First Secure Quantum Crypto Network Up and Running

← Back to Stories (view on slashdot.org)

First Secure Quantum Crypto Network Up and Running

Posted by timothy on Thursday October 9, 2008 @11:47PM from the all-new-perfect-forever-place-your-bets dept.

John Lam was one of many readers to send in news that on Thursday, "at a conference in Vienna, Austria, as reported by the BBC, a European Community science working group built a quantum backbone using 200-km of standard commercial optical fiber running among seven sites and successfully demonstrated the first secure quantum cryptographic key distribution network. In addition, each of the seven links used a different kind of quantum encryption, demonstrating interoperability between the technologies. To paraphrase, the project focused on the trusted repeater paradigm and developed an architecture allowing seamless integration of heterogeneous quantum-key distribution-link devices in a unified framework. Network node-modules managing all classical communication tasks provide the underlying quantum devices with authentic classical channels. The node-module architecture uses a layered model to provision network-wide, end-to-end, provably secure key distribution."

102 comments

Teleportation? by MRe_nl · 2008-10-09 23:59 · Score: 1, Interesting

from TFA "Albert Einstein, who discovered the quantum properties of photons of light - indeed, discovered the very concept of the photon - always resisted quantum theory's spooky behaviour, "God does not play dice", being among his oft-quoted objections.
But experiments eventually proved that he apparently does, and also laid the technical foundations for today's quantum information revolution - cryptography, teleportation, and computation."
Teleportation? Did I miss something here? Has matter been teleported or is this just speculation?

--
"Kill 'em all and let Root sort 'em out"
1. Re:Teleportation? by argent · 2008-10-10 00:03 · Score: 4, Informative
  
  http://en.wikipedia.org/wiki/Quantum_teleportation
2. Re:Teleportation? by polar+red · 2008-10-10 00:04 · Score: 1
  
  Teleportation? Did I miss something here? Has matter been teleported or is this just speculation?
  Yes. But it's only Photons that have been 'tele-ported' at the speed of light even.
  
  --
  Yes, I'm left. You have a problem with that?
3. Re:Teleportation? by IceCreamGuy · 2008-10-10 00:18 · Score: 2, Interesting
  
  it's only Photons that have been 'tele-ported'
  
  It is actually not a particle like a photon, but only information that is teleported. Just in case your next question is "doesn't this mean we can communicate at the speed of light?" you must have a classical information channel as well in order to make sense of the teleported information.
4. Re:Teleportation? by Zerth · 2008-10-10 00:22 · Score: 4, Funny
  
  xkcd is almost always relevant
5. Re:Teleportation? by Anonymous Coward · 2008-10-10 00:24 · Score: 0
  
  "Einstein would turn over in his grave. Not only does God play dice, the dice are loaded."
6. Re:Teleportation? by thedonger · 2008-10-10 01:26 · Score: 1
  
  But experiments eventually proved that he apparently does
  This is the part I find interesting - "apparently." We still do not fully understand, like when we inherit someone else's spaghetti code and, modify some method and say, "yeah, looks like that fixed the problem." Only, we aren't 100% sure, and then we find out it didn't fix it or it caused another issue, and ultimately we realize it's time to rewrite the whole damn thing.
  So the question is, how far will quantum [insert favorite flavor] go before we realize its something else entirely?
  
  --
  Help fight poverty: Punch a poor person.
7. Re:Teleportation? by itsdapead · 2008-10-10 01:46 · Score: 1
  
  "doesn't this mean we can communicate at the speed of light?"
  Actually, it has been possible to communicate at the speed of light for some time using, er, light by (eg) sending up smoke signals or waving. I think you meant "faster than light"...
  
  --
  In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
8. Re:Teleportation? by IceCreamGuy · 2008-10-10 01:56 · Score: 1
  
  Good points, I guess that is what I meant.
9. Re:Teleportation? by argent · 2008-10-10 01:56 · Score: 1
  
  I think we'll discover that the universe really is a mess of hacks and spaghetti code, personally.
  By that time we'll be Greg Egan cyberheroes and we'll rewrite the universe as a universal turing machine, and live as strings of code in the quantum foam.
10. Re:Teleportation? by itsdapead · 2008-10-10 02:13 · Score: 1
  
