Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quantum Cryptography Conquers Noise Problem

Posted by Soulskill on from the to-the-victor-go-the-quantum-spoils dept.

ananyo writes "Quantum-encryption systems that encode signals into a series of single photons have so far been unable to piggyback on existing telecommunications lines because they don't stand out from the millions of others in an optical fiber. But now, physicists using a technique for detecting dim light signals have transmitted a quantum key along 90 kilometers of noisy optical fiber. The feat could see quantum cryptography finally enter the mainstream. The researchers developed a detector that picks out photons only if they strike it at a precise instant, calculated on the basis of when the encoded photons were sent. The team's 'self-differentiating' detector activates for 100 picoseconds, every nanosecond. The weak charge triggered by a photon strike in this short interval would not normally stand out, but the detector measures the difference between the signal recorded during one operational cycle and the signal from the preceding cycle — when no matching photon was likely to be detected. This cancels out the background hum. Using this device, the team has transmitted a quantum key along a 90-kilometer fiber, which also carried noisy data at 1 billion bits per second in both directions — a rate typical of a telecommunications fiber."

79 comments

  1. Great news! by gagol · · Score: 2

    Where can I get buy my personal quantum crypto kit?

    --
    Tomorrow is another day...
    1. Re:Great news! by Bryansix · · Score: 1

      Seriously, I have no idea of the actual application of this technology.

    2. Re:Great news! by ark1 · · Score: 2

      Clavis

    3. Re:Great news! by angelbar · · Score: 1

      ooh My (possible) God. I home that you isn't one of the involved physicists. :)

      --
      -no sig today-
    4. Re:Great news! by noobermin · · Score: 1

      From The Fucking Article:

      You cannot measure a quantum system without noticeably disrupting it. That means that two people can encode an encryption key — for bank transfers, for instance — into a series of photons and share it, safe in the knowledge that any eavesdropper will trip the system’s alarms.

    5. Re:Great news! by Trax3001BBS · · Score: 1

      Seriously, I have no idea of the actual application of this technology.

      Unbreakable copy protection, DRM.

    6. Re:Great news! by kaws · · Score: 1

      Not sure if being sarcastic but... this technology wouldn't be able to be applied to DRM at all. This is just for communication between two machines.

    7. Re:Great news! by gweihir · · Score: 1

      There are none. Unless you want something far, far worse than existing technology in terms of capabilities, cost and reliability. I do not think this stuff will ever become mature, but if it does, expect it to take > 100 years from now. This is just scientists lying in order to get funding, there are no in any way relevant breakthroughs and there have been none since this started. And the physics used is also shaky, unlike moder cryptography which relies on mathematics that is solid.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    8. Re:Great news! by Anonymous Coward · · Score: 1

      moder cryptography which relies on mathematics that is solid.

      And except for the use of one time pads, modern cryptography methods can not be proven to be secure in the sense that there are not proofs of the nonexistence of fast cracking algorithms. They are all pretty much based on the idea that it should be hard to determine keys, etc. based on spending several years trying to come up with a way to break it, but don't exclude the possibility of someone developing a new attack down the line in any way.

      If implemented correctly, quantum encryption would only be broken under a few possibilities: quantum mechanics is wrong, researches did math wrong, or it was implemented incorrectly. The second two are both quite possible with traditional encryption methods. The first one has been well tested and would be quite a big deal if it comes up, with broken encryption being only a minor consequence (on par with discovering there are fast polynomial time algorithms for certain actions, or assuming NP is not P, etc.). The only big problem has been the last one, with broken schemes involving bad implementation in an effort to deal with noise... which would be counteracted by research like what is being presented here.

    9. Re:Great news! by Anonymous Coward · · Score: 0

      Excuse me, I noticed that you made reference to the possibility of the existence of God. I would like to remind you that this is slashdot and we aren't going to tolerate that shit here*.

      .

      * Unless by God you mean the Muslim, Jewish, Hindu variety; then its ok.

    10. Re:Great news! by gweihir · · Score: 1

      Ok, admitted, even the DLP has not proven to be hard except under unrealistic assumptions.

      Block ciphers are also a risk, but then when you do quantum-key-exchange, the next thing you do is communicated protected by a block-cipher with the exchanged key, so that is irrelevant. Because quantum-key-exchange is very, very slow, there is really no way around that. So you have to use classical crypto anyways and quantum key-exchange is just one more component that can fail.

