Creating the First Quantum Internet

Scientists in Chicago are trying to create the embryo of the first quantum internet. If they succeed, the researchers will produce one, 30-mile piece of a far more secure communications system with the power of fast quantum computing. From a report: The key was the realization of an unused, 30-mile-long fiber optic link connecting three Chicago-area research institutions -- Argonne National Lab, Fermi Lab and the University of Chicago. This led to the idea to combine efforts and use the link for what they call the Chicago Quantum Exchange. David Awschalom, an Argonne scientist and University of Chicago professor who is the project's principal investigator, tells Axios that the concept is difficult to grasp, even for experts. MIT Technology Review elaborates: The QKD approach used by Quantum Xchange works by sending an encoded message in classical bits while the keys to decode it are sent in the form of quantum bits, or qubits. These are typically photons, which travel easily along fiber-optic cables. The beauty of this approach is that any attempt to snoop on a qubit immediately destroys its delicate quantum state, wiping out the information it carries and leaving a telltale sign of an intrusion. The initial leg of the network, linking New York City to New Jersey, will allow banks and other businesses to ship information between offices in Manhattan and data centers and other locations outside the city.

However, sending quantum keys over long distances requires "trusted nodes," which are similar to repeaters that boost signals in a standard data cable. Quantum Xchange says it will have 13 of these along its full network. At nodes, keys are decrypted into classical bits and then returned to a quantum state for onward transmission. In theory, a hacker could steal them while they are briefly vulnerable.

In theory?

[YuppieScum]

In theory, a hacker could steal them while they are briefly vulnerable.

In practice, some three-letter agency or foreign power will steal them.

FTFY

Re:In theory?

Yup they have the authority to do that.

Re:In theory?

Steal them? Won't they just have a literal tap so they can store every one of them as they pass? Seems to be what they want with all other forms of communication. Why wouldn't that apply here?

Re:In theory?

[The+Grim+Reefer]

In theory, a hacker could steal them while they are briefly vulnerable.

In practice, some three-letter agency or foreign power will steal them.

FTFY

As long as the original owner doesn't loose the information, then it's not theft, right?

Doesn't information wanted to be free?

At least that's how I understand it works with pirating movies and music. ;-)

Re:In theory?

[Highdude702]

Its like, different man... You wouldn't understand. You're old. /s

Re:In theory?

Yes, as is their mandate. They should do their best--within reason--to implement exactly such surveillance techniques.

This is a good thing. Surely you weren't trying to create FUD about the big bad agencies? Or was this some weird whatabout to suggest that it's OK for Russia and China to go ahead while we do not?

The lines are the problem

[sls1j]

The problem is the fleshy creatures on either side of the communications line. Alas that meat bad will likely be the weak point.

Re:The lines are the problem

Don't you mean "meat bag". Learn to proof read little boy.

Re:The lines are the problem

"Don't you mean "meat bag"

Did you really have to ask.

"Learn to proof read little boy"

The insult qualifier is counter productive as far as any teaching goes.

Re:The lines are the problem

[Highdude702]

Might could get punched in person for it too.

... and then this will be used on what?

The compromised shitboxes that exist today?

Far More Secure?

[TechyImmigrant]

Far more secure : No
More security margin against specific attacks : Yes.

Heisenberg checks his wallet

[fahrbot-bot]

Chicago Quantum Exchange

Great. So traders will know where the market is going or where it is, but not both.

I imagine Heisenberg wouldn't like uncertainty when it comes to his principle - or dividends ...

Re:Heisenberg checks his wallet

Quantum Wall Street

Re: Heisenberg checks his wallet

You mean principal. His principle is definitely right, or it isn't

disappointed

[Trevorm7]

I got excited for a second hoping it would be 0 latency quantum-entangled internet.

Re:disappointed

Faster than light communication is impossible. It's not provably impossible, but neither are perpetual motion machines.

