Slashdot Mirror
Simple Comm Technique Beats Quantum Crypto
Atario wrote us with a link to a New Scientist article about an innovative new way of encrypting communications. An engineer at Texas A&M may have a way to exploit the thermal properties of a wire to create a secure channel. The result could be an effectively impenetrable way of securing communications, possibly outperforming quantum cryptography keys. "In their device, both the sender Alice and the receiver Bob have an identical pair of resistors, one producing high resistance, the other low resistance. The higher the total resistance on the line, the greater the thermal noise. Both Alice and Bob randomly choose which resistor to use ... Half the time ... they will choose different [resistances], producing an intermediate level of thermal noise, and it is now that a message can be sent. If Bob turns on his high resistor, and records an intermediate level of noise, he instantly knows that Alice has chosen her low resistor, in essence sending a bit of information such as 1 or 0. Kish's cipher does this many times, sending a random series of 1s and 0s that can form the basis of an encryption key, the researchers say."
But if I understand correctly, and I want to do this over ethernet, for example, that means that it is a) unroutable and b) my ethernet endpoints would have to be aware of my security preferences ?
Religion is what happens when nature strikes and groupthink goes wrong.
wow, /.'d before the first post
Try this:
5 5.300?DCMP=NLC-nletter&nsref=mg19426055.300
http://www.newscientist.com/channel/tech/mg194260
Seems to me to be a dupe of http://it.slashdot.org/article.pl?sid=05/12/10/171 4256
Hey don't blame me, IANAB
From what I can gather from the summary (the New Scientist domain seems to be blocked by the PRC to those in China, so I can't RTFA), the security of this lies in the fact that Eve cannot seperate the message from the inherent thermal noise of the channel. However, wouldn't she be able to decode the message by trial and error by hooking her own resistors? Surely she doesn't have to have identical resistance just around 10 or 100 Ohms of the average.
Could someone correct me if I'm wrong (which I think I am)?
It sounds like Alice and Bob need to coordinate in advance when they will use their low and high resistors. In which case, they're using a one-time pad and already secure.
Looks like the site was already slashdotted :(
Identical resistors of different resistances... I hope "identical" means "within 1%", because that's what you can actually buy (yes, I know there are 0.5% resistors, but they become 1% after you solder them). Also, temperature coefficients change a resistor's resistance (not much, but again, it depends on how identical this needs to be).
But most importantly, this dictates a copper connection between the sides; neither fiber optics, lasers, nor radio aren't going to support this. On top of that, a pair of wire cutters and a circuit board gets me a pretty successful man-in-the-middle attack, right?
cache
Alice and Bob choose randomly; no need to coordinate. They end up with a stream of shared random bits, generated when they choose different resistors from each other, which is more or less good enough to use as a one time pad (actually they should probably mix them a bit to avoid problems with their equipment).
a lly_secure.html
e _on_kishs_c.html
Here's a schneier.com blog posting about this..
http://www.schneier.com/blog/archives/2005/12/tot
and another
http://www.schneier.com/blog/archives/2006/02/mor
Essentially this is about solving the problem that one time pads are very difficult to transport.
The system works because the sender and receiver have a direct electrical connection. If you have such a connection, that means that you have an unbroken wire between the two with nothing else connected to the line. You usually don't even get such a connection if you lease cables from the telephone company. The only way such a connection exists is if the wire is owned by the organization that employs the sender and receiver.
Under the conditions stated above, cryptography isn't very important. The most important thing is to ensure the physical integrity of the wire.
The cryptography isn't as unassailable as they think. Given two taps on the line, I can tell who switched which resistor when. For instance, if station A switches in a low resistance, the tap nearer to station A will detect the effect (low noise) of the switch first.
Maybe I'm missing something important but this idea doesn't seem as smart as they think it is.
Although I don't recall seeing anything about it on his website. Bruce knows a lot more than I do, but this just sounds weird.
And not just Ethernet. Any wire that has a repeater or relay or amplifier sounds like it would break this.