      There is also the problem, that classical crypto is weakly sensitive to implementation errors and the risks are well understood (well, by people that get it, all the classical mistakes are still being made), while quantum key-exchange is strongly sensitive to implementation errors, because the theory was never indented to generate the security analyses needed for a crypto system, because strongly analog devices are always prone to have item deviations and because there is far, far less experience with them. And I maintain, quantum theory would not fall over when there were ways to occasionally get a the exchanged bits. That would already break the scheme.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    11. Re:Great news! by Anonymous Coward · · Score: 0

      expect it to take > 100 years from now.
      2004 - The first commercial quantum cryptography system
        becomes available from id Quantique.
      see: Timeline of cryptography
      http://en.wikipedia.org/wiki/Timeline_of_cryptography/

  2. 20/20 transmission by Anonymous Coward · · Score: 0

    In order to send something, the receiver must know when the packet will be sent.

    1. Re:20/20 transmission by Anonymous Coward · · Score: 0

      So what if it works. Most of the tech that works is a worthless kludge anyways.

    2. Re:20/20 transmission by avandesande · · Score: 4, Insightful

      Send a handshake message used to calculate transit time, and then another to specify when the next packet will be sent, or at what intervals. If it fails redo the handshake.

      --
      love is just extroverted narcissism
    3. Re:20/20 transmission by K.+S.+Kyosuke · · Score: 0

      So you have to first...securely communicate, before you can securely communicate? How does that work? :-)

      --
      Ezekiel 23:20
    4. Re:20/20 transmission by Anonymous Coward · · Score: 0

      How do you connect to the internet...

    5. Re:20/20 transmission by JonySuede · · Score: 1

      no, the safe way would be to synchronized something like a good atomic clock in person, transmit periodically the the drift and sometime a key or a ping using the low energy hidden in plain sight technique

      --
      Jehovah be praised, Oracle was not selected
    6. Re:20/20 transmission by Time_Ngler · · Score: 1

      Why would the handshake need to be encrypted?

    7. Re:20/20 transmission by Anonymous Coward · · Score: 1

      Why would the handshake need to be encrypted?

      You need to securely communicate the handshake, because otherwise the eavesdropper can intercept that message, and increase the transit time to a point long enough that they then will be able to perform a man in the middle attack on the following quantum key distribution packets.

    8. Re:20/20 transmission by somersault · · Score: 1

      If you're going to have to be together in person anyway, why not just generate/swap keys then..?

      --
      which is totally what she said
    9. Re:20/20 transmission by JonySuede · · Score: 1

      Because you want the key to be destroyed in case of eavesdrop. Suppose you swap a 64Gb one time pad with me, what assurance do you have that I did not copy the file to Alice ?

      --
      Jehovah be praised, Oracle was not selected
  3. Hacking fun by MakersDirector · · Score: 1

    Next thing you know, they'll invent something that will bend light. Oh wait. They already have! It's called a Prism! And next thing you know... hackers will be 'hacking' light by bending it use natural magenetic forces. And cracking that unsafe light transmission, because we all know, light is NOT faster than electrcity....

    1. Re:Hacking fun by kubernet3s · · Score: 1

      Are you being sarcastic, trolling, or on drugs? I can't tell, you see, because of my internet Asperger's

    2. Re:Hacking fun by Anonymous Coward · · Score: 1

      . hackers will be 'hacking' light by bending it use natural magenetic forces

      Natural or unnatural in origin, magnetic fields don't bend light by themselves (some materials will affect light in ways that can be changed by a magnetic field... but in that case you could just use regular optics if you just want to bend). There is an exception due to QED... but requires magnetic fields orders of magnitudes higher than anything on Earth, only works on gamma rays because it gets weaker for longer wavelengths, and scatters instead of bends.

    3. Re:Hacking fun by MakersDirector · · Score: 0

      Now a photon can be manipulated by electrons, but the other way around simply cannot happen....

      Psychologically, this process is known as sublimation, the concept of 'transforming' socially unacceptable principles into socially acceptable ones, particularly focused on the long term... Effectively, that's what they're doing here.. manipulating a brain.

      Why is that? well, put it this way.. since electrons are essentially electricity, and light is the physical manifestation of that 'impulse' in image, then the most effective way of 'thought' control. or 'network manipulation' comes if you convert it's system over to a light based design - transferring images and ideas rather than electricity and data.

      This mirrors exactly what the brain's doing. We dont think in binary. We think in what? Images, ideas, and concepts... Now if you don't, then you and I clearly think differently.

      This presents a problem. Manipulation by externalized sources becomes a major issue if you're not taking into account we're mirroring biological processes in an endless lopp. Building a brain within a brain within a brain (and so on). Since light (aka the photon) can be manipulated via magnetism and thus electricity, then the content of that message can be changed.

      Mind control, at the atomic level, is being demonstrated to us, but this technology.

      I was merely trying to point out the ludicrous cyclic behavior being exhibited with technology. It's like you and people like you arent understanding we're repeating history again and again. Next thing you know, we're going to invent a Matrix. Again. And have robot wars. Again. And prove digital world exists because of quantum physics. again. and so on....

