Slashdot Mirror

← Back to Stories (view on slashdot.org)

Australian Company Claims Laser-Based Quantum Crypto is "Unbreakable" (Video)

Posted by Roblimo on from the when-you-positively-absolutely-need-to-keep-your-crypto-key-to-yourself dept.

The QuintessenceLabs website doesn't mince words when it comes to self-promotion. It boasts that they are "The world’s first company to harness the quantum properties of lasers to herald a new generation of data security." InvestCanberra says, "the defense and security policy and procurement centre of Australia is the natural location for large conglomerate defense and security corporations and specialist cyber security, advanced communications and radar, ICT and surveillance businesses alike," and goes on to list QuintessenceLabs as one of several "locally headquartered companies that have grown into internationally successful organizations."

Here's another statement taken from the company's website: "QuintessenceLabs is the first in the world to exploit a new generation of quantum cryptographic technology which enables unbreakable, secure storage and communication of sensitive information through the generation of an ultra-secure cryptographic key." Unbreakable? That's a strong boast. Is it true? And even if it's only partly true, your upper management may call on you to explain (and possibly implement) laser-based quantum security, so you need to know what it is and how it works -- and whether it's something your company (or your client companies) need.

5 of 84 comments (clear)

  1. So...? by fahrbot-bot · · Score: 4, Funny

    Laser-Based Quantum Crypto is "Unbreakable"

    Sharks: 1
    NSA: 0

    --
    It must have been something you assimilated. . . .
    1. Re:So...? by Geoffrey.landis · · Score: 3, Interesting

      but it does provably let you discover that snooping has happened

      Not it doesn't. Alice can't differentiate between Bob reading the message and an attacker performing a MITM attack

      .This depends on your definition of "quantum crypto".
        End-to-end quantum cryptography allows you to know whether your communication has been intercepted. It IS theoretically immune to MITM. Simple quantum key generation or exchange however, may not be.

      Right. Alice can differentiate between Bob reading the message and a Man in the Middle interception, because to intercept the message, the man in the middle has to read the quantum bit -- that is, in the photon case, measure the polarization-- and reading it destroys it. The Man in the Middle can't then send on a copy of the quantum bit, because of the quantum no-cloning theorem. She can send a photon polarized in a way identical to the way she read the photon-- but that only works if the receiver, Bob, happens to choose the same polarization to measure that the Man in the Middle chose to measure.

      There is, however, a footnote to this. Eve actually can clone the photon (cloning photons is what a laser does). But she can't clone it perfectly-- or, more specifically, she can't be sure that the "cloned" photon is actually a copy of the original, or a spurious ("spontaneous emission") photon that happens to be in the same place. So, if she clones the photon, and measures one copy, and sends the other copy on, this shows up as noise in the signal-- exactly the same as stray light. So, Eve can read some of the message, if she's sufficiently clever, but how much is limited by how much noise the people communicating will accept in the signal without realizing that they are tapped.

      --
      http://www.geoffreylandis.com
  2. Old news by Hentes · · Score: 3, Informative

    This is not a new technology, and have been under lab testing for a while now. The problem is that what's theoretically unbreakable isn't that secure in practice. Turns out it's quite hard to distinguish between eavesdropping and noise.

  3. "Partly true"? What? by wonkey_monkey · · Score: 3, Insightful

    Unbreakable? That's a strong boast. Is it true? And even if it's only partly true...

    ...then it's false.

    --
    systemd is Roko's Basilisk.
  4. Re:*NOTHING* is unbreakable by LordLimecat · · Score: 4, Informative

    You cannot break the key in a properly implemented OTP. You have no way knowing which of the 8 zillion possible valid plaintexts was actually sent.

    The weaknesses are only:
      * If the OTP repeats-- that is, the key is not the same length as the message. For an unbreakable 2KB OTP message, you need a 16000bit key (2KB).
      * If the OTP is generated deterministically-- it is not random.
      * Key distribution is vulnerable. No matter what method you use, unless it is face to face, the OTP can be "broken" by intercepting the key.
      * Key storage. If anyone captures your OTP booklet or file, you have no security whatsoever.

    If you figure those out, its "perfectly" secure-- but as mentioned it basically requires face-to-face before hand OTP distribution and storing the OTP keys in a physical, airgapped vault.