Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Super-Secure Quantum Cable Hiding In the Holland Tunnel (bloombergquint.com)

Posted by msmash on from the how-about-that dept.

Zorro shares a report: Commuters inching through rush-hour traffic in the Holland Tunnel between Lower Manhattan and New Jersey don't know it, but a technology likely to be the future of communication is being tested right outside their car windows. Running through the tunnel is a fiber-optic cable that harnesses the power of quantum mechanics to protect critical banking data from potential spies.

The cable's trick is a technology called quantum key distribution, or QKD. Any half-decent intelligence agency can physically tap normal fiber optics and intercept whatever messages the networks are carrying: They bend the cable with a small clamp, then use a specialized piece of hardware to split the beam of light that carries digital ones and zeros through the line. The people communicating have no way of knowing someone is eavesdropping, because they're still getting their messages without any perceptible delay.

QKD solves this problem by taking advantage of the quantum physics notion that light -- normally thought of as a wave -- can also behave like a particle. At each end of the fiber-optic line, QKD systems, which from the outside look like the generic black-box servers you might find in any data center, use lasers to fire data in weak pulses of light, each just a little bigger than a single photon. If any of the pulses' paths are interrupted and they don't arrive at the endpoint at the expected nanosecond, the sender and receiver know their communication has been compromised.

59 of 113 comments (clear)

  1. Re:lol this is bullshit by bluefoxlucid · · Score: 2

    The mechanism they describe is also classical physics.

    --
    Support my political activism on Patreon.
  2. Re:lol this is bullshit by SuperKendall · · Score: 2

    Change in rx power would trivially detect someone tapping the fiber.

    Wouldn't fiber rx power naturally change over time, depending on age of cable, and temperature?

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  3. Quantization by burningcpu · · Score: 2

    [QUOTE]"use lasers to fire data in weak pulses of light, each just a little bigger than a single photon."[/QUOTE]

    Light comes in units of photons. Saying, "just a little bigger than a single photon," doesn't make sense. Was it two photons? Is this an artifact of averaging and poor journalism, where the target was really 1 photon, and sometimes more are released?

    1. Re:Quantization by 93+Escort+Wagon · · Score: 4, Funny

      These are jumbo photons - your quantum switch needs to have that setting turned on for them to work.

      --
      #DeleteChrome
    2. Re:Quantization by zlives · · Score: 1

      what they meant was that when light is in wave form you can cut 1.05 waveform ummm as a pulse umm yeah. every one noes that its only discrete in once it evolves into particle form.
      see makes perfect sense.

    3. Re:Quantization by ShanghaiBill · · Score: 1, Offtopic

      Er, light comes in discrete units of photons.

      Sure, but they aren't all the same size. A red photon is half again the size of a blue photon (700 nm vs 450 nm).

      So "just a little bigger than one photon" could mean a slightly bigger photon, or maybe a normal photon plus a tiny little photon like a gamma ray.

    4. Re:Quantization by XxtraLarGe · · Score: 1

      Light comes in units of photons. Saying, "just a little bigger than a single photon," doesn't make sense. Was it two photons? Is this an artifact of averaging and poor journalism, where the target was really 1 photon, and sometimes more are released?

      It's a photon with just a smattering of gluon the side.

      --
      Taking guns away from the 99% gives the 1% 100% of the power.
    5. Re:Quantization by mspohr · · Score: 1

      No, these are obviously "big photons being a little bigger than a single photon".
      I, for one, would like to know where they get these big photons... I could use a few of them around the house. They might be slower than the standard photons and might hang around longer.

      --
      I don't read your sig. Why are you reading mine?
    6. Re:Quantization by angel'o'sphere · · Score: 1

      A pulse of light a bit bigger than one photon makes perfectly sense ...

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    7. Re: Quantization by epine · · Score: 1

      And I guess it works on the bankers cause they don't understand optics or quantum physics.

      No greedy financial institution ever hired a graduate student with a physics degree to wrangle all that complex math?

      I don't know what world you're living in, but it isn't this one.