      Try taking a look at movies as far fetched as they may seem... and apply this to present quantum physics concept. Now IMAGINE.. What is NOT possible in a holographic universe with alternate realities? Not a lot is NOT possible, so it becomes our job to help ease life into a new community oriented - crazy - evolved family. Some of us may be control freaks, some of us may have evolved to be part man part machine, some may be robotic, some may be clones, some may be who knows what.. But we're not going to get through this without acknolwedging we may be finding out Bigfoot exists and we gotta smile and welcome them into a new community. Be careful on calling people crazy. Because historically, it's the crazy ones who have made history. repeatedly. And just consider. If it can be in a game, then why can't it be in reality? Quantum worlds, bud.

      Am I making sense to you, this is called the slinky theory.. We do the same thing over and over again cyclically until you extend this out as far as the slinky goes. then someone walks away from the other end of the slinky, and wham, the slinky falls, misshapen, uncoiled, and on the ground with the other person holding the other end of it going 'what just happened'?

      So no, i wasn't being sarcastic, mister happy. I was being straight up. You dont have to be such a jerk when someone's trying to make a point and be a little lighthearted about it.

      It's basic physics.

      And I'm not holding the other end of that slinky anymore.

    4. Re:Hacking fun by Anonymous Coward · · Score: 0

      Now a photon can be manipulated by electrons, but the other way around simply cannot happen....

      You obviously haven't heard of the photoelectric effect.

    5. Re:Hacking fun by kaws · · Score: 1

      The idea behind this is that the information is stored in a quantum state and any attempt to read (observe) the data breaks the quantum state. If someone were trying to do any intercepting then they would end up garbling the data on the other end thus tripping an alarm that something is wrong. In other words, this is really exciting because right now, there's no way to secretly intercept a quantum communication.

    6. Re:Hacking fun by MakersDirector · · Score: 1

      Not unless the matter is converted to energy and back again.

    7. Re:Hacking fun by MakersDirector · · Score: 0

      I have. I'm going to suggest the effect is merely a misunderstanding of nature. Meaning, Scientists have classified an inverse relationship (aka circular reference) of light to energy without understanding the implications of two things Einstein had embedded in his equation The basic notation of Einstein's equation E=mc^2... Now this notation should make it clear: Et= m*( C * t ) ^ 2 Where Energy (over period of time t) in a system Is equal to the mass of an object * ( ( the speed of light * the amount of time the measurement's occurring ) ^ 2 ) So do you see the logical error made when you try to manipulate an electron using the photo electric effect? If you don't take time into equation, then you've effectively tried lumping all the energy of a system together into one moment in time. However, we know that's not the case, since the speed of light is PER SECOND... so in order for us to even out the equation, we add in time t to the speed of light... So now try moving an electron using a quasi massless object known as the speed of light, using the photoelectric effect. Now imagine how much error will be accumulated in a single day (24*60*60)... the impact the mass of the photon has on the entire system, and the impact time has - become exponential in their inducing of error... The causal effect is simple: Light's mass. when you manipulate it with electricity or magnetism, then you see a direct correlative effect. The inverse is NOT true, that's my suggestion. Hence the 'chasing the speed of light' and lack of ability to agree on a system of measurement. It was first theorized at 186,000 miles per second. That's since changed, and it changes every five years. why? Because we're MAKING up the constants of the Universe, and the 'source code' (Check out this video: http://www.youtube.com/watch?feature=player_embedded&v=q1LCVknKUJ4 ) simply responds by deviating as per popular consensus. You see, Reality is nothing more than a contract of expected behavior. Which is why the photoelectric effect is bogus. Furthermore, the PE assumes a static speed of light. Which clearly, it hasnt been even in our short history of measurement. So if you want unpredictable results, try manipulating an electron with the photoelectric effect. What you'll find is an error - albeit remote - that has the effect not producing 100% of the expected results.

    8. Re:Hacking fun by kubernet3s · · Score: 1

      As a researcher in quantum mechanics, I can attest to the fact that everything you have said so far is either patently false, or has no basis in physical reality. You are confusing the photoelectric effect (a statement about the wave/particle duality of light due to the deBroglie relation) with an equation due to general relativity (a statement of the equivalence of mass and energy), which you state incorrectly (reducing your equation written as Et=mc^2*t^2 yields E=mct, which is false). The considerations of the time dependence of quantum mechanics are well understood, and do not involve "lumping energy" into a single point in time. The speed of light is not a time dependent quantity, nor does it imply that measurements cannot be taken instantaneous (see calculus, definition of the derivatice) and does not require "symmetrizing" in the form of multiplication by tim (which yields a distance, not an energy). It arises from differential equations describing the propagation of a wave through space, and changes in it result from increasing accuracy of experimental data (measurements of permittivity and permeability of free space, both quantities which are well defined for static and quasistatic phenomena). The equations relating these data to the speed of light are close to a century and a half old and have been valid for that entire period.