Re: disappointed

Understand this, information is. It does not travel, it simply exists. Information has no speed limits. Information pops into existence in a spacetime location or another, heck... or both unconstrained of speed barriers as you think you might know them.

So.... the encryption has to be 'broken' 13 times.

So these repeaters are trusted.. how? It doesn't sound any more secure since the encryption is broken 13 times over 30 miles... sounds more like a game of telephone to me.

What is the use case for QKE?

[goombah99]

A nice 8193 bit key should be as much protection as anyone ever needs.

While Bill Gates never said that it may be true for as long as necessary. Just use some extra long key to encode the exchange of shorter length keys. Why do we need quantum key exchange?

Re:What is the use case for QKE?

Many years ago Bruce Schneier calculated that with a ideal classical processor, possessing lossless energy usage, would require more energy than the sun is capable of producing in its entire lifetime to crack a 256-bit symmetric keyspace given no implementation problems resulting in possible computational shortcuts. Meaning, even if quantum computing is capable of orders of magnitude higher cryptographic computation rates and an imperfect suite, 512-bit will never, ever be able to be cracked until we create a dyson sphere to do it.

Quantum cryptography, at its best, is only capable of providing a security benefit of an additional integrity auditing process which is not vulnerable to collision attacks over classical cryptographic systems.

Professionally, quantum computing isn't going to meaningfully impact security, but is an economic opportunity for researchers and security professionals.

Re:What is the use case for QKE?

[goombah99]

that'a what I thought. thanks

Re:What is the use case for QKE?

That ideal computer is also assuming that it doesn't actually do any useful work. That's the energy requirement just to flip a bit.

The way my CS professor described it, is an actual practical computer at the edge of theoretically perfect that could be used to brute force 2^256 operations would require more energy than the output of all of the stars in the Milkyway. The good news is we'll be merging with Andromeda, making it theoretically feasible. But don't wait too long, lots of energy being lost as stars burn away.

Re:What is the use case for QKE?

[dissy]

What is the use case for QKE?

That's the strangest part of this, QKE's main outstanding feature is that if the photons have their entanglement collapsed prior to reaching the other end, you A) lose the data being transmitted, and B) know for certain that this has happened.

The only way it makes things "more secure" is that when the first photon is intercepted, the transmitter knows about that fact and then can refuse to send any further data.
Unsent data can't be intercepted after all.

At one point banks were thinking to use such links in place of their current private leased classical ones. That at least makes some sense.

But the Internet?! We don't need QKE to know with 100% certainty that Internet traffic is intercepted. Nearly every major government has either been caught doing it or has outright admitted to doing it.
There is literally no question, the answer is simply always a yes.

Worse, QKE's response to when interception happens, aka always any anywhere outside of a lab, it's response is to shutdown and stop transmitting!

If that really is the desired end effect, I can save you a bit of money - say "yes" outloud and go unplug the routers. Done and done.

Quantum Nightmare

So in practice, a hacker *will* steal them while they are briefly vulnerable. Or when the keys are generated. Or use a flaw in the RNG to reduce the search space and crack it with his own quantum computer.

But please, yes, DO tear out the old infrastructure ASAP, and replace it with 5G wifi broadcasting every keystroke, and ultra-thin client screenphones that harvest biometrics and private info and store them in the flaky, unreliable "QUANTUM CLOUD", where they can be properly traded and monetized, then subsequently lost or stolen.

Re:Quantum Nightmare

Not Microsoft's cloud. The MS cloud GUARANTEES that your private data will be deleted, it just doesn't tell you when.

Re:Its WAR Fleshling

[wolfheart111]

enough said :(

Self-driving quantum AI blockchain

Self-driving quantum AI blockchain Self-driving quantum AI blockchain Self-driving quantum AI blockchain

Re: Self-driving quantum AI blockchain

LOL

More fraud.

Re:Self-driving quantum AI blockchain

Nah, quantum and blockchain are useless snake-oil and will be forever. AI and self-driving vehicles could be viable someday.

