrong email, etc. can compromise one of the machines. And if either party likes chocolate, then we know that we can get the keys to crypto just by offering a tasty morsel.

    Security is only as strong as its weakest link. This invention ensures that the network is not the weakest link. Its a step in the right direction, but other components are still pretty vulnerable.

    --
    Two wrongs don't make a right, but three lefts do.
  6. Limitations by Bifurcati · · Score: 4, Interesting
    It should be pointed out that at the moment this technology is limited to sites linked by a fibre optic cable along which the entangled photons (which ultimately form the key) are sent. They claim that it can work over a 120km section.

    For this to be really useful, you would need to be able to send the photons via satellite, something which is hard as the interaction with the environment along the way can destroy the entangled state. This would probably be interpreted the same as eavesdropping, further muddling the water. Physicists are indeed trying to get this to work, but it may take some time.

    --

    Physicist, consultant, science communicator
  7. Is Roland a script ? by Anonymous Coward · · Score: 4, Insightful


    because his "articles" sure read like them, check out a google search on this phrase
    This overview contains more details and references

    perhaps Roland should spend his time and get a proper job (or perhaps nobody will employ him) and actually contribute something new to the internet instead of just leeching from others hard work.

  8. Boycott Roland Piquepaille Stories by goldspider · · Score: 5, Insightful

    Yes, offtopic, I know. Moving on.

    There are a lot of us here who object to Roland Piquepaille's well-documented practice of using Slashdot to direct readers to his site and thereby generate ad revenue for himself.

    Roland Piquepaille contributes none of his own work (it's ALL derivative of others' efforts), and Slashdot is more than willing to sell their readers out to this character.

    So the next time a Roland Piquepaille-submitted story comes up, don't read it. Don't post replies. Don't even acknowledge that the story is there.

    It's time we send Slashdot the message that we don't like being taken advantage of in this manner.

    --
    "Ask not what your country can do for you." --John F. Kennedy
    1. Re:Boycott Roland Piquepaille Stories by Quixote · · Score: 4, Insightful

      I keep seeing the same sort of responses to Roland's stories, and have finally begun to wonder: why doesn't Slashdot stop posting his stories? Will someone at Slashdot address the readers' concerns? It is about time that an official answer came from Slashdot central about their relationship with Roland. I find it hard to believe that each and every story of his gets accepted, while the rest of us have a much less success rate.

    2. Re:Boycott Roland Piquepaille Stories by nacturation · · Score: 4, Interesting
      Yes, perhaps we should start moving to other sources where we can get some fresh writing and not be taken advantage of. Perhaps SecurityFocus would be a good source. Here's the first paragraph of their article titled Quantum crypto moves out of the lab:
      "Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ."
      Or maybe we should use The Register's article titled Quantum crypto moves out of the lab. Here's their first paragraph:
      "Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ."
      Or another article and you can probably guess that the opening paragraph there will make you think there's a glitch in the matrix.

      Both The Register and SecurityFocus show ads, and they're just rehashing some company's PR spam and profiting from readers. But this is all academic -- the more interesting question is why you don't seem to find it objectionable that the bulk of these articles, even if from reputable places, ARE ads themselves?
      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  9. Why? by nacturation · · Score: 5, Insightful

    I don't see this as being really practical for security. So you've got all of this quantum-encrypted video which is infinitely better than an SSH-encrypted stream and you're feeling pretty smug about how unbreakable it is. Meanwhile, the janitor has planted a bug under your desk and is eavesdropping on everything you say. Or someone else hid a pinhole camera in a plant and is recording it all.

    While I applaud the research and find the technology cool, I don't think a lack of decent encryption technology is the weakest link with regards to security.

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  10. Re:excellent by DoctorVic · · Score: 3, Insightful

    While that sounds all fine and dandy, if I understand this technology, it is not wireless. I am sure that the military could come up with some amazingly devious ideas with this, but I do not think this would be one. How could you transmit a stream of photons bearing the encryption to a remote location out of line of sight without some type of optical cable and maintain an error rate of around 9%? I am sure they have some other shit worked up for that!!!

  11. Let's use a buzzword! by Bender0x7D1 · · Score: 5, Informative

    There is nothing really exciting about this other than the overkill usage of quantum cryptography (also called quantum key exchange).

    Basically, they are trying to generate enough keys so any succesful breaking of the cipher used gets only one frame of video. The only "exciting" part is they are using quantum cryptography to do this. However, this is like using a sledgehammer to push in a thumb tack - It uses a lot more hardware, and isn't the easiest or best method.

    Another way to do this would be to conduct a large number of Diffie-Hellman key exchanges or STS exchanges, (one for each frame), and use the new key for each frame.
    Or, even easier, both sides could use identical Linear Feedback Shift Registers to generate the same keys that they need. They cost way less than $20k and since a compromise of the system at either end would destroy the privacy afforded by the quantum encryption, just as secure.
    Or, they could exchange one-time pads on a DVD and use the bits on there as the key. If my math is right, then a 4GB CD could hold enough keys for over 1100 hours of video, assuming a 256 bit key and 30 frames/sec. Exchanging 2 or 3 DVDs a year (if that) doesn't seem unreasonable.

    None of these methods require a dedicated fiber line connecting the two groups. It can be performed over regular Ethernet if the groups want to. Translation: I can use it to talk to someone more than 120km away.

    This isn't to say that some groups wouldn't want quantum security for something - if I was a Swiss bank that made daily transfers of a billion dollars to a German or Italian or French bank, then sure, I should spend the extra couple hundred k for an obscenely secure system.

    This also begs the question of why encrypt each frame differently? Since it is VIDEO, then something in the picture is probably important - like a PowerPoint slide or graph or something. Since a presenter usually spends a minute or two on each slide, this means that an attacker would only need to decrypt one out of every 1800 slides (assuming 30 frames/second) to get the information they wanted. I think that it is a good idea to change keys as often as possible, but you have to ask what is the benefit for the added cost/overhead. In this case, I don't think it is very much.

    So nice use of the "quantum cryptography" buzzword, but bad application of crypto technology in general.

    --
    Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
  12. Potential problem by Bradlegar+the+Hobbit · · Score: 3, Funny

    Quantum cryptography is neat, to be sure, but what happens if the cat dies?

    --

    I haven't lost my mind; it's backed up on a CD-R somewhere