      Finally, the interaction of photons with electrons is well documented: it is the physical basis for the absorption of visible light. If you have some other explanation, me and my colleagues would be very interested to hear it.

    9. Re:Hacking fun by kubernet3s · · Score: 1

      Also, if this is a troll it's a really good one, and you win, and you can stop now.

    10. Re:Hacking fun by MakersDirector · · Score: 0

      I understand what you're saying, and I'm a novice at Physics (I failed it 3x!), and chose to stray away from Embedded System Computer Programming to Application Level Development. It was more fun, anyways.

      So please bear with me, as I come to understand, and I appreciate you clarifying things.

      To clarify though:

      E (enery in newtons) = mass (independent measure that relates volume and weight) * ( The speed of light, per second, in a vacuum ) ^ 2

      So while the equation in it's base form does not directly have time, the equation doesnt just imply: it specifically states the speed of light, per second, is squared.

      Now if we're going to apply the Law of conservation of energy to this equation, I completely understand the need to remove time out of the equation. But Einstein, clearly stated the speed of light is per second.

      So - again, I'm a novice at this stuff (I applied to law school if it's any indication how analytical I can be)... So here's how I'm analogizing it:

      Let's say mom and dad have little baby Genius. Genius gets into a relationship with Smart woman who puts up with his eccentricities, and has children of his own...

      Entropy would suggest families always ONLY grow smaller. But we've all heard the story of the black lady from Louisiana with 8 kids. This would suggest, even with families, that entropy is a guideline, but not applicable as a law. What is the mitigating factor? TIME.

      So let's go back to Einstein's equation.
      E=MC^2, is the amount of energy a system produces over an observable period of time.

      So let me ask you this. Do you believe in the big bang? That's why Einstein included time implicitly in this equation. Do the math. The energy created in the first microseconds of the big bang are tremendous, the longer the system continues though, the more the energy creation resembles the sideways bell we see today..
      That's why I applied the t to both sides to the equation, which was my error, I'm seeing that now. The equation should look like this: E=m* (ct)^2

      That way time is independent and not cross related.

      But I'm still under the impression the problem would still exist with the photoelectric effect. The longer the time period under observation, the more error induced..

      Also, the more realities/dimensions we're measuring energy in (to the second power is only two, right?), the more our error becomes..

      Now again, I'm a total novice at all this stuff.

      But dont make the mistake I've made. Just because it's working for 50 years, we both know that in the bigger scheme of things, that's the blink of an eye. Also, with time being non linear, all it takes is a savvy hacker to make changes in the past that make it appear like it's been.. 'time tested'....

      I was released from the NSA last year after 7 1/2 years working for them.. Much of this technology was discussed, often way over my head, so this is 'private sector' catch up work I'm trying to understand, it would be nice to have more 'inspirational stories' that result from science and technology rather than people constantly trying to 'break things' or prove others wrong to prove themselves right. In the quantum world we live in, all it takes is a little imagination to make everything possible...

      Send a private message to me, if you're patient enough to put up with my ignorant physics education! I apologize and thank you for your clarification...

    11. Re:Hacking fun by MakersDirector · · Score: 0

      I dont know if it's possible to send private messages on this site, but my name is universalbri on this account at gee mail.

      I've had no one to talk to this about, and if you dont want to 'educate' a neophyte, I fully understand. Bear with me, I'm new to all this!

    12. Re:Hacking fun by MakersDirector · · Score: 0

      And no, Not a troll. I do find that a tad offensive, but that's ok, I admit I probably come across pretty ignorant on this subject.

    13. Re:Hacking fun by Anonymous Coward · · Score: 0

      Troll.

    14. Re:Hacking fun by Anonymous Coward · · Score: 0

      Troll. Virtually every sentence contains a deliberate error, just waiting for a sucker to bite on.

    15. Re:Hacking fun by MakersDirector · · Score: 0

      lol. you are quite the drama queen, arent you

    16. Re:Hacking fun by kaws · · Score: 1

      ANy attempts to read it would disrupt the quantum entanglement. This has nothing to do with matter in fact, it's mostly light. Now if you were trying for sarcasm, sorry I missed it.

    17. Re:Hacking fun by MakersDirector · · Score: 0

      Two ways to do it:

      1) If you control Physics and the speed of light, which is merely an 'object' designed in a virtual environment that has an associated speed constant, then there's one method to 'crack it', you simply pick up the data content as it's being transmitted, and 'toggle' your flags accordingly to make everyone think it wasn't read.

      2) If you use magnetism in a physical world, and dont have direct access to the universal constants, then who's to say you can't make a carbon copy of the entangled atom, quantum theory supports this, then you can still BEND it out of the way, and easily perform a man in the middle attack. Remember, a photon is contained in energy, which basically says if you have access to the energy around it, then you're naive to believe one couldnt simply exhange, read, break and resubmit...