  Teleportation? Did I miss something here? Has matter been teleported or is this just speculation?
  Its about a trick that lets you transfer the "quantum state" of one particle to another particle (at a distance) without "measuring" it and therefore changing it.
  If you want it in Star Trek terms, they haven't invented the transporter, but they have eliminated the need for the fictitious "Heisenberg compensator" which (as any Star Fleet cadet knows) allow the transporter to measure the exact state of every atom in your body without completely scrambling them in accordance with the uncertainty principle.
  Don't count on beaming up anytime soon though - its one thing copying the quantum state of one elementary particle onto another (otherwise indistinguishable) particle and calling it "teleportation" but copying your quantum state onto (say) Lt Uhura would be a lot more complicated and wouldn't really have the desired effect (Disclaimer: your desires may vary).
  Back in the (hopefully) real world, If I understand quantum cryptography correctly, the only thing "teleported" is a random number to use as an encryption key for a conventionally transmitted message - and even then only in the simplified "thought experiment" version. A practical implementation involves a dialogue (using conventional channels) to establish each bit of the key.
  The USP is that if a man-in-the-middle intercepts the photons and "reads" them to determine the key, he can't generate new photons with the same quantum state to pass on to the recipient - so the recipient will know that the transmission has been compromised.
  If you go and look up a detailed description of the protocol it all starts to sound a bit less magical (but no less clever).
  
  --
  In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
11. Re:Teleportation? by Anonymous Coward · 2008-10-10 02:45 · Score: 0
  
  wat
12. Re:Teleportation? by caluml · 2008-10-10 02:45 · Score: 1
  
  Actually, it has been possible to communicate at the speed of light for some time using, er, light by (eg) sending up smoke signals or waving. I think you meant "faster than light"...
  Cough... radio waves... cough
  
  --
  Get your own free personal location tracker
13. Re:Teleportation? by mikkelm · 2008-10-10 03:27 · Score: 1
  
  Go back to Alpha Centauri.
14. Re:Teleportation? by Tubal-Cain · 2008-10-10 03:32 · Score: 1
  
  I think we'll discover that the universe really is a mess of hacks and spaghetti code, personally.
  Written in Perl.
15. Re:Teleportation? by MRe_nl · 2008-10-10 03:57 · Score: 1
  
  Thank you.
  I have to go and lie down now for a bit ; ).
  
  --
  "Kill 'em all and let Root sort 'em out"
16. Re:Teleportation? by Krabbs · 2008-10-10 04:13 · Score: 1
  
  Actually, it is neither. Teleportation is a bad name. The point is basically that you can transmit qubits using EPR pairs and classical bits. It is information theoretically interesting, but no "beem me up, scotty".
17. Re:Teleportation? by BungaDunga · 2008-10-10 05:10 · Score: 1
  
  You can communicate at the speed of light with... semaphore. It's not exactly hard.
18. Re:Teleportation? by BungaDunga · 2008-10-10 05:16 · Score: 1
  
  I don't think quantum encryption uses teleportation or entanglement, just the Uncertainty Principle. The photons (in a quantum state) are actually physically transferred through fiber-optics.
19. Re:Teleportation? by andruk · 2008-10-10 05:36 · Score: 1
  
  It's actually fairly simple (afaik). Particles bounce between potentials (inside a "well") and create standing waves. These waves die off exponentially in the potentials themselves, and so if you have a potential that is small (thin) enough, there is a non-negligible probability that the particle will be found outside of the well.
  Voila, "teleportation".
20. Re:Teleportation? by Bolzano-Weierstrass · 2008-10-10 07:17 · Score: 1
  
  It's actually fairly simple (afaik). Particles bounce between potentials (inside a "well") and create standing waves. These waves die off exponentially in the potentials themselves, and so if you have a potential that is small (thin) enough, there is a non-negligible probability that the particle will be found outside of the well.
  Voila, "teleportation".
  I suggest you compare Quantum Tunneling with Quantum Teleportation, as they are not the same thing :)
21. Re:Teleportation? by bram · 2008-10-10 09:19 · Score: 1
  
  You must be new here.
  
  --
  People using html in email should be shot.
22. Re:Teleportation? by SMACX+guy · 2008-10-10 09:46 · Score: 1
  
  Anonymous Coward, your forces have been spotted in my territory. I demand that you withdraw them immediately.
23. Re:Teleportation? by Anonymous Coward · 2008-10-10 11:13 · Score: 0
  
  I don't care how low your UID is, that joke is still stupid.
24. Re:Teleportation? by PhasmatisApparatus · 2008-10-10 12:29 · Score: 2, Funny
  
  No, xkcd is always almost relevant.
25. Re:Teleportation? by Anonymous Coward · 2008-10-10 13:35 · Score: 0
  
  You are correct. Thanks. Quantum is cool. :-D
  -- andruk
26. Re:Teleportation? by TwistedOne151 · 2008-10-10 15:55 · Score: 1
  