And don't forget man in the middle attacks. If Eve or Mallory get to the wire first, then the "normal" wire state that Alice and Bob see will include their taps.
Heh.
This is a secure way to agree to agree on a one-time pad, or other key, but it is subject to man in the middle attacks. How does fred know that it is alice other end of the line switching resistors, or is it darth the man in the middle swiching resistors?
All Eve has to do is to have two taps on the wire. She can watch the signal propagate from one to the other and determine who sent it.
And I'm not seeing why there would be three noise levels on the wire. You'd start off with the plain wire. Then Eve's taps. Then Eve would see the wire characteristic change when Alice put her resistor on. So she'd know that information. Then she'd see it change again when Bob put his resistor on. So she'd have that information also.
All Alice and Bob would know is the state AFTER Eve's taps went in.
So Eve would have all of the information.
SPYING is big business, and avoiding being spied on an even bigger one. So imagine if someone came up with a simple, cheap way of encrypting messages that is almost impossible to hack into? American computer engineer Laszlo Kish at Texas A&M University in College Station claims to have done just that. He says the thermal properties of a simple wire can be exploited to create a secure communications channel, one that outperforms quantum cryptography keys. His cipher device, which he first proposed in 2005, exploits a property called thermal noise. Thermal noise is generated by the natural agitation of electrons within a conductor, which happens regardless of any voltage passed through it. But it does change depending on the conductor's resistance. Kish and his collaborators at the University of Szeged in Hungary say this can be used to securely pass information, or an encryption key, down any wire, including a telephone line or network cable. In their device, both the sender Alice and the receiver Bob have an identical pair of resistors, one producing high resistance, the other low resistance. The higher the total resistance on the line, the greater the thermal noise. Both Alice and Bob randomly choose which resistor to use. A quarter of the time they will both choose the high resistor, producing a lot of noise on the line, while a quarter of the time they will both choose the low resistor, producing little noise. If either detect a high or a low amount of noise in the line, they ignore any communication. Half the time, however, they will choose differently, producing an intermediate level of thermal noise, and it is now that a message can be sent. If Bob turns on his high resistor, and records an intermediate level of noise, he instantly knows that Alice has chosen her low resistor, in essence sending a bit of information such as 1 or 0. Kish's cipher does this many times, sending a random series of 1s and 0s that can form the basis of an encryption key, the researchers say (http://www.arxiv.org/abs/physics/0612153). That message is also secure. For a start, as Kish notes, it takes an "educated eavesdropper" to even realise information is being sent when there seems to be just low-level noise on the line. If they do try to eavesdrop, they can only tell a message is being sent, not what it is, because it's impossible to tell whether Alice has a high or low resistor turned on, and whether the bit of information is a 1 or a 0. What's more, eavesdropping on the line will naturally alter the level of thermal noise, so Alice and Bob will know that someone is listening in. Kish and his team have now successfully built a device that can send a secure message down a wire 2000 kilometres long, much further than the best quantum key distribution (QKD) devices tried so far. Tests show a signal sent via Kish's device is received with 99.98 per cent accuracy, and that a maximum of just 0.19 per cent of the bits sent are vulnerable to eavesdropping. The error rate is down to the inherent resistance of the wire, and choosing a larger wire in future models should help reduce it further. However, this level of security already beats QKD. What's more, the system works with fixed lines, rather than the optical fibres used to carry photons of light at the heart of quantum encryption devices. It is also more robust, as QKD devices are vulnerable to corruption by dust, heat and vibration. It is also much cheaper. "I guess it's around a hundred dollars, at most," Kish says. "This is a system that should be taken seriously," says security specialist Bruce Schneier, who founded network security firm BT Counterpane. He says he was seduced by the simplicity of the idea when it was first proposed by Kish, and now wants to see independent tests of the working model. "I desperately want someone to analyse it," he says. "Assuming it works, it's way better than quantum."
Man wird am besten für seine Tugenden bestraft.