      Entanglement being better at encryption? Sorry dude, if you have access to the energy in electric form, and the information tagged to the photon (it is a wavelength after all), then light serves as a vulnerability, not a security measure.

      Go smoke your crack pipe, apparently you need a bit more to figure this shit out.

  4. Not Typical Telecom by Anonymous Coward · · Score: 2, Informative

    "transmitted a quantum key along a 90-kilometer fiber, which also carried noisy data at 1 billion bits per second in both directions — a rate typical of a telecommunications fiber."

    Telecommunications fiber with a 90km (~50mi.) length would be considered backbone. Typically two fibers are used to send signal in both directions. Single fiber applications require different frequencies of light to both TX & RX. This single fiber application is only used in metro FTTX/GPON situations - never in backbone as the frequency splitting equipment adds relatively high amounts of loss to your signal, impacting how far you can go without regeneration.

    1. Re:Not Typical Telecom by noobermin · · Score: 1

      This is still a leap over the previous possibility, on the "expensive 'dark fibers'"...I think that was tfa's point. And the emphasis might have been the rate, not the specific setup. I don't think they are claiming the prototype is market ready...

    2. Re:Not Typical Telecom by Anonymous Coward · · Score: 0

      Where does the high losses come from in the frequency splitting equipment? I can get off the shelf dichroic beamsplitters with >98% efficiency for both colors in a two color setup. It works fine for quantum experiments on the bench.

  5. The solution to the noise problem by Anonymous Coward · · Score: 0

    ...is to get out of your seat, walk across the room and CLOSE THE DARN DOOR like you should have done in the first place..

  6. Not news for political science majors. by noobermin · · Score: 0

    Why is this shit on my slashdot?

    Also notice, 13 comments while the other political junk averages >100.

    1. Re:Not news for political science majors. by Anonymous Coward · · Score: 0

      The political junk has more junk comments.

  7. How to use quantum key exchange? by timeOday · · Score: 1

    My understanding is this would allow you to send bits ensured that nobody else had seen them. But every router / repeater must do exactly that, to send them on the next hop. So really, this is just for when you believe you have one continuous fiber strand and want to make sure... correct? If so it does not allow individuals to communicate securely over the Internet, since there is no un-interrupted strand connecting the endpoints. For a truly private network, like connecting missile launch sites to a command center, or helping a domestic telco ensure its undersea hops aren't being spied on by a foreign power between repeaters, then I can see the utility.

    1. Re:How to use quantum key exchange? by gweihir · · Score: 1

      Not quite. But basically, you can only do optical switched circuits (no packed networks), and you cannot do amplification. Switched circuits are a failed technology, just look at ATM. And you still need a second network for the actual data transfer.

      That makes this thing completely useless in practice, except for dedicated, short links. But for them you can use pre-shared key to get the same level of security, or even higher, as this quantum stuff has already been broken numerous times. And 1:1 link can be put over the public Internet in the form of a VPN. For the quantum nonsense, you have to lay new fiber.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:How to use quantum key exchange? by TheRealHocusLocus · · Score: 1

      The problem with so-called quantum crypto -- and I applaud slashdot calling it out, there is no crypto involved -- is it's not even a new deal for telecommunications, because we already have a demonstrably secure method: crypto.

      So it's all about laziness, the unwillingness to engage in the practice of secret key management. If your target market is comprised of folks who are unable or unwilling to manage their own security and want some black box to do it for them... well are we not approaching Dilbert-esque territory...?

      --
      <blink>down the rabbit hole</blink>
    3. Re:How to use quantum key exchange? by DMUTPeregrine · · Score: 1

      Quantum Cryptography is an outdated term, it should be called Quantum Key Distribution. It's essentially Diffie-Hellman without the possibility of a Man In The Middle attack going unnoticed.

      Sometimes you'll want to generate a new secret key, and not have the opportunity to physically travel to the same location as the other party. If you've already got an uninterrupted optical fiber and the QKD equipment you can generate new secret keys on demand. It's not likely to be practical for general use anytime soon, but there may be practical applications for a military or similar organization.

      --
      Not a sentence!
  8. Why is it called quantum "cryptography"? by Myria · · Score: 2

    Shouldn't it be more like, quantum tamper detection? It's just using one-time pad in such a way that the pad's transmission getting intercepted will trigger the tamper detection mechanism.

    --
    "Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
    1. Re:Why is it called quantum "cryptography"? by gweihir · · Score: 2, Insightful

      Pure marketing BS. It is "quantum modulation", no cryptography involved at all. At it is completely irrelevant anyways. The people doing this have to outright lie to get continued funding.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:Why is it called quantum "cryptography"? by Anonymous Coward · · Score: 0

      The correct title for the protocol in question is "Quantum Key Distribution" (QKD). "Quantum Cryptography" is a catch-all for cryptography that utilizes quantum techniques (QKD), and is usually used in lay articles because more people recognize what cryptography means, as opposed to the more obscure "key distribution".

