Quantum Cryptography Now Fast Enough For Video

← Back to Stories (view on slashdot.org)

Quantum Cryptography Now Fast Enough For Video

Posted by kdawson on Monday April 19, 2010 @08:42PM from the key-frames dept.

cremeglace sends in news of a major advance in the speed of quantum key distribution. "Researchers at the Cambridge Lab of Toshiba Research Europe have solved the problem of transferring highly sensitive data at high speed across a long distance network. The team were able to demonstrate the continuous operation of quantum key distribution (QKD) — a system that allows the communicating users to detect if a third party is trying to eavesdrop on the data communication — at a speed greater than one megabit/sec over a 50 km fibre optic network, thanks to the use of a light detector for high bit rates and a feedback system which maintains the high bit rates during data transfer. ... The faster one megabit/sec data handling will allow the one-time pad to be used for the encryption of video — a vast step forward over the current ability to only encrypt voice data."

14 of 69 comments (clear)

Min score:

Reason:

Sort:

And if there's a man in the middle? by BadAnalogyGuy · 2010-04-19 20:44 · Score: 3, Insightful

So if someone is eavesdropping, I won't be able to watch the video?
1. Re:And if there's a man in the middle? by Chrisq · 2010-04-19 20:58 · Score: 4, Insightful
  
  That's absolutely correct. For some purposes it is better that you terminate the video session than have someone listening in undetected
2. Re:And if there's a man in the middle? by mooglez · 2010-04-19 21:07 · Score: 3, Interesting
  
  Would this be vulnerable to the man in the middle attack on quantum key distribution described in this earlier slashdot article:
  http://it.slashdot.org/story/09/12/30/2118250/Quantum-Encryption-Implementation-Broken
  They seem to be attacking the hardware rather than the software
Re:Any grammar Nazis around? by Chrisq · 2010-04-19 21:01 · Score: 5, Informative

I think that it is acceptable British English, see American and British English differences: Formal and notional agreement
MPAA dream? by sznupi · 2010-04-19 21:04 · Score: 2, Insightful

I wonder if some interesting contributors could be noticed in founding sources...

--
One that hath name thou can not otter
sigh, the "quantum" buzzword by FuckingNickName · 2010-04-19 21:20 · Score: 2, Insightful

So, do we still need the magic secondary channel which everyone doing transfers over this "theoretically perfect" channel conveniently forgets?
1. Re:sigh, the "quantum" buzzword by FuckingNickName · 2010-04-19 21:32 · Score: 2
  
  If you were to stretch your mind beyond the subject, you'd see I was actually complaining about a fundamental problem with setting up a practical quantum transmission line.
2. Re:sigh, the "quantum" buzzword by FuckingNickName · 2010-04-19 21:37 · Score: 2, Interesting
  
  And howd'ja verify the integrity of your transmission? In a possibly equivalent formulation, Bob, how do you make sure Alice is the source of your channels, not Eve?
3. Re:sigh, the "quantum" buzzword by FuckingNickName · 2010-04-19 22:13 · Score: 3, Insightful
  
  The secondary classical channel verifies the integrity of the quantum channel. How are we assured of the integrity of the classical channel? We're back to the same weak point we had in the first place: the integrity of a classical channel. If that's insecure, then there's no hope of being assured that both quantum and classical channels aren't being created by Eve. Unless I'm missing something, but it hasn't been pointed out to me yet.
  Your one-time pad distribution problem comes down to the same thing. Every practical implementation of quantum transmission lines relies on a classical transmission line in some way.
4. Re:sigh, the "quantum" buzzword by FuckingNickName · 2010-04-19 22:32 · Score: 4, Insightful
  
  (1) Neither of your scenarios covers the case where both the quantum and the secondary channel are created by Eve, not just the secondary channel;
  (2) How is the relationship between quantum and classical channels informed to Bob by Alice?
  (3) If your solution is to transport a one time pad at some earlier point "by some other means", then you're copping out twice over, as now we need another classical channel to transmit one time pads long enough for message exchanges.
Still purely academic by gweihir · 2010-04-19 22:49 · Score: 4, Interesting

