Quantum Cryptography Ready For Wide Adoption?

An anonymous reader points us to an interview with the founder of quantum cryptography pioneer MagiQ Technologies. From the article: "Q: When do you think we'll see service providers offer quantum cryptography services to their end-customers? A: This will happen within one year and we'll see fairly wide adoption within the next three years. We are working with big carriers such as Verizon and AT&T as well as some companies that own fiber networks. The goal is to embed quantum cryptography into the technology infrastructure so it becomes totally transparent to the end-user..." The cost of a pair of MagiQ boxes to implement point-to-point encryption on a 120-km link is $100,000 plus service.

SNAKE OIL!

[LiquidCoooled]

The only way to see if this works is to break the fibre connection and see if it notices.
Oh lookie, the amazing thing is - a normal fucking fibre circuit will notice as well.

There is no quantum tech yet.

This is just going to increase our month subscriptions without giving any benefits, we will still use encryption on every required connection and will still have open holes alopng the way (last mile), so who exactly does it benefit?

I suggest any carrier should pay them with money stored in a quantum envelope. You are certain it contained $100,000 before you sealed it up, if its not there now it must have been intefered with.

Short answer

[Rob+T+Firefly]

Quantum Cryptography Ready For Wide Adoption?

Yes and/or no.

It's strictly point-to-point.

[porkchop_d_clown]

Worse, they talk about "repeaters" to extend the range past 120km - which is scary, because it implies they are decrypting/recrypting at the repeater.

Can you say "Physical Security"? I knew you could.

Re:Totally useless

[Chirs]

The benefit of quantum cryptography is in secure key exchange. With regular systems you don't know if someone is sniffing the packets going through your fiber.

With quantum key exchange, the very act of diverting a photon to "sniff" it disturbs the signal enough that the far end can detect it.

Once you've exchanged keys (at a low bit-rate) you then use standard encryption techniques to exchange the actual data.

Quantum Crypto does not solve anything!

[tradeoph]

I can't stand all the hype around Quantum Crypto. If you have a close look at it, you'll see that it doesn't solve anything...

When you transmit bits with QC the law of physics guarantee that nobody will see them, even if some genius breaks all the math behind classical crypto. This is all very well but the throughput is too low, thus QC is used to transmit a key which is then used to encrypt the data. Thus you still need symmetric crypto to encrypt your data.

Now, something everybody seems to ignore: QC does not authenticate the transmission. I can buy two magiQ boxes and set up a man in the middle attack. QC can not prove whether you are exchanging bits with the original sender or with some monkey in the middle. To solve this problem the QC vendors suggest:

• Physical monitoring of the fiber: if you can guarantee nobody touches your fibre, you don't need any crypto!
• Using certificates: Ooops, so now we need asymmetric crypto too, so our QC system relies both on symmetric and asymmetric crypto. Why do we need QC for then?
• Use a shared secret that is programmed into the boxes when they are delivered: If you already have a shared secret, you don't need to exchange a key with QC, you can derive the key from your shared secret...

So even if you use QC, you still need to rely on all the classical crypto to make it work. So it is just as good as classical crypto, without routing.