  I think we'll discover that the universe really is a mess of hacks and spaghetti code, personally.
  Spaghetti code, perhaps written with a Noodly Appendage?
27. Re:Teleportation? by hitmark · 2008-10-10 22:46 · Score: 1
  
  and even if it isnt, its fun the read ;)
  
  --
  comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
28. Re:Teleportation? by IceCreamGuy · 2008-10-13 03:07 · Score: 1
  
  Heh, whoops, yeah I'm an idiot
Subspace Encryptions by Anonymous Coward · 2008-10-10 00:04 · Score: 1, Interesting

I've always wondered what type of encryption was used in Star Trek episodes when it was announced that there was an encrypted subspace channel for Picard.
1. Re:Subspace Encryptions by jellomizer · 2008-10-10 00:11 · Score: 3, Insightful
  
  You know, Star Trek is fiction, right? Not all the technology in the Star Trek fictional universe is possible, an some others will come out very soon others probably never.
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
2. Re:Subspace Encryptions by Adult+film+producer · 2008-10-10 00:15 · Score: 1
  
  From "First Contact" -
  
  Data: I have isolated the main computer with a fractal encryption code. It is highly unlikely they will be able to break it."
3. Re:Subspace Encryptions by meringuoid · 2008-10-10 02:29 · Score: 1
  
  I've always wondered what type of encryption was used in Star Trek episodes when it was announced that there was an encrypted subspace channel for Picard.
  Along similar lines, remember in episode 25 of TOS, where just before beaming down to the planet Captain Kirk opened up a safe in his quarters? I always wondered what the combination was.
  
  --
  Real Daleks don't climb stairs - they level the building.
4. Re:Subspace Encryptions by Cajun+Hell · 2008-10-10 03:11 · Score: 1
  
  If you can afford to spend billions of (today's) dollars building these ships, you can afford to send 'em out with a few wowzabytes of random pad.
  
  --
  "Believe me!" -- Donald Trump
5. Re:Subspace Encryptions by Emperor+Zombie · 2008-10-10 08:11 · Score: 1
  
  1-2-3-4-5
  
  --
  I'm so excited I just made water in my pantaloons!
6. Re:Subspace Encryptions by Anonymous Coward · 2008-10-13 01:30 · Score: 0
  
  Incredible - that's the same combination I have on my luggage!
7. Re:Subspace Encryptions by ObiWanKenblowme · 2008-10-13 01:33 · Score: 1
  
  1-1A-2B
  Wait, that doesn't sound ri... [BOOM]
  
  --
  Obvious exits are NORTH, SOUTH, and DENNIS.
Better than ssl by sakdoctor · 2008-10-10 00:04 · Score: 5, Funny

You'll be able to tell if your web traffic has been snooped by the authorities because all your lolcats will arrive dead!
1. Re:Better than ssl by Anonymous Coward · 2008-10-10 00:50 · Score: 0
  
  Only half will, on average.
2. Re:Better than ssl by Anonymous Coward · 2008-10-10 01:11 · Score: 0
  
  I for one-half welcome our half-dead new quantum half-overlord ...
3. Re:Better than ssl by Dishevel · 2008-10-10 02:03 · Score: 1
  
  Only half will, on average.
  Wouldn't the encryption when snooped kill half the cats and then the snooper would need to re encrypt the packets. When you decrypt them again wouldn't you get like a 75% dead lolcat ratio and realize somthing was up?
  
  --
  Why is it so hard to only have politicians for a few years, then have them go away?
4. Re:Better than ssl by arktemplar · 2008-10-10 02:20 · Score: 1
  
  Lolcats and Schrodingers cat together - interesting.
  http://abstrusegoose.com/7
  
  --
  blog plug -> The Darker Side of Light
5. Re:Better than ssl by KGIII · 2008-10-10 02:37 · Score: 2, Funny
  
  http://icanhascheezburger.com/2008/05/02/funny-pictures-schrodinger-xperimint/
  (One of my favorites.)
  
  --
  "So long and thanks for all the fish."
If I recall correctly, not the first by fwice · 2008-10-10 00:05 · Score: 4, Informative

Under DARPA sponsorship, and together with our academic colleagues Harvard University and Boston University, BBN Technologies has recently built and begun to operate the world's first Quantum Key Distribution (QKD) network. The DARPA Quantum Network employs 24x7 quantum cryptography to provide unprecedented levels of security for standard Internet traffic flows such as web-browsing, e-commerce, and streaming video.