"identical pair of resistors". Yep. Blows the whole method right there. Might as well have said "assuming perfect entropy quantum encryption"
When a bit is created, all the eavesdropper knows is that one person chose high-resistance and the other person chose low-resistance. Alice and Bob know this, too. However, since they know which setting they chose (or, more accurately, their computer does), it's a simple matter of deducing what setting the other person chose. For the eavesdropper to deduce what Alice chose, he has to know what Bob chose - but to deduce what Bob chose he has to know what Alice chose.
Ben Hocking
Need a professional organizer?
Thanks!
And Bruce does note that it is vulnerable to a man in the middle attack.
It can be attacked passively: http://arxiv.org/pdf/physics/0601022
This can only be applied where there's a direct electrical connection, hence ruling out it's usefulness in any real application. even IF this were applied via some software protocol it does nothing to validate that alice is actually alice and not the feds.
If you mod me down, I will become more powerful than you can imagine....
This reminds me of another crypto method where the receiver adds noise to the line. The theory is that they know what the noise is, so they can remove it, but Eve can't get it because she doesn't know what the noise was. It falls down under the same attack because the signal is only propagated at the speed of light, not instantaneously.
Identical pairs of resistors.
I read it the same way you did at first; it's poorly worded.
This sounds like it's someone trying to think outside the box, given a basic knowledge of quantum cryptography. "Well, what else sort of works like light polarization? What is there that, if intercepted, doesn't give the interceptor any more information than said polarization does in the case of quantum cryptography?"
Of course, one of the advantages of quantum is that you can Detect eavesdroppers, because if they listen to more than a few bits they flip more of your bits than probability would reasonably allow for. It isn't only about how much information the eavesdropper can obtain--it's about whether or not you'll realize they're there.
I haven't been able to read the article thanks to the /. effect. However; from the description of the article it seems to rely on analogue connection between two points. In reality how often does this happen these days? Surely most communications are digitised at some point where upon the effects of altering the resistance of the circuit will be removed or at least altered enough not to be useful. You could set up a physical circuit for secure communications, but then it would be possible to listen in using other techniques as a wire carrying a current emits an electromagnetic field which could be picked up.
Like I said, I haven't read the article so maybe this is all explained in there.
'nuff said :)
--
Slashcode bug # 497457 - unfixed since December 2001 - Go look it up!
o/~ Join us now and share the software
So Eve cuts the link in two, and simulates Alice to Bob, and Bob to Alice. In this position, he knows perfectly well who is sending what, so can record whatever's sent.
Why not use randomly generated numbers,and insert data into the stream using its own contents as location pointer?(which i did with some ciphers http://www.invisionplus.net/forums/index.php?mforu m=stormtower&showtopic=5 )
... or better: is Kish any electrical engineer ? ...
... . Furthermore, if Eve1 and Eve2 listen in a distance of only a few meters, they can auto-correlate the signal(s) and find the direction from which it travels. No, that is even simple, because the levels - as we know - are H and L. So the autocorrelation of H can be found out without much ado; either H travels right-to-left or left-to-right. Voilà. L doesn't disturb the autocorrelation function. Along the line, any line, higher spectral components are reduced; another rule all electrical engineers know: any practical system is by default a lowpass. When Eve1 and Eve2 simply record the signal, close to Alice and close to Bob, they can find out where the higher spectral components are to be found. Meaning, the sender of H is known.
...
To me, this whole matter with his formulae of the noise of a resistor is just hocus pocus; as much as the math is correct. But any reasonable electrical engineer knows these
What Kish rather seems to propose, is the injection of noise into a link; noise at two levels, nevermind if they are derived from a resistor, short-circuited or not, or any other noise generator.
Over. What he then says is the following:
If Alice sends high noise level ('H'), Bob will send low ('L') noise level; and vice versa.
The man-in-the-middle will have tri-state noise: LL,LH/HL,HH. LL and HH are out. The assumption in that paper, hidden behind a lot of barrage, is: LH and HL will appear identical to the eaves-dropper. Alice. however, when sending L, can pass an information quantum (since Bob will switch to H, knowing Alice sends L); while Alice sending H, Bob will switch to L, knowing Alice sends H).
