Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Practical Quantum Cryptography

Posted by timothy on Thu Mar 28, 2002 02:14 PM
from the next-year-it'll-be-in-wristwatches dept.
Encryption Security
Alien54 writes: "Saw this on Eureka Alert: A commercially available system for quantum key distribution and cryptography has been released by a spin-off company from the University of Geneva. The system has been tested over distances up to 70km (from Geneva to Lausanne) through standard optical fiber cables and connects to PCs via USB ports. Transmission rates of about 60 bits per seconds were achieved, sufficient for key distribution. You can see the original abstract here, which also has a link for download of the paper in PDF, Postscript, and other formats."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Practical Quantum Cryptography 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • Neato. When we get a "Quantum Crypto IP Backbone" that will be cool.

    Of course QC is really only secure when they are direct connections. So if we want to use routers and switches to make connectivity practical we will lose the security.

    This type of thing would be cool for businesses and such that want a secure connection with other branches or offices. They could do a token ring style idea where they relay from their own branches to reach a wide area.

    Tom
    • I'm obviously missing a great deal of information. I thought quantum cryptography relied on quantum computing, which as of now, doesn't exist. Anyone care to fill in this (egregious) gap of knowledge?
      • Quantum computing DOES exists. You can read up on the current state of things here [qubit.org]. Quantum computing has been demonstrated with only a few qubits, which is all you need for quantum cryptography.
      • Some ideas called quantum cryptography, such as using polarized photons (quanta of light) rely on the quantum mechanical properties of the photons, but not necessarily quantum computing. A good overview of how this works is included in The Code Book, by Simon Singh, I suggest you give it a look. Without going into the detail here, I can tell you that if the quantum cryptography he describes ever works it would not only be absolutely secure (this can be mathematically proven) but by its nature you could tell if someone was eavesdropping on the line.
      • Quantum Crypto is based on the transmission of photons or somesuch.

        The jist is if I send from

        A =====> B

        and someone traps the bits in the middle

        A ===/C/===> B

        e.g. an eavesdropper than they will change the spin of the photons and B will know [and in turn A].

        So with quantum crypto you can send from A to B without any real crypto and you will be assured that an eavesdropper cannot get the message.

        The big problem is this all requires direct connections.

        Tom
    • They're also working on a laser based system (Wired article, Sep [wired.com]) at Los Alamos [lanl.gov]. For other fiber-based systems, MagiQ [magiqtech.com] is working on a similar system in New York City, while BBN [bbn.com] is working on a link in the Boston area.

      The laser-based system hopes to eventually bounce the signals off mirrors on satelites, sending keys anywhere in the world. (For a price... good for diplomats and military I suppose.)

      The fiber systems are still in need of a repeater-like device before they can get more significant distances.

      • The laser-based system hopes to eventually bounce the signals off mirrors on satelites, sending keys anywhere in the world. (For a price... good for diplomats and military I suppose.)

        If it's going to be bouncing light off of mirrors on satellites without actually modifying the light itself, I don't see how they can charge. Anyone that points the dish right can bounce it off the mirror. Of course it also seems you'd have no control of where it eventually ends up (since the mirror will be bouncing it to wherever the satellite is targetting it).

        • You kind of answered your own question didn't you? Sure you can bounce a LASER off of the mirror at random for free. If you want them to target the the mirror so the bounce goes when you want, you have to pay.

  • Spin-off company (Score:5, Funny)

    by Anonymous Coward on Thursday March 28 2002, @02:22PM (#3242960)
    Was it a spin-off company, or perhaps just a spin-up or spin-down company?

  • I'm not so sure about practical... (Score:4, Insightful)

    by Mithrandur (69023) on Thursday March 28 2002, @02:25PM (#3242986)


    As nice as this scheme might be compared to previous quantum cryptography schemes, there are still fundamental problemns with implementing quantum cryptography. First off, you need a single, otherwise unused optical fiber to connect the two boxes. This means running your own cable. There's really no way around that. You're not going to find unrepeated, unused fiber just lying around.

    • This means running your own cable. There's really no way around that. You're not going to find unrepeated, unused fiber just lying around.

      Actualy between 1998 and 2001 comapnies spent 500 billion dollars for fiber optic lines, analists aproximate the surplus of fiber optic bandwith at 95%. Unfortunately I have no english sources for the figures.
      Anyway the system is not supposed to be used by every internet user, I think at first the embassies in capital cities will be connected with it.
      • Yeah but QC mandates that this is point-to-point connections. You cannot use repeaters, routers or switches.

        So the type of networking fiber that telco's do and the type that QC requires are not compatible.

        [well the cables are the same, I meant the way they are laid out and used]

        Tom
    • There is a lot of dark fiber out there (definitely in US, but also elsewhere), the problem is that it is not where there is likely to be demand for this type of crypto. The large urban metros (read: where gov'ts sit) are congestion points in general.