The DARPA Quantum Network became fully operational on October 23, 2003 in BBN's laboratories, and has run continuously since.

source: http://bbn.com/technology/information_security/quantum_cryptography
1. Re:If I recall correctly, not the first by Anonymous Coward · 2008-10-10 00:33 · Score: 0
  
  This article is about SECURE quantum cryptography, not some big brother's tool of backdoor-infected quantum crypto :P
2. Re:If I recall correctly, not the first by Anonymous Coward · 2008-10-10 01:04 · Score: 0
  
  BBN's network is described in "Quantum Cryptography in Practice" in ACM SIGCOMM 2003:
  http://arxiv.org/abs/quant-ph/0307049
  http://portal.acm.org/citation.cfm?id=863982
3. Re:If I recall correctly, not the first by Yvanhoe · 2008-10-10 01:17 · Score: 3, Informative
  
  And the first attacks are there as well...
  
  --
  The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
Stop loading the article! by Anonymous Coward · 2008-10-10 00:10 · Score: 1

I'm trying to read it, you insensitve clods!
1. Re:Stop loading the article! by KGIII · 2008-10-10 02:40 · Score: 1
  
  You must be new here.
  
  --
  "So long and thanks for all the fish."
"Story" tag by Rik+Sweeney · 2008-10-10 00:33 · Score: 1, Offtopic

Seriously, can we have this tag blocked or something?

--
Summation 2
1. Re:"Story" tag by Shikaku · 2008-10-10 00:39 · Score: 0, Redundant
  
  Sure! Block just about everything on Slashdot! You can only read the idle pages now because they are not stories.
2. Re:"Story" tag by Anonymous Coward · 2008-10-10 01:16 · Score: 0
  
  I wish they would just get rid of the tagging altogether. I don't see what purpose it serves other than to give people something to do.
3. Re:"Story" tag by Ant+P. · 2008-10-10 01:33 · Score: 1
  
  I'd prefer to just have the entire thing blocked, since the arrow icon has started overlapping the summary text.
  ("div.tag-widget-stub { display: none }" goes in the user CSS if you want rid of it)
4. Re:"Story" tag by Tubal-Cain · 2008-10-10 03:38 · Score: 1
  
  The appropriate response is to tag it "words"
5. Re:"Story" tag by TheRaven64 · 2008-10-10 08:06 · Score: 1
  
  Blob Wars now for Windows
  
  And does it still include copyright artwork and music being distributed without the permission of the authors?
  
  --
  I am TheRaven on Soylent News
Poor hackers by sTERNKERN · 2008-10-10 00:36 · Score: 0, Offtopic

An other nail to poor bastard's coffin. Noone thinks about where they go and what they do after loosing their jobs as hackers. Cruel world, it is.
1. Re:Poor hackers by Durkheim · 2008-10-10 01:19 · Score: 0, Flamebait
  
  This is the second funny coment mis-modded so far. Why the sad face, moderators?
Who's been reading sales literature? by L4t3r4lu5 · 2008-10-10 00:39 · Score: 1

"...seamless integration of heterogeneous quantum-key distribution-link devices in a unified framework."

My buzzword alarm just core dumped.

--
Finally had enough. Come see us over at https://soylentnews.org/
Rumors of their death has been slightly entagled by jonaskoelker · 2008-10-10 00:40 · Score: 5, Funny

Wanted: Schrödinger's Cat. Dead and alive.
what did he say? by FornaxChemica · 2008-10-10 00:44 · Score: 2

"To paraphrase..."
More like: to make the subject even more unintelligible...
Secure Key exchange. by locofungus · 2008-10-10 00:44 · Score: 2, Interesting

I heard something about this on the radio last night (wasn't paying full attention).
But they were talking about quantum key exchange. Assuming that they're then using a standard symmetric key to encrypt the link it's still theoretically breakable, just the key exchange that isn't.
If they're quantum encrypting all the data then that's pretty astonishing - they were talking about video-conferencing so they need a reasonable bit rate and the fidelity rate has to be above 5/6[1] otherwise the link might be vulnerable to a quantum cloning attack.
[1] Assuming the best attack is a universal quantum cloning machine. The maximum theoretical fidelity isn't known for most non-universal quantum cloning machines (but is trivially known for some - e.g. 3/4 for a naive measure and retransmit). I don't know whether it's possible to prove that the 5/6 is a sufficient lower bound on the fidelity.
Tim.

