Slashdot Mirror
Totally Secure Non-Quantum Communications?
An anonymous reader writes "TEES is reporting that Dr Laszlo Kish, an associate professor at Texas A&M, has proposed a 'classical, not quantum, encryption scheme that relies on classical physical properties -- current and voltage. He said his scheme is absolutely secure, fast, robust, inexpensive and maintenance-free and relies on simultaneous encrypting of information by both the sender and the receiver.' The scheme uses properties similar to Johnson noise along with Kirchoff's Law to provide what he hopes to be an easier method of secure communications. Arxiv also has the full text [PDF Warning] of the paper."
Isn't this already implemented in Via's Padlock method for the Via CPU's?
From TFA:
Kish said that the dogma so far has been that only quantum communication can be absolutely secure and that about $1 billion is spent annually on quantum communication research.
I guess the quantum bubble is about to burst.
I'm shocked.
"James Bond may use the fanciest, most expensive and high-tech devices to thwart would-be eavesdroppers, but in a pinch, the super-spy can use one Texas A&M engineer's simple, low-cost scheme to keep data secure from the bad guys."
This is the first sentence from the article. I'm sorry, but I cannot take anything in that article seriously. On another note the guy has an interestingly hungarian sounding name.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
his scheme is absolutely secure, fast, robust, inexpensive and maintenance-free
Haven't we heard this before?
Generally, if something sounds too good to be true, it usually is neither good nor true.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
Based his name he is hunagrian or has hungarian ancestors, like von Neumann or Ede Teller
This sounds very good in theory, but it may be difficult to implement securely.
For example, he claims an eavesdropper could inject current to measure voltage drops, but would be discovered on the first attempt. If the eavesdropped can send a pulse of current that is so small as to not be registered on the endpoint equipment (which say samples the line at 1X sampling rate), but the attacker is injecting and sampling at a rate 100X faster, the attacker's pulse will be so far above the nyquist bandwidth of the endpoints that they will never see it.
I admit I only read the abstract, he may address this later on in the paper.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Is this guy serious? Connecting random resistors across their line of communications?
Communications is getting compressed, gated and even frequency trapped in order to reduce bandwidth over the global network. Analog is dying (if it isn't dead yet). How will returning to an analog-based "encryption" system work in the digital future?
I don't see any truly safe encryption scheme. I was thinking of some a few months ago (such as having the encoding system changing how many bits and what resolution it uses in a preplanned structure that only the recipient decoding system knows). Bits are bits, and if you can vary what the bits mean and in what order they are created, it is very hard to decode those bits.
I don't think encryption is really important any more. All a government or corporate enemy needs to do is bug your office and your car and the encryption scheme falls apart. The black market government (mob, mafia, yakuza whatever) already has their perfect encryption schemes in place: say nothing, write nothing down and never tell anyone what you are doing. It works. When was the last time you heard of a mob or mafia arrest in your home town (yes, the black market exists there, too).
Government wiretapping isn't being used against the great crime squads. These systems are in place more to make citizens feel safe from terrorists, but all they really is in increase the budget of the agency trying to use the systems. In 10 years, wiretapping will be useless as information will have 500 different paths to take and no one will be able to trace them all. Imagine if you could take your voice, broadcast in your room random bits of your voice to confuse bugs and analog taps, and then chop up the real voice into 5 different streams of varying bits and frequency resolution to be sent via 5 different paths (phone line modem, DSL, cable modem, WiFi to a network 150 feet away and another path hidden in an AIM chat of noise). There is no way "they" can stop the flow of information.
The article really makes little sense to me as it seems to go backwards. It would have been great in the 80s.
This article (uses the words 'proposed' and 'absolutely secure' in the same paragraph. You can't trust such a claim about a proposed system until it's been implemented, distributed, deployed, and pounded on for years by cryptanalysists.
Oh, the sensationalism!
I'm not sure if this is at all relevant, but Lineman's phones (imagine your old school corded phone, but instead of the cord it has two alligator clips) has a 9v battery inside it so that when they clip onto the line from the phone box, there's no voltage drop.
[Fuck Beta]
o0t!
The only way an eavesdropper can determine which resistance is being used at which end is to inject current into the communication channel and measure the voltage and current changes in different directions. Doing this, though, exposes the eavesdropper, who is discovered with the very first bit of information extracted.