And will remain so. Key exchange is not the issue. The issue is the symmetric encryption used afterwards (and that is present with quantum key exchange as well). Even if you disregard that, Quantum key Exchange will never be economically or security wise superior to existing solutions.
If you spend what this quantum BS costs on distributing one-time pads, you are a) provable secure b) need no new infrastructure and network links c) have no problems with routing (Quantum key exchange can only be routed optically and only for a limited distance, signal amplification is not possible) and d) spend a lot less money.
This comparison is unfair, you say, because one-time pads for n participants have size n*n? Unfortunately that is what you likely will end up for the infrastructure for Quantum Key Exchange as well, unless you have a very low number of participants. In that case the one-time pad becomes very cheap too.
Let me give you an example:
Say, we have 10 participants. Say we need 100'000 keys a day. Say a key has 256 bit, i.e. 32 bytes. A single DVD-ROM of random bits can then last for about 4 years. Generating 5GB of high-quality randomness can be done relatively cheaply, I would estimate that a generator using junction-noise can be built that gives you about 50kB/sec of random bits for less than $5000 (32 junction generators at $100 each, one 32 bit digital I/O card, one standard PC. My prototype for a junction generator is about $2 in parts, but has no shielding or filtering). That one takes a bit more than a day for the DVD. Say $10'000 overall, including labor. Then you have costs of couriering the DVDs to the destination. Say something like $100'000 per year. For a larger net, say 100 participants, use 1TB HDDs for 31 years at 1'000'000 keys/day. Or 3 years at 10'000'000 keys/day for 1000 participants.
While this is simplified, the numbers are realistic. They are several orders or magnitude cheaper than any quantum solution. Do not forget that this quantum stuff only works with people you know and that have the right (expensive) hardware already installed and are on a direct optical or optically routed link with you that is below a certain length.
And here is the killer: There are working key exchange solutions that can be made far more secure than the symmetrical encryption and that do not need any change to the network infrastructure at all. In addition, they do not have the risk that the physical theory (and it is just a theory, not fact) has a slight error that then leaks key material.
In short: This technology makes no sense whatsoever form a security or economic point of view and very likely never will.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Encryption will only do so much by itsdapead · 2010-04-20 00:10 · Score: 4, Insightful

(1) Neither of your scenarios covers the case where both the quantum and the secondary channel are created by Eve, not just the secondary channel;
In other news, no encryption system, even some hypothetical mathematically perfect cypher, will guarantee that Bob is not actually Eve with a pair of socks stuffed down her jeans. No encryption system will tell Alice that Bob really is Bob. No encryption system will warn Alice that Bob is shagging Eve and talks in his sleep. No encryption system will warn you that Eve has tampered with your hardware. No encryption system will magically turn Alice and Bob into experienced cryptographers who will spot tampering.
Of course, you can use encryption to set up something like a trust network to validate identity, but at some point in the chain a human being has to positively identify Bob and Alice and hand them their "credentials". Likewise, no encryption system can be secure against arbitrarily sophisticated hardware/software tampering.
When you have a sexy cypher which the math says is uncrackable its easy to forget that the math depends on a whole raft of assumptions and assertions.

--
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
1. Re:Encryption will only do so much by dissy · 2010-04-20 05:00 · Score: 2, Insightful
  
  Very well said.
  The main confusion that could so easily be avoided, is that when using the ABC names of Alice Bob and Carl (+ Dave and Eve if needed), people speak as if these are people, when they should out right and explicitly state those are the names of the key pairs.
  Once you realize the encryption only exists between named key-pairs, there shouldn't be confusion as to whom can send/read what.
  If I use my Bob key pair to encrypt a message for Alice, I can actually be pretty sure that only the Alice key pair can read my message.
  Now, as to what person has the Alice key pair, if it is indeed the person Alice or not, is not something public key cryptology even addresses.
  Once that little incorrect link is removed (A key-pair is not a person), the rest falls into place.
Re:Isn't this a waste of time? by Joce640k · 2010-04-20 02:53 · Score: 3, Interesting

There's no reason to believe a brute force attack on AES128 will ever succeed.

--
No sig today...