--
God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
1. Re:Secure Key exchange. by Bengie · 2008-10-10 01:33 · Score: 2, Interesting
  
  "[...]Assuming that they're then using a standard symmetric key to encrypt the link it's still theoretically breakable[...]" depends on what you mean by "theoretically". According to my cousins professor in his Computer Science Encrption course, if you had a *perfect* 256bit symmetric key encryption, if you counted just bit flips and no other inefficiency of the system, on average it would take more energy to break the key than there is usable energy in the known universe. and from what I've read about quantum computing, a quantum computer is only about 2xs faster than a regularcomputer at breaking symmetric key encrtion, so no hope there; but they really shine on asymetric sinceyou already have part of the key. All we need is a 512bit symetic key and you're screwed for theory unless there's a HUGE mathematical flaw in it. And most of the known flaws in the current AES are theorectical and haven't been proven, that I know of.
2. Re:Secure Key exchange. by locofungus · 2008-10-10 02:05 · Score: 2, Informative
  
  Hmmm, not sure I agree with that assessment.
  if you had a *perfect* 256bit symmetric key encryption, if you counted just bit flips and no other inefficiency of the system, on average it would take more energy to break the key than there is usable energy in the known universe
  A perfect computer can have no entropy change provided it never forgets anything.
  Storing all 2^256 keys would require 2^264 bits. There are estimated to be roughly 10^80 particles in the universe ~ 2^265. It's not immediately obvious to me that the problem is theoretically intractable in the known universe.
  A perfect 256bit symmetric cypher key falls to an oracle for messages >> 256 bits. Quantum key exchange together with OTP is safe against an oracle (in that you can never show the oracle to be correct)
  Tim.
  
  --
  God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
3. Re:Secure Key exchange. by meringuoid · 2008-10-10 02:31 · Score: 2, Informative
  
  But they were talking about quantum key exchange. Assuming that they're then using a standard symmetric key to encrypt the link it's still theoretically breakable, just the key exchange that isn't.
  Let the key be at least as long as the message itself; then you have a one-time pad, which is unbreakable.
  
  --
  Real Daleks don't climb stairs - they level the building.
4. Re:Secure Key exchange. by locofungus · 2008-10-10 03:19 · Score: 1
  
  Yes. Exactly. But your key generation has to have the same bandwidth as your data channel.
  When I said standard symmetric key I meant key much shorter than message.
  If they can generate a key at a bit rate sufficient to support video conferencing with a fidelity of no less than 5/6 over standard fiber optic cable then I'm very impressed.
  If their fidelity is lower than that then an attack may be impossible currently but it's not theoretically impossible for someone with a perfect (as far as allowed by the rules of QM) universal quantum cloning machine.
  Things start getting even more interesting if the attacker knows it's an mpeg stream for example being encrypted. Intercepting every other bit in the key exchange will cause an error rate of 1 bit in 12. But 1 bit in 2 might be sufficient to extract valuable information.
  ISTM that to be theoretically unbreakable there must be no errors at all during the key exchange or you must be able to prove that a subset of bits of the key is insufficient to gain useful information and the error rate is sufficiently low to prove that nobody is intercepting that many photons during the key exchange.
  While quantum key exchange is very interesting, I'm not convinced that it's going to solve any real problem. We already know that perfect quantum key exchange is unbreakable, exactly as we know that perfect OTP is unbreakable. But problems in implementation can leave both vulnerable to theoretical attacks. But DH+AES is unbreakable in practice and offers perfect forward security unless the discrete log problem is solved. OTOH, I hope these scientists do managed to convince the banks that this is something they need. Because then that money will (hopefully) be spent on further research which is always useful. e.g. quantum key exchange requires single photon detectors. Not very long ago that was a dream. At least in part the commercial desire for perfect key exchange has helped drive that research.
  Tim.
  
  --
  God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
5. Re:Secure Key exchange. by UnHolier+than+ever · 2008-10-10 03:45 · Score: 1
  
  The fidelity necessary for QKD to be provably secure depends on the axact protocol used. BB84, the most common protocol, can withstand a 11% error rate. Quantum cloning is one of the most obvious attacks, but not necessarily the best one. Also, as other commenters said, quantum cryptography is only secure if the key is used in a OTP.
6. Re:Secure Key exchange. by Anonymous Coward · 2008-10-10 05:27 · Score: 0
  
  I guess I'm no Einstein here -- I just don't understand the point of these wild "unbreakable" security claims. First of all you can't use quantum channels to send any information of any kind so establishing meaningful bindings between classic and quantum would seem to me to be outright impossible.
  The point is that security technology is only as good as its weakest link and that weakest link is still classical algorithms required to establish trust.
  I can appreciate the importance of OTP sources to mitigate attacks but the unbreakable nonsense is overrated.
Quantum this, Quantum that by jonaskoelker · 2008-10-10 00:46 · Score: 3, Funny