    8. Re: Quantization by Anonymous Coward · · Score: 1

      Look up Decoy State QKD some time. What you describe was solved a decade ago.

    9. Re: Quantization by burningcpu · · Score: 1

      Thank you for the concise explanation!

    10. Re:Quantization by vbdasc · · Score: 1

      Is this an artifact of averaging and poor journalism

      Good luck finding journalists who understand quantum physics.

    11. Re: Quantization by QuantumV · · Score: 2

      So for km long links they send what they call "weak" pulses of photons, and still call it QKD.

      Yes, but the weak pulses still have an average number of photons well below 2. The loss in a long fiber only means that perhaps only 0.1 % to 1 % of the photons arrive at their destination, but those arriving may still be used to generate a secret key.

  4. What about protecting from jay on backhoe from bra by Joe_Dragon · · Score: 1

    What about protecting from jay on backhoe from braking it ? and after that does this need a lot bigger repair job then with other fiber?

  5. Re:lol this is bullshit by HotNeedleOfInquiry · · Score: 2

    Possibly, but that's not the way a tap would normally be detected. A very short pulse of light would be sent down the cable. Any tap would reflect a tiny bit of the pulse back to the source. With an instrument called a [Optical Time Domain Reflectometer](https://en.wikipedia.org/wiki/Optical_time-domain_reflectometer) the exact location of the tap can be pinpointed.

    --
    "Eve of Destruction", it's not just for old hippies anymore...
  6. Re:Unless by Anonymous Coward · · Score: 1

    Yeah, this seems like overkill. Crypto may have its issues (e.g. not leaking the keys, quantum-computing vulnerabilities), but getting that right is easier than laying down entirely new infrastructure.

  7. Dust by atrex · · Score: 1

    So what happens if dust gets in the way?

  8. QKD solves no problem, but creates one by ffkom · · Score: 1

    QKD is only as secure as your believe that the physical model "Quantum Mechanics as of today" describes reality completely. And that we already know not to be the case (as quantum mechanics do not even include the omnipresent phenomenon "gravity"). Nobody can say if a more precise model of reality will open up ways to intercept single photon transmissions without leaving traces.

    QKD also solves no problems as conventional cryptography works very well (and its potential failure is not quite the number one threat to data security).

    1. Re:QKD solves no problem, but creates one by fadethepolice · · Score: 1

      To be fair normal physics does not describe gravity correctly either. That is why we invented Dark Matter. At least quantum physics hasn't been giving wrong answers for 100 years.

    2. Re:QKD solves no problem, but creates one by QuantumV · · Score: 1

      Nobody can say if a more precise model of reality will open up ways to intercept single photon transmissions without leaving traces.

      No, but we also know that in a world where this is possible (sufficiently well), lots of other cool possibilities will open up, such as superluminal communication and time machines. The currently known laws of physics describe pretty much everything possible on earth (and other places in the universe with weak gravity) today. But of course if you could integrate a couple of black holes and maybe a few wormholes into your interception device, we cannot quite rule out that an attack is impossible.

  9. Re:lol this is bullshit by olsmeister · · Score: 1

    an OTDR is a disruptive test. This is not something you can log and monitor

  10. Re:lol this is bullshit by sexconker · · Score: 4, Funny

    And don't forget how this "quantum" tunnel actually works in practice.

    We didn't get an expected signal at a certain point. Maybe they didn't send it? Maybe they didn't send it because they didn't get ours??
    Better call them on the PSTN to ask. Does anyone know who we call? I think it was "Jeff" of "Jim".
    No, Jim retired. They don't have a replacement yet. Just call the main office and ask.
    Okay hold on. Let me divulge too much to a random person over an insecure line to try to explain what we're even asking about.
    She said I need to submit a ticket then their service team will get back to us. We can call and ask them to escalate, but only after we create the ticket.

    An hour passes while they create an account in the ticket portal, try to choose something that sort of matches the issue from a crappy set of categories, eventually create a ticket, wait for an email with the ticket number to arrive, etc.

