Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quantum Cryptography Broken, and Fixed

Posted by kdawson on from the knowing-the-unknowable dept.

schliz writes in with research out of Sweden in which researchers showed that, looking at a quantum cryptographic system as a whole, it was possible for an eavesdropper to extract some information about the QC key, thus reducing the security of the overall system. The team then proposed a cheap and simple fix for the problem. "The advanced technology was thought to be unbreakable due to laws of quantum mechanics that state that quantum mechanical objects cannot be observed or manipulated without being disturbed. But a research team at Linköping University in Sweden claim that it is possible for an eavesdropper to [get around the limitations] without being discovered. In a research paper, published in the international engineering journal IEEE Transactions on Information Theory (abstract), the researchers propose a change in the quantum cryptography process that they expect will restore the security of the technology."

9 of 118 comments (clear)

  1. So is the cat dead? by EmbeddedJanitor · · Score: 5, Funny

    Quantum stuff is so illogical to us mortals that you'd expect attempting to break it would just make it stronger.

    --
    Engineering is the art of compromise.
    1. Re:So is the cat dead? by Tackhead · · Score: 5, Funny
      > Quantum stuff is so illogical to us mortals that you'd expect attempting to break it would just make it stronger.

      Which is precisely what happened.

      In a research paper, published in the international engineering journal IEEE Transactions on Information Theory (abstract), the researchers propose a change in the quantum cryptography process that they expect will restore the security of the technology.

      By being sufficiently precise about the nature of the insecurity, they changed the probability of its being insecure!

      Furthermore, now that we know it's secure again (that is, we've proven it to be secure, effectively computing the probability of insecurity to be precisely zero), we no longer know anything about the nature of the system's security holes again!

      That was all supposed to be a lead-up to a Heisenberg Uncertainty Principle joke, but it's actually a pretty good description of how computer security works in even the non-quantum world. The more secure you think your system is, the more likely it is you'll get 0wn3d in some completely unexpected way. The known unknowns aren't the ones you've gotta worry about, and nailing them down doesn't do anything about the unknown unknowns, other than to collapse the joke's waveform into something resembling a Don Rumsfeld speech.

      In anything other than a Slashdot quantum crypto discussion, that sort of whiplash-inducing change of joke subjects would be highly improbable. As it stands, I'm going to shift gears a third time and hand it off to Douglas Adams.

      Zaphod: Tackhead, is this sort of thing going to happen every time you post using the Infinite Improbability joke drive?
      Tackhead: Very probably, I'm afraid.

    2. Re:So is the cat dead? by tzanger · · Score: 5, Funny

      I thought a tri-state cat would be alive, dead and high-impedance.

    3. Re:So is the cat dead? by bh_doc · · Score: 5, Funny

      *sigh* Dude, the whole point of the bi-state cat is that both alive and dead is exactly the state the cat ends up in. It's a superposition until you measure it. That's why it's so bizarre. Schrodinger's cat is a zombie.

  2. I know the solution by jollyreaper · · Score: 5, Funny

    They were connecting the computers via cat-5 cable. Everyone knows you're supposed to use Schrödinger's cat-5 cable in that sort of application.

    --
    Kwisatz Haderach
    Sell the spice to CHOAM
    This Mahdi took Shaddam's Throne
  3. That wacky quantum cryptography by Anonymous Coward · · Score: 5, Funny

    It was actually broken AND fixed at the SAME TIME!

    1. Re:That wacky quantum cryptography by mrbluze · · Score: 5, Funny

      It was actually broken AND fixed at the SAME TIME! Kind of like a Windows Update.
      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
  4. Re:Wah? by mrbluze · · Score: 5, Interesting

    The advanced technology was thought to be unbreakable due to laws of quantum mechanics that state that quantum mechanical objects cannot be observed or manipulated without being disturbed.

    Well the worst thing about an encrypted stream is that you trust it, not really knowing if someone is listening half way down the line. If you get a hint that it's being listened to, you can start sending garbage (or misinformation) down the line so as to confuse the hell out of the eavesdropper, whilst taking up alternative methods of communication or something.

    This makes me wonder if cryptography needs to become cleverer. I mean, depending on the type of data you're sending, might there be a role in padding encrypted streams with 'honeypot' data, like random bits of vaguely interesting crap that the expected listener might want to be interested in. Sort of a live equivalent of Truecrypt's plausible deniability.

    What do people think about that?

    --
    Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
  5. Article is a dupe... by The+Master+Control+P · · Score: 5, Informative

    Just like the last time, the laws of quantum physics still work and it is still impossible to observe a quantum system without altering it. The researchers found that the classical authentication protocols that prevent man-in-the-middle attacks were insufficient.