The theory of Kish is, that Eve will have no clue if she intercepts HL or LH. Which only works in theory.
Because any electrical engineer deserving his title will tell you that those sources won't produce noise of identical spectrum in the first place. Therefore, the spectra will change, giving you a sequence of jumps. The maximum you have to do is toggling
Much ado about nothing, me thinks
What would this or quantum cryptography be good for in practical terms? From what I understand they only work for a single connection, i.e. when Alice wants to talk to Bob they have to have a wire running from one to another. Which means that range is rather limited and it also means it would be easy to attack. Somebody could simply cut the wire and thus forcing Alice and Bob to fall back to other insecure means of communication or to not communicate at all.
Are there ways to use these secure channels to build a real redundant network where traffic could be rerouted when lines fail? Or would the routers end up being the weak spot? Making it just as insecure as every other network?
Are there any other types of uses where those connections might be useful or are they no more theoretical toys?
1. Eve sets up communication with Alice and Bob, respectively posing as the other
2. In the random resistor-switching sequence, Eve uses her (4) resistors to establish a unique key to work with each party
3. Eve decrypts/encrypts the sent messages on the fly
-RJ
One thing to note is that the article is confusing. Another poster pointed out a link to the entry in Bruce Schneider's blog where he talks about this, and clears up this point: this algorithm doesn't transmit any information, like the article claims. It is used to make a random key for later use in a regular encryption algorithm. What was confusing me was that if Alice and Bob keep choosing random bits, there's no way to control the flow of information. The bits that are recognized as valid are when Alice chooses a 1 and Bob a 0, or Alice a 0 and Bob a 1. Either one can tell what happened, but only after they have made their choices. So this is only good as a mutual random number generator, which you could then use as a key for regular encryption. It could then be subject to any weaknesses in the encryption algorithm used (eg. if the encryption scheme could be easily broken by a quantum computer - or worse, by a classical computer using a known flaw - the ability to do key distribution would be useless).
The Schneider post also notes that this scheme is very bandwidth-limited; in the test system, the product of bandwidth times meters of wire between the two parties was about 2e6. So if you're a kilometer apart, you're limited to 2000 baud. If you're on opposite sides of North America, 1 baud. Bandwidth isn't so important if you're only using it for key creation/distribution, but this is still very limiting.
And, it is still not clear that there wouldn't be huge vulnerabilities in the scheme. One person here suggested that if Eve can place two taps and look at signal propagation on the line, she could determine who had the 1 or the 0. Someone else suggested the problem of man-in-the-middle attacks.
I'm pretty sure this is how the cosmic microwave background radiation is generated.
~kulakovich
When I read this, I had a flash back to a Dr. Who episode.(paraphrasing)
Army General: Trust me doctor this place is impenetrable.
Doctor: The problem with impenetrable is that it sounds too much like unsinkable.
Army General: Well whats wrong with that?
Doctor: Ask the passengers of the Titanic.
I always get a little bit itchy whenever people start throwing superlatives around like unbreakable, impenetrable, etc. Nature, Human ingenuity, or Human stupidity all have a nasty habit of proving us wrong.
"I'm making perfect sense, you're just not keeping up."
FTA the reasoning is: "...
[a] it takes an "educated eavesdropper" to even realise information is being sent when there seems to be just low-level noise on the line.
[b] If they do try to eavesdrop, they can only tell a message is being sent, not what it is, because it's impossible to tell whether Alice has a high or low resistor turned on, and whether the bit of information is a 1 or a 0.
[c] What's more, eavesdropping on the line will naturally alter the level of thermal noise, so Alice and Bob will know that someone is listening in."
a.) is security-by-obscurity, so is b.); and we all know what to say about that little assertion.
c.) is simply rubbish, I can place a tap on the line with a high impedence buffer that will be indetectable to both Bob and Alice but which allows me to measure the noise and recover the signal.