So, we have quantum computers with quantum networks doing quantum cryptography. What's next, buying music with quantum DRM, i.e. the song is both there and not there until the sound card observes it? ;)
1. Re:Quantum this, Quantum that by internerdj · 2008-10-10 01:38 · Score: 1
  
  Don't worry. I'm sure its coming. Which will finally lead to the Recording Industry Association of America versus the People of the United States of America, where we are all sued for the music we both have and don't have on our computer...
2. Re:Quantum this, Quantum that by Anonymous Coward · 2008-10-10 01:40 · Score: 0
  
  I'm working on a rap album which will be available only through fully quantum encrypted distribution channels.
  Working title: Bitches don't know what.
3. Re:Quantum this, Quantum that by Belial6 · 2008-10-10 04:58 · Score: 1
  
  We already have that. When you make a purchase from the MAFIAA, you both own it and don't own it at the same time.
But, what is the big secret ... by Anonymous Coward · 2008-10-10 00:51 · Score: 0

Pity Austria has no secrets worth hiding. Except for the not-so-secret of their apparently successful quantum network.
BTW how do they know that their secrets are safe? Only if somebody cracks them. But how will they know that? If they know they have been cracked then perhaps there will be an equal probability that they haven't been?
1. Re:But, what is the big secret ... by Bishop+Rook · 2008-10-10 01:21 · Score: 1
  
  "Provably secure" means exactly that, for the same reason a one-time pad is provably secure.
Not so sercure then by marcosdumay · 2008-10-10 00:58 · Score: 1

If it rellies on the concept of "trusted relays", it is not really secure. Point to point cryptography can be secure, but when you start to depend on third parties, how can you be sure?

--
Rethinking email
1. Re:Not so sercure then by Bishop+Rook · 2008-10-10 01:23 · Score: 1
  
  ...when you start to depend on third parties, how can you be sure?
  http://en.wikipedia.org/wiki/Digital_signature
2. Re:Not so sercure then by david_thornley · 2008-10-10 01:57 · Score: 2, Interesting
  
  Yeah, but the same crypto that allows digital signatures also allows secure key exchange.
  In other words, although this is an impressive achievement, it isn't clear to me that there's any practical application as yet. Particularly when we consider that modern crypto is almost certainly secure, so that intercepting the bits en route is pointless, and that you don't need crypto over a physically secure route.
  Quantum computation and communications may well be very useful some year, but 2008 isn't it.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
3. Re:Not so sercure then by marcosdumay · 2008-10-10 02:37 · Score: 1
  
  Ok, that link is so far off that I had to check it in order to know that there isn't some relevant info hidden in it. Turns out that it doesn't.
  If you have a cryptography algorithm that depends on thrid parties decoding and reencoding your text, you can't be sure that those third parties won't eveasdrop your plain text. That is simply not secure.
  
  --
  Rethinking email
4. Re:Not so sercure then by Chris+Burke · 2008-10-10 04:41 · Score: 1
  
  Yeah, but the same crypto that allows digital signatures also allows secure key exchange.
  In other words, although this is an impressive achievement, it isn't clear to me that there's any practical application as yet. Particularly when we consider that modern crypto is almost certainly secure, so that intercepting the bits en route is pointless, and that you don't need crypto over a physically secure route.
  There's an application: Distribution of the public keys that make digital signatures and secure private key exchange possible.
  Key exchange is the fundamental problem of cryptography, and the reason it is so is that you can't solve it with cryptography. At some point you need to give someone an unencrypted copy of a key. You can't use the insecure communication channel to do it, it defeats the whole purpose, and makes man-in-the-middle attacks possible. We get around this in a fairly practical way by distributing keys for the Certificate Authorities on physical media or in widely distributed downloads like web browsers which we assume (and hope and pray) aren't hacked with different keys pointing to false CAs.
  But imagine something smaller scale, imagine you wanted to share a public key with another individual/organzation directly rather than relying on them having a certificate from a major CA, and you also don't want to physically meet or send the key in snail mail etc. That's where this is useful.
  The main limitation is the "trusted repeaters" thing to get any distance is 30mi is as far as they were able to make a single quantum crypto link. However think of it this way -- if you were trying to distribute a public key over the regular internet, you'd have to worry about whether the rounters/switches were compromised, and in theory anyone who knew where the fiber was laid could dig it up, cut it, and stick their own repeater in and intercept your keys with it looking only like a brief outage, possibly unnoticed. With quantum crypto, that can't happen any interception of your message would be detected. So those 'trusted repeaters' are -really- all you need.
  Oh and there's one other application, and that's detecting whether your conversation has been intercepted in situations where you suspect your keys have been compromised. It's a little 24, but suppose you thought there was a mole who shared your keys with someone else, and you wanted to communicate with someone under 30 mi away, you would at least know if someone tried to read your message and was possibly able to decrypt it. With normal encryption, if your keys are compromised, then that's it, you're screwed. Here at least you can have a good idea if your secure channel is really secure.
  Quantum computation and communications may well be very useful some year, but 2008 isn't it.
  Huh, well, okay, now that I think about it, there is an application, but I guess it's not really all that useful. :P
  