  • Commercially Available Product Link (Score:4, Informative)

    by slugfro (533652) on Thursday March 28 2002, @02:25PM (#3242992) Homepage
    The conclusion of the article states that the system is currently commercially available. Here is a link to the QKD System [idquantique.com].
  • I wonder if it's legal to import these things to the united states?
  • I found a site that explains why classic cryptography suffers when compared to the benefits of quantum cryptographic methods.

    The site is located at http://www.qubit.org/intros/crypt.html [qubit.org], and is part of the Center for Quantum Computation (Oxford University).

    Here's a nice basic overview of QC from the site mentioned above: "While classical cryptography employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, in quantum mechanics the information is protected by the laws of physics. In classical cryptography an absolute security of information cannot be guaranteed. The Heisenberg uncertainty principle and quantum entanglement can be exploited in a system of secure communication, often referred to as "quantum cryptography". Quantum cryptography provides means for two parties to exchange a enciphering key over a private channel with complete security of communication."

    Linux > Help > About [monolinux.com]

  • A little background on QC (Score:5, Informative)

    by guest (3772) on Thursday March 28 2002, @02:28PM (#3243032)
    Quantum Cryptography can be a bit hard to get your head around, if you're interested at all in the topic you can take a look at this page [tripod.com] for the some of the basic ideas and history behind QC.

    • Sounds like an interesting cryptography technique, and I'd be really curious to see how Quantum Cryptography compares to Biomorphic Sequence Generators such as the Bodacion.

      If the reader just blinked at that question, there's an article that explains it somewhat.

      http://www.suntimes.com/output/zinescene/cst-fin-e col16.html

      The Libra
      "I am Homer of Borg. Prepare to be...Oooo! Donuts!"
    • or this [qubit.org]
  • I like my free MP3s, so don't spread this too widely: I've figured out a fool-proof method that the RIAA can use to "digitally manage" their intellectual property by using quantum computers.

    You probably recall how quantum computation works: essentially you shove all the extra computation off into parallel universes and then get the answer back when it comes. Why not expand on that idea and use quantum file storage? The RIAA can create CDs where only part of the audio track exists in our universe and the rest is retrieved from parallel universes by your quantum audio system. This makes file copying mathematically impossible.

    Now someone is probably going to pop up and say "well, I can pirate the signal after it has been revirtualized from the quantum foam". I'm glad you brought that up because it leads right into phase two of my idea. In order to listen to music, all consumers would be have sound-decoding chips implanted in their brains. The music would be beamed directly into your head from your audio system.

    Thus we see that file copying can be made impossible by those that are willing to pay the price of our freedom. The only solution is to keep quantum computers from becoming a reality

    • again, if you can hear it, you can record it...you won't get a perfect signla, but you'll be able to get a fairly good signal...then once it's out there, people can use quantum cryptography to keep the RIAA from seeing what they are doing....that which giveth taketh away

      • Pay attention, you dolt (Score:1, Funny)

        by Anonymous Coward
        From the original and highly innovative post:

        Now someone is probably going to pop up and say "well, I can pirate the signal after it has been revirtualized from the quantum foam". I'm glad you brought that up because it leads right into phase two of my idea. In order to listen to music, all consumers would be have sound-decoding chips implanted in their brains. The music would be beamed directly into your head from your audio system.

    • Man, you made my day. This may lead some to wonder how boring my day is. It's pretty boring.

      "RIAA can create CDs where only part of the audio track exists in our universe..."

      I would bet this appeals a lot to RIAA. But why stop there? From what I understand they're looking for a way to sell you the CD so that there's actually no music on it.

      Perhaps just a recording of one of the executives in charge saying "Thank you for purchasing this digital music container device. We assume that you have a computer and have downloaded countless megabytes of our copyrighted material. Therefore, we have pre-removed the equivalent amount of data from this CD. Enjoy." Followed by 71 and 3/4 minutes of silence.

      Sweat
  • Not nearly secure. Physics protects this communication from straight interception. However, it does not protect it from interception and then retransmission. But cool buzzwords. They'll make a little bit of cash before the con is up.

    • Re:Not secure (Score:5, Informative)

      by sfeinstein (442310) on Thursday March 28 2002, @02:43PM (#3243182) Homepage
      Actually, quantum physics protects key distribution from retransmission. One of the fundamental benefits of quantum cryptography is the reliance on the principle that measurement affcts that which is being measured. In short: it is possible for the sender / receiver to determine if their key was intercepted by using unsecure communication of other information that doesn't benefit anyone else that may happen to see it. For a great explanation of how to protect your key distribution in this way, see this article [newscientist.com] in the New Scientist.
        • Post Script To clarify. The polarizer settings can be shared afterwards, but not in a manner secure from interception and then alteration to make it look like like the photons were not intercepted.
        • What makes the transfer secure is that the two parties involved don't reveal their polarizer settings until AFTER the bits have been transferred. By which time, it's too late for the "man in the middle" to go back and change his answers.