  9. Variation on time division multiplexing by Mostly+a+lurker · · Score: 2

    While the hardware challenges are undoubtedly substantial, the basic idea is just a variation on time division multiplexing, which has been extensively used since the days of the telegraph, well before 1900. If this receives a patent, I hope it is for some hardware advance and not just because of the sharing of the fibre.

  10. Still completely irrelevant by gweihir · · Score: 3, Insightful

    There are numerous problems:
    1. You need _optical_ switches, i.e. switched circuits. That approach failed a long time ago. Anybody remember ATM?
    2. 90km is nothing. Amplification is impossible, so unless they reach 10'000km, this is completely irrelevant.
    3. Nobody needs it. Cryptography does fine. (No, this is at best "quantum modulation", no crypto involved.) If you are paranoid, use OTPs. They are far, far cheaper, far, far more reliable and completely compatible with existing networks.
    4. Remember, this is only key exchange, not actual data transmission. As such it is pretty useless, as you still need to rely on cryptography for the message transfer.
    5. The security guarantees are far, far weaker than people are made to believe. Just look at the history of successful compromises.
    6. Not even the physics may work out. Quantum theory is a _theory_, not established fact.

    Another worthless stunt.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:Still completely irrelevant by Anonymous Coward · · Score: 0

      3. Nobody needs it. Cryptography does fine. (No, this is at best "quantum modulation", no crypto involved.) If you are paranoid, use OTPs. They are far, far cheaper, far, far more reliable and completely compatible with existing networks.

      What if quantum computing becomes reality and everyone starts fanatical factorization of RSA keys using shor's algorithm? "Cryptography does fine" is utter nonsense, since almost every fixed-key length encryption scheme relies on the belief that 'current computing power isn't adequate to solve this problem in reasonable time..'. Remember DES? and on OTP, the key exchange and randomised key generations are still problems, like every other encryption scheme.

      6. Not even the physics may work out. Quantum theory is a _theory_, not established fact.

      Another worthless stunt.

      Quantum theory not being established fact? well, it is only a theory, but it is as established as your mommy is.

      captcha : increase

    2. Re:Still completely irrelevant by sFurbo · · Score: 2

      You might be right on the first 5, but your number 6 is misleading. If quantum mechanics was not a correct description of the world, the computer you used to write your message on would not work. Quantum mechanics is one of the most successful theories ever. Oh, and theory does not mean what you think it means (at least when scientists use the word).

    3. Re:Still completely irrelevant by Anonymous Coward · · Score: 0

      I think he means that quantum mechanics could be replaced by something that is compatible with every known physical behavior, except the part where quantum mechanics says "you can't do X", where X is the thing that unbreakable quantum cryptography depends on. The new theory would allow X, and maybe even show how to do it.

    4. Re:Still completely irrelevant by Anonymous Coward · · Score: 0

      Spoken like someone who doesn't know what they're talking about.

      1) Yes, it's hop by hop up to 90km, but securing the ends of a 90km fibre is much easier than securing the whole fibre, and you can make a network of these if you require greater reach. ATM wasn't optical switching either, it was cell based.
      2) 90km is fine, as per the above. Many fibre based transport systems require regeneration every 100-150km inside a physically secured facility anyway.
      3) This has many advantages, in that it's a completely secure way of exchanging keys in real time. If you can't see the advantage of this, perhaps you should stop commenting on crypto stories.
      4) Yes, so it's not useless then is it?
      5) Compromises of quantum cryptography? [citation needed]
      6) Are you one of those people that also dispute evolution because it's just a theory?

    5. Re:Still completely irrelevant by jouassou · · Score: 3

      What physicists call a theory is basically what laymen call a fact; it's a hypothesis that people have tested empirically over and over again, without falsifying it. Quantum mechanics is one of the most tested theories we've got, so if that's not "established fact", I'm not sure what is. It's true that quantum mechanics and general relativity aren't really compatible, so physics is not "complete" yet; but quantum mechanics does accurately describe systems where gravitation is irrelevant.

      If you're still doubting that quantum mechanics can have real-world applications, here are some inventions that were based on quantum mechanics, from the top of my head: lasers, transistors and scanning tunneling microscopes. In addition, many other phenomena (chemistry, radioactive decay, degeneracy pressure, photoelectric effect, etc.) weren't really understood before quantum mechanics.

    6. Re:Still completely irrelevant by Anonymous Coward · · Score: 0

      There are numerous problems:
      1. You need _optical_ switches, i.e. switched circuits. That approach failed a long time ago. Anybody remember ATM?