But what if the eavesdropper was present from the very beginning, how will they be able to differentiate a "clear" network from a tapped one?
As a rule of thumb anyone who claims to have found a way for "totally secure" anything is either a liar looking for cheap publicity/an ego trip/ pushing a terrorist agenda. And IMHO, I can foresee his "simple" solution using resistances being just as "simply" broken using a handheld calculator and a pair of rheostats (see disclaimer).
Sounds like snake oil, similar to http://www.schneier.com/blog/archives/2005/12/snak eoil_resear.html
Test your net with Netalyzr
There is no such thing as what this guy is claiming to have created. Every so often someone pulls something like this out of their arse and starts making all kinds of fantastic claims that are quickly accepted as true by the uninformed.
There is no such thing as a perpetual motion machine, an honest politician, or perfect encryption. All three exist in theory, but never in reality.
It may be that this new scheme does represent a method of encryptions that is on-par with the best existing methods, or perhaps even better. It could also be that it is a smoke and mirrors scheme. It might also be an honest attempt that suffers from a catastrophic flaw which renders it useless, or a minor flaw which undermines its usefulness.
Only time and independent review will determine which of these is the case.
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
"The only way an eavesdropper can determine which resistance is being used at which end is to inject current into the communication channel and measure the voltage and current changes in different directions."
How about recording the signal after it has been transmitted through some output at the other end? This bugging would not interfere with the signal being transmitted but would still record the information for transmittal later? If you are transmitting the information through a computer, I think someone will figure out how to get it.
He who knows best knows how little he knows. - Thomas Jefferson
What happens if a thermal fluctuation in the wire causes the loss? How can we tell this from an eavesdropper? To make this work surely the tolerances of all components need to be 0%. Nobody has ever made a 0% tolerance resistor, its a purely theoretical component. Which makes me wonder if this has actually been tested in the lab. Perhaps I'm missing something?
There's so much wrong with this, I don't know where to start.
First, Cryptography is hard. Even professional cryptographers with decades of experience still get it wrong -- often. Considering as this guy has essentially no previous experience (he's an EE professor), it's already near certain that he's dead wrong.
Second, he doesn't provide "absolutely secure" communications. He provides non-interceptable communications. He's totally ignoring authentication, non-repudiation, man-in-the-middle attacks, and half a dozen other very important problems. (It's also not a cipher, but we'll ignore that slip.)
He also assumes (from the abstract) that an eavesdropper can only eavesdrop by injecting current into the wire, which is blatantly false. One could easily tap the magnetic field generated by current in the wire, without drawing very much power from the wire at all.
And to top it all off, he's depending on the precise values of voltage and current, which means this is an analog system. Analog systems are notoriously difficult to build precisely -- which is why we're using digital everywhere.
This is such bad research that I can't wait until Bruce Schneier get ahold of this.
FTFA: The way the eavesdropper gets discovered is that both the sender and the receiver are continuously measuring the current and comparing the data," Kish said. "If the current values are different at the two sides, that means that the eavesdropper has broken the code of a single bit. Thus the communication has to be terminated immediately."
And it also assumes that measureing equipments themselves are caliberated and identical (correct me if I am wrong on this) ? Why would anyone base a reliable equipment on "noise" which is random...
I think that secret agencies have been doing this for years. What else could be the purpose of all of the gibberish I've hear on the CB band? Random speach modulated by a variable resistor. It really fooled everybody.
Yes, again. The attacker doesn't know which resistor is at which end. And taps the middle.
Of course, the attacker may be the receiver, in which case she KNOWS the value at one end. And that is the trivial breaking case.
Ratboy.
Just another "Cubible(sic) Joe" 2 17 3061
There is no such thing as a perpetual motion machine, an honest politician, or perfect encryption. All three exist in theory, but never in reality.
Well, let's see. The perpetual motion machine doesn't exist, in theory, because the laws of thermodynamics and whatnot essentially rule it out. Of course, it may exist in somebody's theory, but their theory would be at odds with actual, working theories that correspond with reality.