    Okay, I called the ticketing desk with the ticket number and they said they'd escalate it.

    The next day they get an email from Bob.

    Hey guys, this is Bob. We're going to need to reset the entire quantum tunnel. Here are the keys and certs and shit you need to get it done. Email me yours, in regular non-quantum email by 9 AM tomorrow and we should be able to schedule the reset for 10 AM. Feel free to call me on my cell (123) 456-7890 around 10 just so we can both make sure it's working.

    The team scrambles to figure out WTF they need to do with the shit Bob sent, and WTF they need to send back to Bob. Eventually, they get it done, and they call Bob at 9:59 AM the next day, but he's working remotely from the inside of a helicopter above an Indian night market. ...ight g..z ... got the stuff th..s ...r se..g that over ...ckly. Let me ...ad and do ...et now. ... ould ha... lights right n....
    Uh, yes Bob, we currently have no lights. (That's what he said right? We should have no lights?) They just turned off.
    Okay, goo... t me ... ... ...d you should see... ng now. Let me ..ow when ... ...s ...ng.
    ??? ??? ???
    Still ...ng, guys?
    ??? Uh, yeah Bob after the lights went out they came back blinking for a bit and they're still blinking. One of them just turned solid green. ...t sou... ...ood. I've got s...d green on ... ...d. You should st... ... ...e traffic now.
    ??? Yes, we're at solid green too here. (Do we have traffic? How do we know if we have traffic??) Uh, I think we're good now if you see traffic, Bob. Thanks. ...ks guys. Le... ...ow if there's any issues.

    The team is now totally quantum secure, for sure! The outage obviously wasn't from someone installing a tap and repeater, and the reset process totally didn't result in the hardware redetecting the link length and recalibrating all timing-related controls. And the team has now printed out a copy of the certs and keys, both Bob's and theirs, and filed them in Joe's desk side cabinet so they could document the procedure in case it happens again. Don't worry, only Joe and two other staff have the key. And the furniture people and custodians. And the keys say "do not duplicate" on them.

  11. what was once old is new again... by Anonymous Coward · · Score: 1

    call it what it is.. a QuantumLink

  12. Re:entanglement by sexconker · · Score: 4, Informative

    No. Quantum entanglement does not violate causality. All particles / information / marketing lies still have to be transported classically, below c.

  13. Series of Tubes by nwaack · · Score: 1

    Remember how difficult it was to get the congress-critters to understand how the internet works? Making rational laws for this type of tech is gonna be a real cluster fock.

  14. I think they mean quantity... by SuperKendall · · Score: 1

    Is this an artifact of averaging and poor journalism, where the target was really 1 photon, and sometimes more are released?

    I thought the phrasing was odd as well but took it to mean as you say here, a very few number of photons, close to one.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  15. Re:lol this is bullshit by ShanghaiBill · · Score: 1, Offtopic

    The mechanism they describe is also classical physics.

    Most likely the journalist is a moron. QKD works via entanglement, not "detecting delays".

    It is unlikely the engineers would have called it QKD if it isn't QKD.

    It is very likely that the Bloomberg reporter completely misunderstood their explanation of how it works.

    Delay detection would not work well because the speed-of-light in a glass fiber depends on the density of the glass, which varies with temperature.

  16. Re:What about protecting from jay on backhoe from by es330td · · Score: 1

    I like the way they let terrorists know the precise location of a valuable technical target.

  17. Re:How is this better than a TDR? by Anonymous Coward · · Score: 1

    The article is wrong, QKD is not about timing but quantum indeterminacy and photon polarization.
    Eavesdropping is just physicaly unfeasible because the photon cannot be 'read' and 'resent'

  18. Re:OK, I'll Bite. Why is it called the Holland Tun by PPH · · Score: 1

    Named after a guy called Holland.

    --
    Have gnu, will travel.
  19. That's not quantum security by aepervius · · Score: 2

    "If any of the pulses' paths are interrupted and they don't arrive at the endpoint at the expected nanosecond, the sender and receiver know their communication has been compromised" it is just plain damn light path measurement, and has nothing to do with real quantum encryption, and the no cloning theorem.