Just keep in mind that it might not take much development time to go from "an AI smart enough to drive a car" to "an AI smart enough to hunt humans for sport".

I see problems and I'm not expert

[Zontar_Thing_From_Ve]

I'm no expert on quantum computing, but I can see problems already based on the summary.

The QKD approach used by Quantum Xchange works by sending an encoded message in classical bits while the keys to decode it are sent in the form of quantum bits, or qubits. These are typically photons, which travel easily along fiber-optic cables. The beauty of this approach is that any attempt to snoop on a qubit immediately destroys its delicate quantum state, wiping out the information it carries and leaving a telltale sign of an intrusion.

Maybe if I'm a bad guy, I'm quite OK with that. That would be something like a DDOS. Maybe I don't care about trying to steal your quantum encrypted data but I want to deny your ability to transfer data that way so you will move to a method of transmission I can read.

At nodes, keys are decrypted into classical bits and then returned to a quantum state for onward transmission. In theory, a hacker could steal them while they are briefly vulnerable.

Believe me, bad people will certainly do this. One of the ways Blu Ray encryption got cracked is that the players stored the keys unprotected in memory and smart people figured out how to dump the memory to get the keys. National actors who really want access to your data will have no problems trying to attack this weak point in the chain.

Re:I see problems and I'm not expert

[Actually,+I+do+RTFA]

Maybe I don't care about trying to steal your quantum encrypted data but I want to deny your ability to transfer data that way so you will move to a method of transmission I can read.

While this could be true, it's far more akin to snipping a line. It's only a problem until the net gets large enough.

t nodes, keys are decrypted into classical bits and then returned to a quantum state for onward transmission. In theory, a hacker could steal them while they are briefly vulnerable.

This is the problem. (Also, their description of QKD is oversimplified to the point of being just wrong.) There is no difference between one of these nodes and an eavesdropper, so enabling them destroys end-to-end QKD.

Re:I see problems and I'm not expert

[gweihir]

I'm no expert on quantum computing, but I can see problems already based on the summary.

At nodes, keys are decrypted into classical bits and then returned to a quantum state for onward transmission. In theory, a hacker could steal them while they are briefly vulnerable.

Believe me, bad people will certainly do this. One of the ways Blu Ray encryption got cracked is that the players stored the keys unprotected in memory and smart people figured out how to dump the memory to get the keys. National actors who really want access to your data will have no problems trying to attack this weak point in the chain.

That part of the story is so utterly pathetic, it is staggering. Of course you attack the nodes, not the cables. It is far easier.

Authentication is a big problem

The important part of quantum encryption is that a single photon cannot be measured completely so that an attacker cannot read the quantum communication and then send it out again. If the attacker tries, then when the two parties compare part of the secret key, it won't match. The secret key is then used as a one-time pad to send encrypted messages. So far, so good.

Authentication is needed to make sure that the measurement basis (what angle the photon polarization was measured in, and sent classically rather than over the quantum channel) was sent by the sender and not the eavesdropper. Since this authentication will use regular encryption, the quantum part is fairly useless. If the authentication uses a one-time pad, then the two parties already had a one-time pad and could have skipped the quantum part. If the authentication uses classical encryption, then the two parties might as well have used classical encryption to send a one-time pad.

A solution looking for a problem

[FeelGood314]

The Quantum Key exchange is interesting but not really practical. The equipment is expensive and hard to set up. Further, if you are using photons you can only send one per quantum state. If you send more than one an attacker can intercept them and figure out their state.