You're closer to the mark when it comes to the honest politicians. I think the measure there should be "honest enough," or at least "honest about his/her opinions/policies when it comes to what we're actually talking about." No one, ever, is 100% honest. Civilization couldn't exist without a certain amount of fluff, white lies ("really, honey, you look great in that dress," or "some day, New Orleans will be just like it was before the storm"), and safety-minded subterfuge.
Perfect encryption? Don't know enough about it. But I know we can do better in talking about it than to use slightly off-balance analogies from other disciplines. It's probably far more useful, anyway, to talk in terms of how imperfectly normal human users use even the "perfect" tools we have for other purposes. That's where stuff always breaks down: GIGO.
Don't disappoint your bird dog. Go to the range.
sigh- Aggies are upto their trix again
Comment removed based on user account deletion
The best security exists in a world where nobody understands how it works or knows it exists. Taking that into account tomorrow's secure technology is secure with the knowledge and tools we have today, but may not be so ten years after the secure technology is in the wild.
The best you can hope for is being a few steps ahead of the people who want to take advantage of your provide data. This is not to say that working on security improvements is worthless, rather that you will always have to work on better technology, since nothing will be forever secure. Though in the event of a knowledge void, say after a critical war, all secure data is lost to everyone, even to the owners. A physical door is the realm of the understandable, secure data is less so.
Jumpstart the tartan drive.
If you are to guess a 50/50 state without any clues whatever, why listen in at all? You know it has to be a 1 or a 0, you don't need to actually be connected to the system for that. So just guess away. If it works, you have just cracked every conceivable system of encryption, and no tools or physical access to the message necessary!
:-)
As for "several thousand combinations"... After the first 32 bits of information you have 4,294,967,296 possibilities, so I hope you are a good guesser.
There are two basic facts underlying encryption:
- Anything you can do, an attacker can do as well.
So, ANY possible scheme that does not have centralized control will be flawed, since I can do anything you can and can thus claim I'm you. The only way to show you're not me is by showing something that differs you from me. By showing something that differs, you know that there are two people claiming to be X. Which is real?
The fact is so basic that there were even game shows about it. "Who in the three" was based on three people sitting next to eachother, one of which was person X with actual profession X, and the other two claimed to be (and could have a different profession or something). The point was, you could only try to figure out who was being dishonest by figuring out which one lied, through sweat, slight disruption in speech and so on. Computers don't hesitate.
So, any scheme will be flawed. It either requires an existing connection between sender and receiver (which is not safe, proof by inverse induction) or is susceptible to MITM. Since you have an inverted base case, your induction case is also inverted and thus true (since you can't get the first connection safe, you can't get any subsequent connection safe).
Guess what a key signing party is for?
He said his scheme is absolutely secure
And his penis is absolutely the biggest.
Dr. Kish is one of my professors and a renowned expert on noise. Its indeed possible that where complex cryptography have failed, a solution outside the "box" will indeed proffer a viable solution. afterall, there's always analog solution to every problem.
He said his scheme is absolutely secure...
I just stop reading at this point. Perhaps saying that it is "thought to be secure at the current state of knowledge", but if there's one thing we should have learned already, it's that nothing is absolute.
Wer mit Ungeheuern kämpft, mag zusehn, dass er nicht dabei zum Ungeheuer wird. --Nietzsche
What if the evesdropper has a more sensitive measurement equipment, using currents so small, the others cant see them?
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
Another way to see it: if the signal in your induction pickup were truly undetectable then we could wrap billions of similar induction pickups around the communications wire and generate electricity "too cheap to meter".
We don't see the world as it is, we see it as we are.
-- Anais Nin
Suppose Eve inserts a resistor in the transmission line. Now she can measure two voltages instead of one, and I'm pretty sure the difference in standard deviation will reveal the choice of resistors at each end of the line.
If Eve fears that her resistor might be detected, she can use the intrinsic resistance of the wire instead. Unless we assume superconducting transmission lines...
Nice try, though. This is probably related to the issue of determining who is talking when eavesdropping on a two-wire telephone line.
AC
It seems to me the basis of his encryption scheme is that the circuit with two resistors act together in the circuit, and there is no way to disentangle which resistor is which? but the circuit doesnt quite act as one unit? suppose the two resistors are very far apart, then all of a sudden both person A and person B change the risistor they are using? and your at some point of the wire close to A, eavesdropping on the line, then any change you will detect in the signal you will know will be due to A only, because the resistor at B cant change the current or the voltage in circuit instantenously, it takes a finite amount of time(determined by the speed of light) for the change in voltage due to resistor B, to effect the point your listening to at A.
