Slashdot Mirror

← Back to Stories (view on slashdot.org)

Los Alamos National Labs Has Working Hub-and-Spoke Quantum Network

Posted by Unknown on from the only-criminals-use-quarks dept.

New submitter hutsell writes with this excerpt from MIT's Technology Review: "Richard Hughes and his associates at the Los Alamos National Laboratory in New Mexico announced today that they have been sending perfectly secure messages with their Quantum Internet that has been in operation for the last two and a half years." Original paper. Unlike current quantum networks that only allow point-to-point networking, the system at Los Alamos combines traditional and quantum links to route messages through a hub while retaining the security advantages of quantum networking.

11 of 55 comments (clear)

  1. Re:Was anyone else hoping.... by femtobyte · · Score: 3, Funny

    Why do you think it took them two and a half years to report this? They had to make dead cat versions of every cat video on YouTube just so they could properly distribute them over the quantum network. That's a lot of dead cat videos. Your tax dollars at work.

  2. So... by fuzzyfuzzyfungus · · Score: 4, Interesting

    Any word on what percentage of the quantum-encrypted traffic is flowing between classically-compromised systems?

    1. Re:So... by femtobyte · · Score: 2

      Given that their posted paper was typed in Microsoft Word (with correspondingly *really terrible* typesetting), it looks like this branch of the labs is likely to be running 100% compromised systems.

    2. Re:So... by fuzzyfuzzyfungus · · Score: 3, Insightful

      I was semi-joking; but it is actually a serious question. (To the best of my understanding) a quantum-encrypted network provides rock-solid assurance that nobody is physically tapping your lines. Depending on your site, your level of paranoia, and your value as a target, this may be a worthwhile investment compared to classically-encrypted tunnels, or guys with guns keeping people away from your fiber. However, it has no effect whatsoever on the (easier and more common) purely electronic attacks on vulnerable systems. A quantum-encrypted network will just as happily protect packets being sent back home by a keyloggger as it will anything else, and it has no particular ability to detect the evil bit.

      This doesn't make it useless; but it's really quite a different animal from classical encryption, or from good system security, and the present state of average system security is so dreadful that it rather overshadows physically tapping lines. If you can get a zero-day for $50k, it starts to become difficult to justify even sending a legitimate contractor out to dig up and splice a bunch of fiber, much less some l33t covert ops fiber modding operation.

    3. Re:So... by fuzzyfuzzyfungus · · Score: 2

      I'd ask the bot owners, I don't think anyone at Los Alamos is likely to know for sure.

      I would; but my Mandarin is totally dreadful.

    4. Re:So... by TubeSteak · · Score: 2

      They have not implemented a quantum-encrypted network as you are thinking of it.
      The quantum channel is used to pass one-time encryption pads.
      Then the OTPs are used to encrypt network data.

      Quantum computing isn't nearly fast enough to push real world amounts of data.
      But it doesn't really need to, if we can use it to generate bullet proof encryption.

      --
      [Fuck Beta]
      o0t!
    5. Re:So... by WaffleMonster · · Score: 3, Informative

      I was semi-joking; but it is actually a serious question. (To the best of my understanding) a quantum-encrypted network provides rock-solid assurance that nobody is physically tapping your lines.

      All quantum crypto gives you is one time pad material that cannot be derived from previous communications.

      For example say you are able to record all classical communication between parties. If at some point in the future you are able to somehow compromise the initial encryption key you would be able to go back and decrypt any communications using this key and rotated keys based on the initial key or descendants of said keys if communicated within intercepted channel after the fact.

      With quantum crypto there is no longer a physical linkage possible because pad data is guaranteed to be knowable to exactly two parties.

      There is still very much a real classical problem in that you need to establish a trust relationship between yourself and your communication partner to have any assurance as to which party you are actually OTPing in quantum world...This is always done using an initial classical key to protect against Active MITM of the quantum channel.

      While I appreciate the value in this scheme in the real world I do wonder what the actual benefit is for things like electric grid control cited in their paper where forward secrecy has very little value to begin with.

      While it is true that a compromised key could not in theory be used for long....if you already had the ability to compromise current key you could then also perform an undetectable active MITM against the quantum communication channel and from then on be privy to all new OTP/key refreshes.

      Any of us can exchange data over the Internet with the same level of assurances as the best fancy quantum gear...All you need to do is exchange OTP data offline (SD card filled with a few GB of random garbage) and you are set for a very long time of guaranteed intercept free communication. Years worth of voice chatter..lifetimes worth of text messages or short control messages all for small fractiones of pennies on the dollar. Sure it does not scale but no trust relationships ever really meaningfully do.

      As with the quantum gear your vulnerability is and always shall be compromise of that which hold trust/keys.

  3. Re:I propose the name "QuantumLink" by fisted · · Score: 3, Funny

    Wow, Sir, you know about that obscure C64 service!
    Here, have some geek cred!

    --
    CLI paste? paste.pr0.tips!
  4. Re:Evanescent wave by femtobyte · · Score: 4, Informative

    No, it doesn't assume the optical link can't be tapped. In fact, the quantum encoding is specifically a defense against the optical link being tapped. The data is sent one photon at a time. If a tapper captures the photon (even by leakage from evanescent waves), they destroy the information --- and are neither able to know for themselves, or reliably re-send to the receiver, the bit that was sent. If the tapper doesn't capture the photon, they they haven't tapped the line. At the receiving end, getting too high a dropped bit rate (or scrambled nonsense bits) lets you know the line is compromised, while the attacker still doesn't get any useful information.

  5. Re:Evanescent wave by Meneth · · Score: 2
    This only holds true for single-link connections. When we introduce a hub, it has to be trusted. From TFA:

    So as long as the hub is secure, then the network should also be secure.

    This destroys the protection from wiretapping that quantum crypto promised.

  6. Re:Evanescent wave by Rich0 · · Score: 2

    Well, I see two potential problems with transmitting quantum crypto through hubs without trusting them:

    1. The signal loss problem. The longer the continuous link without retransmission, the more data loss and the lower effective transmission rate. What you refer to might help with that if it allows signals to be boosted without destroying/recreating the photons.

    2. The routing problem. Each packet has to get to the right destination, but if every photon on the line is a quantum encryption bit then you can't read them to determine their destination without disrupting the link. I see two potential solutions here:

    2.1. One is to use channels (like the old POTS approach) - you have 10 data lines and a control line to the hub, and you ring up the hub and ask for one of them to be connected to some remote destination. Then the entire network creates a single dedicated channel where photons can traverse untouched.

    2.2. The more optimal approach would be packet switching, but you'd need to have packets that include both unencrypted headers (at least a destination field) and encrypted payload, and the timing/etc would have to be such that the switch can pick out only the photons it should intercept and let the rest pass through. For that matter it would require some kind of tap that lets selected photons pass through completely untouched and perfectly captures others, and that this could be switched between both modes VERY quickly.

    If you can trust the hubs then you only have point-to-point links and you don't have to mess with any of this stuff. This does rely on owning all the hubs and securing them. For a big company that isn't a problem, but for a consumer you're not going to be able to own all the hubs between yourself and your bank.