In the easiest example Alice sends photons either polarized (up/down / side-2-side), or diagonally. Bob will then tell Alice which way his detector was set up for each received photon. For the photons his receiver was correct he know the polarity of Alice's photon. Alice and Bob then have a shared secret to use as a key. If Eve intercepts the photons she has to both read the photons and pass them on to Bob. If her detector is set up on the diagonal and Alice sends an up/down polarized photo Eve won't know the polarization and can't send the correct photon on to Bob. However if there are multiple photons, Eve can split them up and test them individually. With 8 photons Eve has a 63 in 64 chance of knowing the photons polarity and 255 out of 256 chance of fooling Bob well enough for her attack to go undetected.

For the entire thing to work either you have to send multiple photons and have them boosted or you send one and the repeaters know Alice's pattern of polarization. In the second case this pattern becomes a key that must be kept secret across every repeater. You may as well just give Bob this key.

Re:A solution looking for a problem

[gweihir]

Yeas. And then, when you have done it, you just continue with normal encryption, because this quantum stuff is slow. It is also insecure, because the physical implementations have been attacked successfully time and again. And the theory behind it is known to be flawed (there is still not quantum-gravity).

Re:A solution looking for a problem

I'm an arm-chair layman, but in a simple situation of sending one photon at a time, the sender could "randomly" inject a quantum photon. Because the photon is quantum, regardless of what polarization you measure for, you should get a 50/50 chance of seeing the photon. But if someone intercepts this one photon, it's no longer a 50/50 chance because if the middle man did not know that this photon was quantum and measured it, they've now fixed its polarization.

If the MITM could ever figure out when the incoming photon will be quantum, this setup is broke.

Re:A solution looking for a problem

[FeelGood314]

Alice sends the polarized ones first. Say she sends 1000 of them. Bob then sends back the list of 1000 polarization orientations his receiver had. Alice then sends a list of the times Bob had it right, which should be about 500 times. So now they both know the polarization of 500 of the photons and use that as their key. They do a key verification step to prove they both arrived at the same key. If Eve did a MITM attack and altered any of the 500 photons then Alice and Bob have a 1/4 chance of detecting it (it's not 1/2 because Eve had a 1/2 chance of learning something).

Re:So.... the encryption has to be 'broken' 13 tim

It could still be used for shorter links, but yes, a single repeater and the whole thing is insecure.

First???

[hackingbear]

China has succeed achieving this years ago and from space too. When have American scientists got in the culture of making false and exaggerated claims?

Re: First???

Short answer: China is full of shit. Also long answer.

Re: First???

The second link actually seems plausible. The first is clearly just standard Chinese propaganda BS.

Complete nonsense

[gweihir]

First, Quantum Modulation (no, it is _not_ encryption) has been broken time and again by simply attacking the implementation instead of the theory. Anybody that thinks this stuff must be absolutely secure is utterly naive with regards to technological reality. Second, the theory used to claim "absolute security" is known to be flawed (still no quantum gravity). And third, conventional encryption is far superior in handling, reliability, cost, etc. and gets the job done just as securely, even if in 50 years or so we may have to go to post-quantum encryption (or not).

Vulnerable, in theory

[ElitistWhiner]

Not if they choose a k-n quorum scheme among k nodes on a network.

How it works

[FeelGood314]

Alice and Bob want to agree on a key. Alice can send photons polarized at 0, 45, 90 or 135 degrees. Bob will have a detector for 0 or 45 degrees. If Alice sends a photon at 90 degrees and Bob uses the 0 degree receiver then Bob gets nothing but if he uses the 45 degree one he gets a photon 1/2 the time. So when Alice sends at 90 or 0 degrees Bob only knows for sure what the polarization was if he used 0 degrees. Alice will send 1000 photons this way. Bob will create a list of 1s and 0s depending on whether he detected the photon. Bob will then send back a list of how he had his receiver set up and then Alice will send a list of the times Bob was correct (i.e. he used a receiver that was the same or 90 degrees off). Alice and Bob now both know the list of 1s and 0s that Bob created when his detector was correct.