The problem is that the system is based on measuring the thermal noise of a resistor. In most cases there are other noise sources which are much stronger, including the noise of the measurement system. This will limit the data rate and range of the system. It's a lucky communications engineer who only has to worry about thermal noise from a resistor!
P.S. What about transmission line effects? Passive measurements at multiple points can determine the standing wave pattern and thus the direction of current flow.
I thought the carnot heat engine was a perpetual motion machine. Input = output. A perfectly reversible thermodynamic system. Perpetual motion by my book... The theorem doesn't claim to correspond to reality but it certainly has a limited use in understanding it
<BR><BR>
http://en.wikipedia.org/wiki/Carnot_heat_engine
First, Cryptography is hard. Even professional cryptographers with decades of experience still get it wrong -- often. Considering as this guy has essentially no previous experience (he's an EE professor), it's already near certain that he's dead wrong.
He is doing cryptography in the quantum cryptography sense--a secure, non-interceptable channel--not in the algorithmic cryptography sense. He is well-qualified to talk about the kinds of systems he is talking about.
Second, he doesn't provide "absolutely secure" communications. He provides non-interceptable communications. He's totally ignoring authentication, non-repudiation, man-in-the-middle attacks, and half a dozen other very important problems. (It's also not a cipher, but we'll ignore that slip.)
Again, he isn't trying to do any of those things; he is proposing a way of creating a physically secure channel, in the same sense that quantum cryptography is.
And to top it all off, he's depending on the precise values of voltage and current,
Wrong again. He is proposing a system in which resistances are altered in steps. That's no different and no more analog than any other digital system.
This is such bad research that I can't wait until Bruce Schneier get ahold of this.
Unless Schneier is an expert on electronics, Schneier isn't qualified to say anything about this.
Yes, this guy's system probably doesn't work. But, really, your response is even dumber than his proposal.
thought the carnot heat engine was a perpetual motion machine. Input = output
Nope! Read the article you linked to. Carnot's theorm indicates that no engine operating between to heat resevoirs can be more efficient than his... but that doesn't mean there's no loss in the system. On the face of it, such a thing would require no gravity present, no friction in the system, literally perfect heat trapping, etc. The theories are that those things are impossible, and so with the Carnot engine, we're talking about degrees of efficiency, not perfection in efficiency. No free lunch!
Don't disappoint your bird dog. Go to the range.
I'll confess my understanding of this is sketchy at this point. But as I read it the concept is this one has a wire connecting two resistors. The Johnson noise in the wire is determined jointly by the resistors. Both sides, sender and receiver are changing the resistance values simultaneously with the sender putting in the message and the receiver putting in random crap which gets added to the signal. A person monitoring the voltage in the middle can't tell what fraction of the noise came from which side. Therefore the message can't be extracted. Clever. Oddly it's a lot like the bell's theorem experiment in QM where both sides are changing their filters.
What seems to be the flaw in this is that he assumes that the attacker must inject current unidirectionally to determine which resistance is at which end. Perhaps another means exists, courtesy of the speed of light.
Namely if you monitor the voltage at two points along the wire then you can distinguish between a wave proapgating from left to right and right to left. So you can now determine what fraction of the noise is coming from the left and what is coming from the right. Even if the noise level made his hard to do, there's also the moment of the resistor switch to capture. Each time the resistor is changed, even if it were perfectly synchronous, the left side's noise will reach the left tap sooner he the right tap.
This last effect could possibly be masked by injecting large amounts of noise into the system during the switch. (but of course this would also mask any current injection by the attacker as well). But the former effect of the noise signals propagation might still be detectable.
Some drink at the fountain of knowledge. Others just gargle.
Thanks for saying that; i am on the borderline of these Subjects (Actually i am a physicist knowing something about electronics and CS and involved in a Quantum Computation project).
1) He did not understand Quantum Cryptography; While there an interception of the signal is assumed to be possible (although the known schemes rely on a classical unintercepatble side channel, but this is on another sheet), he won't allow for an interception. It is funny that an professor in EE is not aware of the possibility to cut a wire and put in an amplifier. Modern amplifiers are much faster than the tranmittes bandwitdth of the Johnson noise (and they can switch output impedance equally fast, if needed!). All the stupid scheme breaks down then. Because the phase-destroying properties of amplifiers are not measurable clasically.