Quantum encryption is quite different, the tap actually disrupts the signal so that both Bob and Alice know immediately they're being listened to even if though don't know how. This scheme seems to be arguing that Bob and Alice will hear the equivalent of clicks-on-the-line aka mid 20thC techniques and be able to deduce tapping. I don't think that's been possible since the digitization of the phone system during the 80's and 90's.
In fact, let's get serious. This guy is talking about "level of noise" aka amplitude modulation as used in AM radios, but using the background noise as the carrier signal. This as got more in common with steganography than quantum encryption.
This protocol relies of the transmission of classical information Alice to Bob, stored in orthogonal states. These are always, from a quantum information theoretic standpoint, in principle distinguishable by an intermediate eavesdropper. Quantum key distribution protocols such as BB84 transmit information in non-orthogonal states, which can't be distinguished, and so they are unbreakable unless quantum mechanics is wrong.
So a transmission hidden in noise is new again? Is this like a combination of stego and throwing out chaff to confuse the radar? It's what it sounds like to me. And not very efficient either. And just how precise do the resisters or the wire have to be? What happens over time as the characteristics of the wire and resisters change? And isn't random noise kinda quantum in a way? "What's more, eavesdropping on the line will naturally alter the level of thermal noise, so Alice and Bob will know that someone is listening in." emphasis mine.
What?
Still, somehow, this passes my truthiness test.
This looks interesting, great. But as long as we're in the "what is better than what" game, how is this any better than one-time pad?
If you're going to go to the work of putting down a single, dedicated wire with two fixed endpoints - it would seem a lot easier for Alice and Bob to just meet, generate 2 identical random pads (with current disks, 1TB is easy) an then Alice and Bob communicate securely until they meet next. Done.
Seriously, what keeps an attacker from just cutting the wire? Poof! no more channel.
In OTP, losing the pad is always a problem, but in this case, the two-resistor fixed endpoint has to be secure too, as this is always where the messages are decrypted. The same level of security at the endpoint is required for both systems.
At being hyped beyond its true usefulness!
I belive congrats are in order.
TLF
I do not respond to cowards. Especially anonymous ones.
This does nothing to prevent man-in-the middle attacks. If I can get physical access to your wire to eavesdrop I can also cut it completely and put myself in the middle.
Still, it's a nice piece of thinking.
No sig today...
Inconceivable!
Many holes were picked in this scheme last time it appeared on Slashdot (in 2005), and Laszlo Kish responded to some of the criticisms in this Web log comment thread.
I read Schneier's page because I respect the guy, and I figured he'd know what he was talking about. It already seemed trivially vulnerable to a man-in-the-middle attack, but I wanted to see if I was the only one.
Looks like I'm right:
He actually details a few more problems:
But then, I guess it's the best we've got:
Don't thank God, thank a doctor!
Moderators: Please mod the parent post up. This attack obviously didn't get enough attention last time this technique was posted to Slashdot.
http://outcampaign.org/
Even quantum cryptography is vulnerable to such an attack, so in this respect there is no loss with this resistor system. There is no true solution to the man-in-the-middle problem.
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
There is no solution to the attack you're describing. Even quantum cryptography fails against this.
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
I have a real problem understanding all this. Maybe my knowledge of crypto is flawed (most likely), or I simply did not understand this technique.
Crypto, from my point of view, faces 2 main problems:
1) The safe transmission of the key
2) The computational power to encode/decode the message
Asymmetric cryptography solves the first problem, while with symmetric cryptography, the second problem is much smaller.
To "solve" both, we have things like what is used with HTTPS. You first use asymmetric to transmit a symmetric key (session key), which solve #1 but is computationally expensive, then use the session key (since #1 was solved), which is much less expensive. A pretty simple and intelligent way to do things.
Now the next barrier is to improve those algorithms, for both parts of the process (symmetric and asymmetric). As far as I know, there is where quantum crypto enters. Instead of using linear computation, you use quantum.
From what I understand, this technique is trying to replace the whole process, and not what quantum crypto proposes to do. Which is odd, since you will still have the first problem I've pointed out. After all, you still need a safe channel to transmit the key (what resistors do the other side use?). And, if you already have a safe channel, why do you need cryptography ?