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  20. Re:lol this is bullshit by tlhIngan · · Score: 4, Interesting

    The mechanism they describe is also classical physics.

    You can use classical physics to do quantum stuff.

    Quantum Key Distribution uses polarized light, and one interesting property is that unless the polarizes are orthogonal to each other, you're going to have a non-zero probability of light going through. So what you do at the sender end is send pulses of polarized light at random polarizations (say, 0 degrees, 0 degrees, 90 degrees, 45 degrees, 135 degrees, etc). Of course, the pulses are coded to represent your bit pattern, so a pulse could mean a 1, no pulse could mean 0.

    At the receiver end, the receiver picks a random polarization and measures the output - either light, or no light. It doesn't matter which.

    What happens after sending a copious amount of data is the two ends then compare their polarizer settings and discard the bits where the polarizer setting did not match (e.g., sender used 0 degrees, receiver used 45 degrees). Most of the data will be discarded, but you'll have plenty more where by chance both sender and receiver picked the same polarizer.

    You can then do a quick hash to compare the final results - the two hashes should be the same.

    Now what happens if someone taps the line? Well, they don't know the polarizer settings, so at best they're going to guess. But the act of inserting the eavesdropping polarizer into the bitstream changes the polarization of the light! If the sender uses 0 degrees, and the eavesdropper uses 45 degrees, light will have a 50% chance of going through the polarizer. But even stranger, at the receiver, if they use a 0 degree polarizer or a 90 degree polarizer, light again will have a 50% chance of getting through. So even though the sender and receiver may both use a 0 degree polarizer, the eavesdropper using a 45 degree polarizer has changed the end result. Maybe the eavesdropper gets lucky, maybe not.

    Doing it for a large number of bits and you'll detect the line tap too easily because of it.

    If you want to see this in action, you can do the standard two polarizer test, set them orthogonally to each other (so the two polarizers let no light through). Now add a third polarizer AFTER than two polarizers and oddly, you'll get light going through! It doesn't have to be in the middle of the polarizer stack - just the act of the third polarizer interacts with the other two such that some light now goes through where it didn't before makes things extra spooky.

  21. Strong encryption by DidgetMaster · · Score: 1, Insightful

    How about encrypting the data so that you don't care how many people capture the 1s and 0s going over the wire (be it electrical or optical) since none of them can make any sense of them without the decryption keys?

    1. Re:Strong encryption by PPH · · Score: 3, Informative

      without the decryption keys

      That's why this is called Quantum Key Distribution.

      Once Alice and Bob* have their keys, the messages are encrypted using standard algorithms and passed over normal fiber optic links.

      *Should we change this to Achmed and Boris by now?

      --
      Have gnu, will travel.
    2. Re:Strong encryption by DidgetMaster · · Score: 1

      Maybe I misread the summary, but it made it sound like QKD has nothing to do with encryption. It sounds like a way to determine if someone is listening or tapped into the line. Or did I misunderstand this statement: "If any of the pulses' paths are interrupted and they don't arrive at the endpoint at the expected nanosecond, the sender and receiver know their communication has been compromised."

    3. Re:Strong encryption by PPH · · Score: 1

      QKD has nothing to do with encryption

      Initial session key exchange has a lot to do with encryption. If a man in the middle can examine the keys, subsequent encryption based on them is not secure.

      --
      Have gnu, will travel.
    4. Re:Strong encryption by Anonymous Coward · · Score: 1

      The summary is wrong in many many ways. Please disregard the summary.

      The quantum communication channel is used to exchange keys (for example for one-time-pad encryption). Detection of an eavesdropper relies on the fact that any measurement of the polarized photons doesn't reveal enough information to clone the photons correctly with certainty and send them to the actual recipient. It is assumed that each transmitted bit is sent with ideally just one photon, so that measuring this photon destroys information and eavesdropping can be detected through an increased error rate. In practice, bits are sent with multiple photons, so the method is not quite as provably secure as it's made out to be. The method is described here.