  --
  
  The enemies of Democracy are
5. Re:Not so sercure then by Sique · 2008-10-10 05:55 · Score: 1
  
  Modern crypto can't warranty the non observation of the signal by a third party.
  
  --
  .sig: Sique *sigh*
6. Re:Not so sercure then by jonaskoelker · 2008-10-10 07:09 · Score: 1
  
  2009: the year of quantum computation and communication on the desktop!
Still vulnerable to MITM by ThreeGigs · 2008-10-10 01:10 · Score: 3, Insightful

..." trusted repeater paradigm "...
Okay, so basically you're only 'secure' up to about 30 miles, and that's only if you have a real, honest to goodness, point to point fiber link. Otherwise they're still converting photons to electrons, and making new photons, at the repeaters.
It's no more secure than current fiber, except that you've limited the attack vector and locations to known points, namely the repeaters.
Will this be available for the public? by UncleMantis · 2008-10-10 01:14 · Score: 0

As more and more people are worried about their ISPs sniffing their data, will this type of system be available for use with clients running on the user's machine such as for Web, E-mail, P2P, etc?

--
Uncle Mantis
1. Re:Will this be available for the public? by ustolemyname · 2008-10-10 01:27 · Score: 1
  
  Yup, I can see ISP's all over investing money to keep them from doing things with your data.
Re:Rumors of their death has been slightly entagle by jank1887 · 2008-10-10 01:48 · Score: 0, Redundant

or both
Brilliant defense against that NSA submarine! by PolygamousRanchKid+ · 2008-10-10 01:50 · Score: 1

That NSA submarine that spliced all those cables in the Middle East will never be able to navigate to Vienna. So no taps.
Or do you think the NSA might say: "NSA can't tap cable. NSA smash cable!"

--
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Crypto what? by gsgriffin · 2008-10-10 02:34 · Score: 1

I fro oen ndo't ese hwta ehty rea klatnig bouta. If hwta ehyt ysa is tuer, hent I cna itrew a emssgea in my nwo ayw dna ouy anc daer it stuj infe. iDd ouy teg tish? Is htat thaw ehty reew yrtnig to sya?

--
jsut athnoer menagiensls ltitle psrhae for you to dcoede. Why do we wtsae our tmie dnoig tihs?
1. Re:Crypto what? by DrVomact · 2008-10-10 05:21 · Score: 1
  
  isbor, uor ykes vhae eben ewnz0rd. Efle!
  
  --
  Great men are almost always bad men--Lord Acton's Corollary
"no cloning" theorem dictates how repeaters work by Cordath · 2008-10-10 03:18 · Score: 4, Informative

Quantum key distribution (QKD) relies on the fact that a single measurement can only reveal partial information about its state. i.e. The same fundamental physical property that makes QKD work also makes it impossible to "read" a photon at a trusted repeater station and then resend an identical copy. This would violate the "no cloning" theorem. Instead, the trusted repeater would have to exchange a key with both the sender and receiver. This obviously requires trust and slows things down, but it's not unreasonable in a European bank network where many banks that both trust each other are physically located within a short distance of each other. (Current QKD is limited to links of distances of about 150 km due to loss in fiber, and the secret key bitrates at these distances are not good.)

End point to end point QKD is possible with what are called quantum repeaters. In this scheme, the repeater station creates single photon pairs and sends them to the adjacent links in the chain. At each link, bell state measurements are performed that create a daisy-chain of entanglement swapping until, ultimately, the sender and receiver at the two ends of the chain are left with an entangled pair that they can use to create a key. In this scheme, the repeaters actually gain no information about the entangled pair that the sender and receiver wind up with, and the sender and receiver are able to detect tampering just as they can with other forms of QKD. The result is a repeater network over which secure communication is possible even if the repeaters are untrusted. The worst case scenario, theoretically, is that the eavesdropper just cuts the line so that communication isn't possible.

This technology works experimentally, but will not be practical until quantum memory (i.e. light storage) becomes practical. The problem is that, without memory, each link in the entanglement chain has to receive photons at the same instant in time. With loss happening randomly in all the links, the probability of this happening is no greater than the probability of a photon traveling directly from the sender to the receiver. Ergo, you gain nothing.