Ok, so you have an expensive safe channel, just like you get with asymmetric crypto. Or a darn inconvenient one (someone with a briefcase blah blah). And the whole idea of using resistance/thermal is to have an analog (not digital) cryptographic method, which is naturally (due to its lack of discrete states) much harder to break. Is that the idea ?
Isn't quantum crypto also lacking of discrete states in the same way ?
morcego
Hmm, that may have been useful 50 years ago. It is somewhat like discoving a new way to make stone axe.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
i'm sure i heard this story about a year or so ago. why is it appearing now?
Can someone who understands this better than me make a Wikipedia article on electrical noise encryption and one on Laszlo Kish?
Here is a 2005 paper by Kish the topic:
Totally Secure Classical Communication Utilizing Johnson (-like) Noise and Kirchoff's Law
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
The original article was published (and talked about in /., see Related Article link) back in 2005. The paper you cited claiming a break was replied to by the original author, and there have been a number of other papers back and forth since. The technique has credibility. As Bruce Schneier pointed out this technique if it works is no worse than quantum cryptography and is a lot simpler and cheaper, but it has all the other deficiencies of quantum cryptography. The author claims no more than that. He rebuts the arguments in the paper you linked to by showing that the amount of information leakage is less than that from a practical (as opposed to theoretically ideal) quantum cryptography system, and so can be dealt with using the same privacy-enhancing post-processing that has to be used with quantum crypto.
I agree with Schneier's assessment of quantum crypto as a solution in search of a problem, and this appears the same, although much cheaper to implement.
The most recent paper on the topic was a plenary talk given by the author last week at a conference in Italy. The references in that paper will give you the complete list of papers arguing with his results and his responses to those arguments.
We had the Cone of Silence years ago. I remember seeing it on telly!
Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
http://www.lightbluetouchpaper.org/2006/10/08/kish s-totally-secure-system-is-insecure/
is not futile?
This technique is worse. Quantum cryptography** lets you know the extent to which your shared key has been decloaked, providing a rational basis for reusing chunks of the (expensive) one-time pad.
**A bad name. It really ought to be called quantum exposure detection.
This headline is inaccurate.
In order for this technique to beat quantum crypto, Bob and Alice would have to be really good at randomly choosing which transistor to use. Most humans, when asked to fake a string of coin flips, will be obvious because there are certain patterns humans select against that occur randomly.
This is more of a "Some dude thought of a cool technique that might someday be turned into some secure tech that can beat quantum" I wouldn't rule qunatum crypto out on the basis of this article, though.
What A and B and anyone listening in can measure is whether there is a small amount of noise, a medium amount of noise, or a huge amount of noise.
Except that's not all anyone in the middle can measure. Noise isn't either on or off. When Bob switches his resistor, that causes noise. When Bob takes a measurement, that causes noise (after all, that's what they're depending on to detect Carol in the middle). As the temperature changes, the noise level changes. There's an enormous amount of information about the system being produced by all these changes, and the hardware and software at the ends has to deal with that too.
If Carol makes no change in the noise level of the system faster than the changes made by all the transient sources, then she can not be detected.
Finally, you're going to measure different "middle" values in different places on the line. The effect of each resistor isn't going to make exactly the same change in the noise level at all points. If Carol can place two probes, she can tell which resistor was at each end.
He doesn't present a rigorous mathematical counterargument to the linked paper, as noted in an addendum in it!
This technique has no promise whatsoever.
"Politicians and diapers must be changed often, and for the same reason."
Hmm, my intuition immediately says this won't work for reason or another.
I haven't yet seen a compelling argument why it won't work in all its simplicity, but I'm positive it's BS. My intuition seldomly fails when talking about matters I think I understand (...I Think...).