    5. Re:Strong encryption by ceoyoyo · · Score: 1

      Of course the REAL question is why Alice and Bob couldn't exchange a key in a conventional way, but they COULD run a fibre optic cable through the Holland Tunnel and build QKD hardware to put on either end of it.

    6. Re:Strong encryption by ceoyoyo · · Score: 1

      It has nothing to do with encryption. QKD is about making a communications channel where you know if messages are being intercepted. The most useful thing anyone could think of to do with that is to exchange encryption keys.

    7. Re:Strong encryption by thegarbz · · Score: 1

      without the decryption keys?

      How do you get the decryption key without knowing for sure that someone isn't listening? I would propose a system like Quantum Key Distribution, I think I read about it once on Slashdot.

  22. Re:What about protecting from jay on backhoe from by PPH · · Score: 1

    Probability.

    The statistical odds that Jay will actually be operating a backhoe rather than being on a union negotiated break are vanishingly small in NYC.

    --
    Have gnu, will travel.
  23. Ususal quantum crypto nonsense by WaffleMonster · · Score: 1

    Why bother when most network traffic is already encrypted? Encryption is worthless if an attacker manages to get the digital keys used to encode and decode messages.

    This is what forward secrecy is for.

    Each key is usually extra-encrypted, but documents disclosed by former National Security Agency contractor Edward Snowden in 2013 showed that the U.S. government, which hoovers up most of the worldâ(TM)s internet traffic, can also break those tougher codes.

    Unless security vendors have made secret deals with god normal cryptography is still required to authenticate peers and just like normal systems compromise of keys is fatal to future communications.

    Just like normal systems:

    1. There are still keys that can be stolen.
    2. There is still cryptography that can be compromised.

    If any of the pulsesâ(TM) paths are interrupted and they donâ(TM)t arrive at the endpoint at the expected nanosecond, the sender and receiver know their communication has been compromised.

    Given fiber only runs .67c this is hardly definitive of anything.

  24. Hardly by nospam007 · · Score: 1

    If it's _in_ the Holland Tunnel, it might be secure but it ain't safe.

  25. Re:Proper Encryption works. by OneHundredAndTen · · Score: 1

    Right. The Snowden leaks show that the NSA achieves its results by just about any mechanism other than breaking standard cryptosystems - it would seem that, if properly implemented, the NSA is helpless against them.

  26. Re:OK, I'll Bite. Why is it called the Holland Tun by bws111 · · Score: 2

    Who was the chief engineer

  27. Re:What about protecting from jay on backhoe from by Joe_Dragon · · Score: 1

    more then that Also an 2 for one target

  28. The *real* story is ... by fahrbot-bot · · Score: 1

    The Super-Secure Quantum Cable Hiding In the Holland Tunnel

    ... they can't find the cable - which makes it super secure.

    --
    It must have been something you assimilated. . . .
  29. Way to go... by mschaffer · · Score: 1

    Now that we know it's there, it's only a matter of time before someone observes the cable and alters the outcome.

    1. Re:Way to go... by pipedwho · · Score: 1

      I know you're probably going for funny. But, that is the point of QKD. If the entangled photons are observed mid transit, they will be altered or not arrive at the destination. When this happens the distributed keys won't match and therefore the encryption/signatures will fail and the interception will be detected. The summary is incorrect in how it describes the working of QKD.

      QKD still relies on classic crypto to encrypt the channel and verify the authenticity of the keys and the participants, otherwise it is susceptible to a 'QKD middleman' attack. What QKD is doing is guaranteeing that a potentially 'faulty' key exchange algorithm can not be attacked in the future and the session keys determined. This removes potential future attacks due to a future quantum computing or other successful attack on prime factor, modular exponentiation or elliptic curve based key exchange algorithms.

  30. Re:Article has an inaccurate description of QKD by Anonymous Coward · · Score: 1

    The sender isn't able to create a copy of an existing photon, only to create two identical (or at least correlated) photons at the same time.

    The receiving end needs to know what axis to measure the polarization of the photon in, which the sender sends separately by some method other than the quantum link.