      Hm..., what does ATM have to do with this? ATM is actually in widespread use.

      2. 90km is nothing. Amplification is impossible, so unless they reach 10'000km, this is completely irrelevant.

      There are applications for that radius. This is pioneering work and would be expected to make further progress.

      3. Nobody needs it. Cryptography does fine. (No, this is at best "quantum modulation", no crypto involved.) If you are paranoid, use OTPs. They are far, far cheaper, far, far more reliable and completely compatible with existing networks.

      I guess you mean one-time-passwords. They solve different problems, so again, I do not see your point.

      4. Remember, this is only key exchange, not actual data transmission. As such it is pretty useless, as you still need to rely on cryptography for the message transfer.

      Just solving the most crucial problem. Quantum encrypting the whole traffic is of course possible just costly. This is a proposal for a cost-efficient yet secure procedure.

      5. The security guarantees are far, far weaker than people are made to believe. Just look at the history of successful compromises.

      I cannot comment on that really (TL;DR). However, what compromises in the quantum-realm are you referring to?

      6. Not even the physics may work out. Quantum theory is a _theory_, not established fact

      Would you mind to define that? I smell ignorance about many fundamental scientific concepts here. Arguably, quantum physics seems to be established on firmer ground than classical mechanics on account of its broader explanatory power.

      Another worthless stunt.

      Another worthless rant.

    7. Re:Still completely irrelevant by Anonymous Coward · · Score: 0

      6. Not even the physics may work out. Quantum theory is a _theory_, not established fact.

      There are only categorical "facts" in religion. In science we have theories that fit experimental data. Quantum theory fits data very well.

    8. Re:Still completely irrelevant by micahraleigh · · Score: 0

      Didn't some people just win the Nobel prize because they used a laser to "peek" at entangled particles without affecting them?

      Wouldn't that defeat the whole purpose here?

    9. Re:Still completely irrelevant by gweihir · · Score: 1

      It is not that simple. Some tiny variations could leave quantum theory intact, but completely break "quantum modulation". This is crypto. Some information leakage can easily invalidate it, even if it only happens under exotic conditions. In that case, everything works for most of the world, but an attacker can create said exotic conditions.

      I do indeed know what "theory" means here, namely well established model (not an exact description of reality) which still has flaws and inaccuracies. For the use in key-exchange, neither flaws nor inaccuracies are acceptable, as they can easily break the system. For most other uses that is not a problem, and the theory will work fine. There is one exception: If the areas of possible flaws and inaccuracies have been carefully examined whether they can break quantum-based key exchange, only then may it actually be secure. This has not been done in any meaningful way for quantum theory.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    10. Re:Still completely irrelevant by gweihir · · Score: 1

      I am a scientist. I know that. The problem is that even a well-established physical "theory" is only a model and can have tiny errors and inaccuracies. For use in key-exchange, these can easily be disastrous, while leaving most/all other uses intact. Also, for the case of quantum theory, the model is not complete. Simply following the press is already enough to see that. Maybe we will have a GUT one day and it will be accurate. That we do not indicates that even quantum theory is flawed, possibly only in subtle ways.

      A physical theory is always an approximation, unlike a mathematical theory. For cryptographic uses you need more than an approximation, as tiny things can break it.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    11. Re:Still completely irrelevant by gweihir · · Score: 1

      Indeed. And this type of tiny inaccuracies can (and has in the past) completely break any cryptographic use.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    12. Re:Still completely irrelevant by gweihir · · Score: 1

      1) You cannot have hops. For this to be secure it has to be done end-to-end, there is no other way. The exact same photon sent by the sender _must_ reach the reciever for any of the security properties to hold.
      2) 90km is worthless. You _cannot_ regenerate quantum signals. If you could, they would be completely insecure.
      3) It is not even somewhat secure at this time and several implementation have already been broken.
      4) If you need to rely in conventional crypto anyways, do the key exchange with that, and have only one attack surface instead of two.
      5) Look for yourself, you lazy slob. Google ("quantum encryotion broken") has several different breaks right on the first result page.
      6.) We are talking about physical theory here and a completely inappropriate use. Quantum Theory is mostly correct and accurate, but does not reach the precision needed for cryptographic use. Things like side-channels, exotic conditions, etc. all break crypto, but not Quantum Theory. Also Quantum Theory is incomplete.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    13. Re:Still completely irrelevant by gweihir · · Score: 1

      3. Just make the keys longer or use ElGamal. Crypto _is_ fine. And you are mixing apples and oranges. For block-ciphers, quantum computing (if it ever works for any meaningful input sizes, which is doubtful), gives you a square root. That means AES-256 goes down to AES-128 which is still secure. Not a problem at all.