2) Hey, what if somebody introduces actually two point near the end to intercept the signal. Think about it.
3) Talking about the pointing vector is funny. It is another formulation of energy transfer.
4) Well - all this is only to make a completely worthless patent worth something
A classical counterpart of quantum criptography... How could anyone imagine researching such a thing?
Of course, the process is so weak that I can alread imagine a way of breaking it: One could insert low intensity pseudo-random noise (that mixes with the termal noise) and measure the current. He'll be able to get near half the bits this way.
The author is also a bit naive, assuming that the resistence changes will be imediate. Since that is impossible, one can insert some current into the system during the change time and whatch it, "reading" the resistances.
Also, there is no way to transfer information in a safe way with that process. If both sides change their resistance at the same time, the sender should already know what resistance the receiver will use, otherwise, no information could pass through the channel. But if this happens, they'll be constrained by the algorith they use to calculate the resistance value, breaking it will be just like breaking some logicaly criptographed message. If the changes are not simultaneous, one can read each change and discover the message.
Of course, as this is "based" on quantum criptography, it is subject to the same attacks that the quantum processes are: If you can intercept the public channel, you can tell the other side whatever you want. There is not much sense in using a safe channel to create a safe channel.
Rethinking email
Question: How do they make sure that the data comparison is secure?
And if they had a secure way to communicate the values for the current, why did they need another secure method to begin with?
This paper is utter nonsense. The fact that it got accepted should not surprise anyone. "Science" also conforms to Strugeon's law: "90% of everything is bullshit"
H."The way the eavesdropper gets discovered is that both the sender and the receiver are continuously measuring the current and comparing the data"
I'm probably not understanding this (I'm not an EE guy), but does each side need to compare data (current) with the other side? If so, how is this supposed to get communicated securely?
Dr. Laszlo Kish's scheme seems to be about having the receiver introducing a random stream which makes it hard for the eavesdropper to actually monitor what the sender sent. As an eavesdropper, you probably could extract some of the information in the datastream, (so, yes, totally secure is bullshit), but if the information sent is compressed or encrypted, it might be too much effort figuring out what actually was sent, because the fudging of your reception is not due to an encryption scheme, but to randomness. The scheme probably only works if the procedure is tuned well, but on the other hand it also has a steganographic component since you could send normal communications over the line while the actual data is hidden in the variance.
I'm still trying to figure out what people mean by 'social skills' here.
No, there is such a thing as perfect encryption. You can exploit the fact that quantum mechanics does not allow you to observe something without changing it. For a eavesdropper to listen in, she needs to observe the polarity of a photon, but by doing so she changes the polarity. The two people having the private conversation can tell someone is listening in because the signal becomes mangled.
It's potentially a private channel, but it's not an encrypted channel, because there's no key. Anyone with a valid receiver gets the same message.
-- Cerebus
There is also the slight problem of the common clock which must be available at each end. Somehow both sides need to be synchronised which implies either quite expensive atomic clocks or a side channel containing the information. Either limits the practibility of the idea.
We don't have to send data across time anymore to have it secure?
As I mentioned, this is 100% secure, and any reasonably well-written book on cryptography will confirm that. To be 100% secure, however, the keystream must be as large as the data being encrypted, and must be absolutely random -- any degree of predictability can lead to breakage (e.g. search for "Venona").
The biggest shortcoming of a one-time pad is the key: first you have to generate an absolutely random key, and then you have to distribute that key to the people at both ends of the communication securely. The usual problem is that if you can communicate that key reliably, then you could normally communicate the data reliably just as easily. As such, a one-time pad is typically only useful in fairly limited situations like a spy receiving a DVD-ROM full of key material during a f2f visit, then using the key out in the field. For more typical scenarios it's rarely useful though.
This scheme seems to cure one, but definitely not both of those problems. It's basically a way of using two one-time pads simultaneously, so that the receiver can deduce the sender's key at any point, but what is transmitted over the wire basically depends on both his own key and his partner's key (not exactly an XOR, but a bit like it). If all the attacker does is collect the voltages on the line, I wouldn't be too surprised if this really is secure.