    The sender does measure one of the paired photons themselves. If they didn't, they wouldn't know anything about what they sent. Even after measuring the photon they still don't know exactly what they sent.

    You do need a separate link, yes, but eavesdropping on the separate link is useless to the attacker, so you only need to authenticate it and do not need to encrypt it. The whole thing makes certain that only two locations get copies of a one-time-pad. You're still on your own for making sure they are the correct two locations.

    They also can't be farther apart than a single run of fiber, since a repeater is what the whole thing is specifically designed to prevent.

  31. Re:lol this is bullshit by Anonymous Coward · · Score: 1

    Now add a third polarizer AFTER than two polarizers and oddly, you'll get light going through

    No, you won't. If you add a 45 degree polarizer between a 0 degree polarizer and a 90 degree polarizer, then you'll get light through, even though without the 45 degree filter, none would get through.

  32. Aww...you're no fun anymore by mschaffer · · Score: 1

    https://www.youtube.com/watch?...

    1. Re:Aww...you're no fun anymore by pipedwho · · Score: 1

      That was funny though!

  33. encryption is rarely the weak link by joe_frisch · · Score: 1

    Most big hacks have been due to human factors, not someone breaking zillion-bit encryption.

  34. Explained - future privacy by FeelGood314 · · Score: 2

    This is a key agreement scheme for privacy. Someone wants to keep something secret forever. Today Alice and Bob can use regular encryption to prove they are talking to each other and agree on a secret key using certificates and things like Diffie-Hellman key exchange. We have know how to do this for almost 40 years. The problem with all of this though is that if someone records the Diffie-Hellman key exchange (or other key agreement scheme) and the subsequent communication and computing or math advances in the future to the point where the D-H key exchange can be broken then the communication will no longer be secret. Now if you are the government, communication you do today could be very embarrassing if it was revealed 20 or 30 years from now.

    Right now we are back to suitcases with key tables. If an embassy wants to send something that must be kept secret for 50 years, it pretty much has to be physically delivered or the keys for the communication must be physically delivered. Everyone is recording as much communication as they can and trying to build a quantum computer to break the key exchanges. Who will be first? The Americans, the Chinese, the University of Waterloo with money from everyone else???

    QKD is simple to understand, I send you a bunch of pulses of photons, you send me back the way you read them, I send you a list of the times you read them the correct way. We now have a subset of photons that we correctly exchanged that we can use as a key. Does it work? As others have pointed out, it only really works if you only send 1 photon at a time. It fails if I send lots of photons each time (which I really need to do) and our attacker has better equipment than we do (which they always will because they get to build theirs after we commit and deploy).

    1. Re:Explained - future privacy by QuantumV · · Score: 1
      The part about future privacy is spot on. The following to statements in the last paragraph are wrong:
      1. It fails if I send lots of photons each time (which I really need to do)
      2. [It fails if] our attacker has better equipment than we do

      As for 1, the performance certainly degrades quickly if you send more than one photon or each signal, but it is still possible to get a secret key from two- and three-photon pulses provided a protocol ruling out photon-number-splitting attack is used (such as decoy-state or SARG).

      As for 2, in QKD setups, it is always assumed that an attacker may do anything to the signals allowed by the laws of physics. For example, a photon-number-splitting attack is unfeasable with current technology, but it is still taken into account.

      What is usually challenging in practice is avoiding side-channels. An attacker with better technology may attack side channels that the designers of the QKD equipment did not realize were there (or have the capability to test for). In principle, QKD based on entanglement may rule out many of the possible side channels (but it is still possible to get it wrong).

  35. Re:lol this is bullshit by bluefoxlucid · · Score: 1

    Is there a magic "we exchange the key without it being eaves dropped" in there?

    two ends then compare their polarizer settings and discard the bits where the polarizer setting did not match

    How do they transfer this information?

    --
    Support my political activism on Patreon.
  36. what's really happening by Micah+NC · · Score: 1

    These finance outfits are leaking weak security details so their adversaries never suspect their real security measures.