Now Eve, who is in the middle and trying to intercept the photons, must set up her detector to guess the polarity but the best she can do is guess like Bob did. She has no idea when she guesses correct and she must send a new photon on to Bob. If Eve's detector is at 45 degrees and she detects a photon then either the photon was sent at 45 degrees or it was sent at 90 or 0 and this is the 1/2 chance it was detected. The probabilities for each polarity {0, 45, 90, 135} are {1/4, 1/2, 1/4, 0}. She could then send a photon at 45 degrees. But she has a 1/2 chance that Bob will have the correct orientation, a 1/2 that she had it wrong and change the photon and a 1/2 chance that Bob got the wrong result (her new photon is 45 degree off the original). So Alice and Bob can detect Eve 1/8 of the time.

Now if Alice sends bursts of polarized photons, say 8 or 16 at a time, then Eve's probability of figuring out the true polarity becomes much greater and her chance of being caught drops significantly unless Alice and Bob send tens of thousands of photon bursts.

Re: How it works

And in the meantime, 3 letter agencies along with any numbers of hackers are cloning any and All information on Alice, Bob and Eves systems automatically using one or more of the multitude of backdoors present in any system

Not relaly the largest security issue

[joe_frisch]

Conventional encryption is rarely the security limit in real world systems. Much more often it is human factors where there is either an inside job, or a human is tricked by another human into doing something that breaks encryption.
"Hi Carl, this is Alice from IT and it looks like the quantum link has de-phased again. Could you help phase it by typing the following into your terminal......."

The technology is interesting, but I don't see a situation where it will actually help.

Cracking a 256 bit key - A thousand universes

[FeelGood314]

Not quite. There is no such thing as lossless energy usage. The best you can do is Landauer's principle which states you need Boltzmann constant times the temperature to flip a single bit. Given a temperature of 3 Kelvin (any colder and you need energy to bring the temperature down) the best you can do is 5x10^-23J per bit flip. Now we can do some assumptions and hand waving and say we only need to flip on average, from an external viewers perspective, 2 bits per key we try so 10^-22J per key. Also assume we guess the key in the first half of the ones we try means trying 2^255 keys. 2^255~10^80. So we need 10^68J. The Sun's output is 3.8x10^26W. So we need 10^68J/ 3.8x10^26W = 2.6x10^41 seconds. A year is 3x10^7 seconds. A sun like ours can burn 10^10 years so we need 10^24 suns. There are 10^21 stars in the observable universe. So we need 10^3 universes of suns to crack a 256 bit key.

However the above post completely missed the point of the QKE. The point is to exchange a key securely. You could have 1024 bit symmetric encryption if you want, it won't help you exchange the key.

Re:Cracking a 256 bit key - A thousand universes

DH works just fine without quantum hype.

Acknowledged that you wish to flex your intellectual muscle, but isn't necessary here. Nobody to impress.

Go buy one on Amazon

"no expert on quantum computing"
That's OK, neither are they. You cannot actually buy this kit. If you Google it nobody will try to sell you it.

You can simply interfere/intercept the "successful entangle photon" signal (which is filtering) and swap in your own for either end. i.e. you can stick in your own repeater, and MITM traffic.

I don't quite get the point of this. Funding?

Secure transfer of keys is a solved problem

It's called "public key infrastructure" and "asymmetric encryption", exists over 40 years already, widely implemented and used. Unlike "bluetooth", adding "quantum" doesn't magically make everything better.

> The initial leg of the network, linking New York City to New Jersey, will allow banks and other businesses to ship information between offices in Manhattan and data centers and other locations outside the city.

Yeah, they can do it now. Over public internet, without optics and vulnerable repeaters, using cheap off-the-shelf consumer grade devices. This "solution" adds absolutely nothing of value.

> The beauty of this approach is that any attempt to snoop on a qubit immediately destroys its delicate quantum state

This is not "beauty", this is vulnerability.

why not public keys?

[goombah99]

who needs to securely exchange a key? Just use a public key encryption to transmit the message (the message could be a key for a non-public key encryption)