That doesn't mean there aren't any shortcomings though. One obvious problem is that both ends still have to generate absolutely, 100% random keys. Another problem is a man in the middle attack. If the pattern of resistor changes can be predicted, then the attacker only has to find the value once at one end to break all subsequent communications over the channel. Since the scheme doesn't (at least by itself) provide any kind of confirmation of who's on the other end of a line, a man in the middle has a pretty easy time with things.
Another approach would be to tap into the line at two points, preferably widely separated. Since the current only travels over the wire at (about) 2/3rds the speed of light, when one end changes a resistor, the change in voltage/current will be detectable first closer to that end, and some time later at the other end. Two widely separated measurments would allow an attacker to figure out which end changed resistors at any given time. Ultimately, the degree of separation does't even have to be particularly huge -- larger separation just reduces the precision of timing necessary, but even one foot apart gives about a nanosecond.
The universe is a figment of its own imagination.
think of it this way, you have two identical random noise generators.
one is hooked up to inject random noise into the circuit, the other is hooked up to dampen the noise coming out of the circuit, effectively cancelling the noise.
So, it's a one time pad, just electrical. You can get the same effect by burning a CD of random noise, duplicating it, and XORing all your data before sending it over the network.
Well, except it's hard to dupe a electrical random noise generator, harder than duping a CD at any rate.
I would just like to advocate using Foxit Reader 1.3 for pdf viewing. It is less then 15 megs total install and it starts up instanteously as opposed to adobe reader.
Totally secure today...
Clear text tomorrow.
Even stuff like this, that's on the edge of hokum, can go in it. People can post more pseudo science since it won't have to go on the front page, or in the science section. Other people can ignore the crackpots and junkers. Everyone will be happy.
Mod me up, and reply, and we'll all petition the powers that be.
I have quite a high fever, so this might not be as inspired as I think.. ;)
But the syncronization of the clocks initially has to be very precise. In fact, so precise that a lot of information has to be sent over to get it exact. It would be physically beautiful if it turns out that in order to get perfect synchronization you'd have to exchange enough information initially to make it a one-time pad. (and thus useless)
OTH, the method is not really an encryption scheme, so perhaps it would be surprising if there was a correlation.
Opinions stated are mine and do not reflect those of the Illuminati
Of course, the attacker may be the receiver, in which case she KNOWS the value at one end. And that is the trivial breaking case.
You've got the same problem when you send photons (the quantum version).
But if what you send is a long random key (a long one-time-pad) and the checksum of the measures sent back (encrypted by an already verified and smaller one-time-pad) by the receiver doesn't match , then you know there was a man-in-the-middle and that the new long pad should not be used.
I have to apply current to determine the resistances to interprate the signal. This will expose me, so here is what I will do:
1) Record all fluctuations passively.
2) At the very end, apply the current to get the information I need.
3) Use this to interpret the fluctuations recorded in step #1
They may cut off because I'm listening, but its too late. I already have hours of data. I only missed the last few minutes.
Now let's not bring into this so-called discussion all the different ways in which the so-called state of Israel makes use of terrorism. There's not enough room here to cover the blackmail they perpetrate with their nuclear weapons, the criminality of their flechette tank rounds (on civilians, no less), the hideousness of their attack on the USS Liberty, the hatefulness in all the shit the Mossad does (kidnapping, torture, murder), the genocide behind the wall that they are building to fragment the homeland of the Palestinian people, and so forth, ad nauseum. There's just not time for all of this to be exposed here. Besides, it's documented quite thoroughly all across the net. So just let's not bring that into this, OK?
Comment removed based on user account deletion
Seems like there's prior art to your perpetual motion notion. :-)
I understand that such a device can't exist, perhaps I should have made it more explicit.
The EM field around the wire is there anyway, and it may induce currents in an innocent metal support on the wall - or in your detection wire, and nobody can tell which one it is. If you have a 10 mile wire, there will be thousands of nearby metal objects, all sucking a tiny bit of energy. The attacker might just as well connect his detector to a perfectly legal neighboring wire (cables are made with hundreds and thousands of wires.)