Quantum memory is a hot field of research and several experimental groups have shown promising results using a variety of approaches. In short, QKD will not be limited to trusted relay networks for long.
Re:Rumors of their death has been slightly entagle by Tubal-Cain · 2008-10-10 03:35 · Score: 1

Hence the "and"
Im webdawg. Im right. by Anonymous Coward · 2008-10-10 03:45 · Score: 0

All suns in the universe are connected and can be utilized as a quantum communication network.
Welcome to the universes internet.
Find me bitches.
@efnet
Re:Rumors of their death has been slightly entagle by jank1887 · 2008-10-10 03:53 · Score: 1

that's what you think.
The suns of the universe. by w3bd4wg · 2008-10-10 03:56 · Score: 0

The suns of the universe can be used as a quantum communication network. Figure it out. I need of this planet.
This is old news! by paniq · 2008-10-10 04:02 · Score: 1

I read about it in a CS paper from a while ago.

--
Do not trust this signature.
No teleportation by Chris+Burke · 2008-10-10 04:10 · Score: 1

The wiki article posted earlier will give you more information, but let me tell you the depressing upshot.
Nothing is really being teleported. Nothing can be transported faster than the speed of light using quantum teleportation. Not even information. Especially not information.
There is a quantum interaction between two particles that happens instantly, but the particles themselves, and all the information contained in those particles, was transfered at sub-light speed when you separated them.
It's still useful, just not for anything you would normally associate the words "teleportation" or "instantaneous" with. :P

--

The enemies of Democracy are
GG by kingsteve612 · 2008-10-10 07:38 · Score: 1

all IT professionals now required to have a degree in quantum mechanics. lol at the concept. lol at the BBC. lol at my post because it's rather stupid. good day.
QUantum physics says so. by jotaeleemeese · 2008-10-10 12:51 · Score: 1

If you try to measure something at quantum level then you mess up with the state of that something.
Or something like that.

--
IANAL but write like a drunk one.
1. Re:QUantum physics says so. by marcosdumay · 2008-10-13 00:27 · Score: 1
  
  If you try to RTFA, and understand a bit of quantum physics (that part is easy*) you'd have some less vague things to say. In meantime, please, don't relay on qauntum cryptography for anything important, ok.
  *That part of quantum mechanics is quite easy to deal with, it is just some trivial algebra. Not to say that quantum mechanics is easy, there are plenty of hard things in it, just not quantum cryptography.
  
  --
  Rethinking email
Big milestone by Vadim+Makarov · 2008-10-11 16:16 · Score: 1

I have been there, and can give my impresson. I think, this is a big milestone for quantum cryptography. This has been the most massive and convincing demonstration of the technology up to the date, nothing like any before. Yet, it seems to have received relatively little press attention.

The demonstration was a conclusion of an European project in which several tens of research groups collaborated. The main thing it produced are network protocols for a quantum cryptography network. Several months ago, the plan for this demo was four quantum cryptographic links. However, it was easy to plug any quantum crypto link into the network, so six research groups and one commercial company ended up bringing their systems to Vienna (the latter, idQuantique, actually contributed three links to the network).

Out of these nine systems, seven performed flawlessly for several days, one worked for half an hour and then died (the secure key produced in the first half an hour was still used by the network; the failure was blamed on a software problem in that system), and one prototype did not quite survive the flight to Vienna (hard disk was trashed by baggage handlers). Given that most of the systems were research prototypes, the statistics actually looks good to me.

Since the network topology allowed for redundant paths between most of the nodes, the actual failure of one link and simulated failure of another did not prevent the network from operating. (The network topology on the picture as not quite complete: at the last moment, eighth link and one more node were added off the topmost node.) During the demo, there were shown securely encrypted video links between the nodes, and telephone calls. The video links were encrypted with AES with session keys provided by the network. The telephone calls were encrypted with one-time-pad provided by the network. Resiliency to failures was demonstrated: one link was broken on purpose (eavesdropping was simulated by inserting a polarizer), and a key store in another was exhausted during one of the one-time-pad encrypted calls. In both cases, the key distribution was automatically re-routed through other paths and nodes.

The network software implemented so far requires all nodes be trusted and secure. However, I know that algorithms are under development that would allow secure key distribution in a bigger network where up to a certain percentage of nodes might have been compromised.

The demo was on the first day of the meeting. The other two days were just a very good research conference, with no press attending. I apologize if I got some details above not fully correct.

--
17779 eligible voters in a district, 17779 'vote' as one. This is Russia.