      6. Wrong. It is not established fact for the precision and completeness needed for crypto use. Some tiny errors and variations are all it takes to completely break the key-exchange use, but leave Quantum Theory essentially intact.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    14. Re:Still completely irrelevant by gweihir · · Score: 1

      Not well enough for cryptographic use. For most uses, if it holds up in 1000 (or 1'000'000) experiments and fails in one ("measurement error"?) it is fine. For crypto, you need far better accuracy.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  11. Please help this simpleton ... by Taco+Cowboy · · Score: 1

    I gotta admit that I'm not familiar with photonic quantum cryptography.

    As far as I know, photonics means light, and light does reflect - and could even possibly be diverted (from one beam and splits it into two)

    Can the MIM (man in the middle) spit a beam into two, letting the "original" beam to travel to whoever the recipient while working on the "branch"?

    Would that approach cause a "noticeable disruption"?

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:Please help this simpleton ... by sFurbo · · Score: 1

      Light consists of photons. In the limit of a one-photon signal, you cannot split it. Even with a handful of photons, splitting it is hard. I don't know how few photons they use in commercial quantum cryptography, but it is quite few.

    2. Re:Please help this simpleton ... by craigminah · · Score: 1

      Are you referring to light as a wave or as a particle?

    3. Re:Please help this simpleton ... by Anonymous Coward · · Score: 0

      Are you referring to light as a wave or as a particle?
      Yes, see :Schrodinger's cat
      http://en.wikipedia.org/wiki/Schr%C3%B6dinger's_cat/
      Then : A photon is an elementary particle, the quantum of light
      http://en.wikipedia.org/wiki/Photon/
      Quantum mechanics:
      http://en.wikipedia.org/wiki/Quantum_mechanics/
      Quantum cryptography
      http://en.wikipedia.org/wiki/Quantum_cryptography/
      Enjoy ;)

    4. Re:Please help this simpleton ... by Anonymous Coward · · Score: 0

      Opps missed one sorry
      See :Double-slit experiment
      http://en.wikipedia.org/wiki/Double-slit_experiment/

  12. Not quite by Anonymous Coward · · Score: 0

    If you read the paper (which you can do even as a computer scientist like me), you'll note that they didn't use time- but frequency division. The hardware challenge was how to deal with noise from that regular data spectrum. While an impressive solution by itself, I'm more worried about this part of the abstract of their paper:

    Quantum key distribution (QKD) uniquely allows the distribution of cryptographic keys with security verified by quantum mechanical limits. Both protocol execution and subsequent applications require the assistance of classical data communication channels. While using separate fibers is one option, it is economically more viable if data and quantum signals are simultaneously transmitted through a single fiber. However, noise-photon contamination arising from the intense data signal has severely restricted both the QKD distances and secure key rates. Here, we exploit a novel temporal-filtering effect for noise-photon rejection. This allows high-bit-rate QKD over fibers up to 90 km in length and populated with error-free bidirectional Gb/s data communications. With a high-bit rate and range sufficient for important information infrastructures, such as smart cities and 10-Gbit Ethernet, QKD is a significant step closer toward wide-scale deployment in fiber networks.

    Based on their figure 2c (and text), this should be possible when transmitting sufficiently loudly. However, I'm confused as to why this does not affect noise in their own channel. Or maybe that's why they're claiming it... but I don't know enough about fiber optics to draw a conclusion there.

    In any case, this technology is rather hard to use, because it only works in fibers over a single hop. So you could in some cases create secure key exchange between two hops. Which, to be fair, is a great achievement: however, there is no wireless and there is no support for switching. So you'd need an IPSec-like protocol on the MAC layer for this to work; however, this means replacing every single switch on the path.

  13. basic question by __aaltlg1547 · · Score: 1

    Supposing I didn't get the message I was expecting to receive, how do I know it wasn't intercepted?

  14. But what attack does QC prevent? by BlueRaja · · Score: 1

    I still don't understand the benefit of Quantum Cryptography - it only prevents eavesdropping on the wire, right? It doesn't prevent a man-in-the-middle (where someone would receive the signal, read it, and retransmit it along the wire)?

    Assuming your machine is clean from infection, the big eavesdropping concerns today come from man-in-the-middle attacks: rerouted lan traffic (such as compromised clients running an ARP spoof), and intermediary nodes between endpoints (eg. your ISP, and the Internet backbone routers). The only thing QC prevents (actual, physical wiretapping), as I understand it, is not much of a concern anyways.

    1. Re:But what attack does QC prevent? by DMUTPeregrine · · Score: 1

      It does prevent MITM.

      Specifically, it is a key-distribution scheme that can't be attacked by a MITM attack, assuming the equipment behaves in an ideal manner. Most of the breaks of QKD systems have come from the fact that equipment does not behave in an ideal manner.

      --
      Not a sentence!