(Random rambling)
Eve has a probe in the line. It attaches to the line near Alice and Bob. It is effectively very big resistor and a small power source, which circulates small current through the wires and his own resistor. Now, Alice attaches her resistor. Presumably it is smaller or atleast not hugely larger than Eve's resistor. Eve can now see the voltage difference in her probes near Alice and Bob. She can deduct from the change that it was Alice who attached resistor. She can also calculate how big the resistor is. At this point Eve can shut down her active probe before Bob attaches his own resistor. If the active tap would still be connected, it would mess the communication totally. Ehum. Infact, given enough sopisthication, even the resistance or inductance from a passive tap would mess up the communication and/or reveal Eve. However, as the wires certainly cannot be infinitely superconductive, there has to be rather big frame in which Eve can insert her passive tap in the setup.
Now the question is, can Eve deduct Bob's resistor by knowing Alice's resistor. If I understood correctly how this is supposed to work, I think it actually follows, that if Alice can decrypt Bob's comunication, which he sends by connecting/disconnecting his resistor, Eve should equally easily be able to deduct the communication by knowing alices resistance. (Stupid run-on sentence)
PS. Actually the active probe needs not to be "near" Alice nor Bob. Just having the probes ends sufficiently far from each other to have some resistance from the signal wire to figure out which end connected the resistor first.
Bot Assisted Blogging
piquard: lt cmd my bs detector is flahsing so !
/. newsflash!
deta: cptain , the main computer cant stand the sum of the quantum qubits and an innovative encryption teqnique based on resistors in one single
piquard: sqotty, main reactor shutdo/
Shouldn't it be that Bob sends and Alice receives?? I never get past that.
Mod Me Up. You'll make a grown man cry.
Simple to intercept.
Eve takes two hybrids with the same characteristic impedance as the line.
Breaks the line, inserts the hybrids back to back.
Monitors the noise coming from each direction.
Drinks a margerita while she observes the commnications.
O
Neal Stephenson wrote about a similar method in Cryptonomicon. Something about using music to mask communications sent over radio. The sender plays music and masks the information being sent. The receiver knows what music it is and can play it to 'cancel out' the broadcast music leaving behind just the message. Or something like that.
Do really dense people warp space more than others?
Sounds cool, but like quantum, the roll out costs sound like they are going to be expensive. Why not just use one time pads distributed through a third channel (like the mail)? Or why not use steganography to distribute a one time pad? I guess I'm turning into a troglodyte.
What if the man in the middle separates the waveforms?
Lets see, I hook an ammeter up around the wire at any point. I get three current levels. 2xHighREsistance = low current, 2xLowResistance = high current, HighAndLowResistance = medium current.
So I have a 50% chance of knowing a bit with absolute certainty, so you can only use the bits generated when the resisters are mismatched by knowing that I used High, so they used Low.
Now, if they are using DC it is infinitely easy to tell who used low and who used high by the amount of voltage drop.
If they are using AC, and I generate uniform AC waveform and match the frequency and polarity, and measure both signals compared to ground, I can tell by the relative deformation of the voltage wave and the direction of current flow, whether the high resistance.
And you don't need to deal with "Thermal" anything.
The measured "thermal" quantity used in the experiment is bull compared to the simplicity of both ends to observe current.
Someone has already mentioned that if you cut the wire and install two of the transceivers you can intercept the key process in both directions and transport the data between the two intermediate devices as clear text.
Finally, if this isn't just a key-generation protocol, if they actually send the data across the link, the transmitter "must" transmit the "next data bit" until there is a resistance mismatch, so any single unknown bit that happens after a known bit in that usage would be known.
Finally, if I just want to disrupt the data flow between the two endpoints, I can spam the wire so that the "Thermal" properties are always intermediate, inducing a complete key mismatch at both ends.
The more you over-think the plumbing, the easier it is to stop-up the pipes. 8-)
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
Not only does this not add any new information to the 2005 /. article, it also leaves out all the discussion that happened last time.
Specifically, some Slashdotters pointed out that, due to the speed of light, Eve can tap the line in two places at once and watch the "instant" change in the circuit propagate from sender to receiver. You don't even need a full man-in-the-middle to crack this.
Range Voting: preference intensity matters