Besides, the measurement can be made without introducing a detectable disturbance. All you need is a way to "cut" the wire, even literally if you want. Then your little black box will be measuring the resistance on side A and translating it into side B, recording the bits in the process.
But this is all ridiculous anyway because a wire between the sites produces much more noise than the transmitter and the receiver. Both ends will be measuring primarily the noise of the wire (including all the RF interference that it collects.)
this should work great. Unfortunatly I'm only physically connected to my hub so I don't know how well this is going to scale.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Peeking at the paper, it seems that the receiver somehow introduces noise to the channel, garbling the sender's signal. He then recovers the message by deducing what the sender chose because he knows what his noise is.
A similar principle was used about 50 years ago, although maybe using a different method. I've not seen the paper about this device (Bell project C43), but the Ellis Paper on non-secret encryption (PDF, sorry) makes a brief description of the device in item 6.
Oh, if I were attacking that device (or Kish's one), I'd do a man in the middle attack without thinking twice (his assumptions about being perfectly secure are apparently wrong).
GPG 0x1B479C78
While a lot of these developments are exciting technologically-speaking, it fascinates me that so much energy is spent securing data in transmission, when really, it's the data storage that needs more focus. How often has data been intercepted in-transit versus in-storage? Moreover, how much data has realistically been intercepted & used that's been secured using currently-available technologies?
akad0nric0
This sentence no verb.
Just send someone an OTP DVD generated by hotbits and keep a copy for yourself. Use the DVD only for key exchange and use AES for the data stream. No one can crack a one-time pad unless you make a mistake. This won't work for e-commerce, but it works wonderfully for terrorist and spies. For the extra paranoid, use the OTP data for encryption, but you'll eventually need a new one (re-using OTP data renders it crackable).
It reminds me of a minor space race battle, the battle to write in space. The US spent millions of dollars to make a pressurized nitrogen pen that could write in space. The Soviets used a $0.05 pencil. Go figure.
Read the PDF file for the details. This is a historically significant discovery of the new millenium.
Everywhere in the document, the wire resistance is not considered. So he considers that a tap will be connected anywhere on the wire but at one point. It seems to me that an evesdrooper connecting a tap at two distant places on the wire will not only be able to instantly detect resistor combinations, but will be able to inject modified data by mirroring the signal along the wire (read left, update right, etc).
I may be wrong, but it is worrying that this risk has not been evaluated.
Willy
Mallory can only pretend to be Bob to Alice and Alice to Bob if Mallory controls all means of public communication between Alice and Bob. If Alice and Bob have a good set of radios, there's no way that Mallory can prevent Alice and Bob from realizing something's amiss, although he could work to jam their various channels of communication.
QC works because Alice and Bob can compare a subset of their generated key over a public channel without revealing enough information for Mallory to be able to guess it. In schemes like BB84, where the key is generated from the direct transmission of single-photons/weak coherent laser pulses, Alice and Bob use the error rate (determined by quantum mechanics) to be able to tell whether Mallory has been intercepting and measuring the photons.
In schemes which use entangled particle (or photon) pairs, this interception issue is less important, since the attacker essentially causes a decrease in fidelity of the entangled states that Alice and Bob measure, and they can (under some circumstances) use entanglement purification to lock Mallory out of the loop (or at least know that secure communication is impossible). The two schemes are in a sense equivalent, since in BB84 A & B can use classical privacy amplification to lock Mallory out, while in the entanglement scheme, they use entanglement purification to achieve the same end.
Go do some reading.
Using current and voltage and kirkoff's law is non secured and the
inventor obviosly doesnt understand what is involved to have 100 %
secured communication.
He is an idea by an inventor that has a better chance of succeeding.
Step it up a few magnitudes. Entangled Particle Communication.
http://colossalstorage.net/home_entangled.htm
There are algorithms for relaying information without letting anyone who can intercept less than n-1 portions out of n find the content of the message. One that I'm familiar with involves sending a series of random numbers that all sum to a multiple of an arbitrary, very large number, and adding your data in numerical form to one of the numbers; this assumes that a number of separate connections are available that are substantially different.
There are other methods available; search for 'zero-knowledge proofs'.
Hey if anyone is interested I am trying to pool together people to implement this. If pooling fails, I'll give it my best shot. You can email me as solinym at google mail. I look forward to any comments you may have.