          It's really quite clever...

          -Mark
        • Wrong. The beauty of it, is that the settings don't have to be known. You call up over the phone, and check against each other... and the info you exchange in the phone call isn't the settings, just what you observed. If both observations match, then it wasn't intercepted. In this way, it's impossible to know the settings... without those, retransmission will fail.

          Still doesn't prevent truly paranoid stuff, like someone installing BO on your computer, and eavesdropping on the unencrypted stream.
            • This doesn't work either. The man in the middle might try this, but he will be revealed when the two participants check their observations against each other. Remember, this isn't encryption itself, so much as a way to securely distribute keys.
                • If you're talking about some Col Waresque plot that involves a Russian KGB agent who has trained 20 years just impersonating your friends voice, and he is perfect, and also has the tech to intercept and then retransmit, well then I suppose you're screwed.

                  But if you're that paranoid, what's to stop some psychic or savant from somehow guessing the key? Miss Cleo might not be able to testify against you in court, but if she could decode your trade secret for the competitors...
  • put that one in the NSA's pipe and smoke it.

  • Just in time... (Score:3, Funny)

    by NOT-2-QUICK (114909) on Thursday March 28 2002, @02:33PM (#3243082) Homepage
    Great...all my encryption problems are solved!!! And not a moment too soon, either...

    After all, I was getting a bit nervous with respect to my encryption needs in light of the retirement of further development of PGP [slashdot.org] and the possible inadequacies of GnuPG [slashdot.org]... :-)

  • What's quantum cryptography/key distrobution? (Score:3, Informative)

    by moniker_21 (414164) on Thursday March 28 2002, @02:36PM (#3243114)
    Well, I wasn't too sure, so I dug up some links to try and help myself and others understand this:
    http://research.microsoft.com/~gottesma/QKD.html [microsoft.com]
    http://www.qubit.org/intros/crypt.html [qubit.org]
    http://www.ecst.csuchico.edu/~atman/Crypto/quantum /quantum-index.html [csuchico.edu]

    The last link is particularly +1 insightful about the basics of quantum cryptography.

    • if anyone wants to read more look for this book [amazon.com] which covers the history of cryptography from ancient egypt to quantum cryptography...i read it, and it was extremely interesting from a mathematical and computer point of view...it includes a whole section of the theories behind quantum computing and quantum cryptography...

  • The company is: (Score:4, Informative)

    by Alien54 (180860) on Thursday March 28 2002, @02:38PM (#3243141) Journal
    The Company is: ID Quantique.

    Home Page here:

    www.idquantique.com/index.html [idquantique.com]

  • Are those spelling mistakes OCR typos or a secret embedded message? Oh well, noticed it now, I guess the gig is up.
  • It only comes in three colors.

  • QC solves confidentiality, but not authentication (Score:3, Interesting)

    by The Pim (140414) on Thursday March 28 2002, @03:18PM (#3243452)
    I've heard it said that, if QC proves practical, the code-makers will have a final victory over the code-breakers. This seems true at first: there is absolutely no way, in theory, for anyone but the recipient to receive the message.

    But how do you know who the recipient is? QC offers no authentication. If you have to use public key for authentication, what advantage is gained by using superior methods for confidentiality?

    The only one I can think of is that, with conventional cryptography, you can capture the data stream and crack it "off-line". I suppose that this is significant: with QC you only have to worry about whether they've cracked your private key (that you will use for authentication) already, not whether they can in 100 years (because you've used it for encryption).

    Another argument might be that it is easier to eavesdrop on a channel than to redirect it. But that seems like a dubious assumption, if the enemy is determined.

    Thoughts?

      • Redirection isn't a problem either; to redirect the stream you'd have to observe it, and by observing it you will change it, and make it impossible to view the messages.

        I mean interception, not man-in-the-middle. I cut your fiber and read your photons, without trying to pass them on to the intended recipient. Then, when you try to contact the recipient over some "conventional" channel for phase two (comparing the polarities on the two ends), I intercept that, and we discuss the polarities I intercepted. You require that my messages be signed by the intended recipient, of course, but I've broken RSA, so no problem. Then, you send the message xor'ed with the random bits, and I intercept that. I've stolen the message, and you're none the wiser.

  • We must thank the cat (Score:5, Funny)

    by r_j_prahad (309298) <r_j_prahad.hotmail@com> on Thursday March 28 2002, @03:57PM (#3243772)
    Schroedinger's cat may have sacrificed its life to make this product a reality. Or maybe not. Only Heisenberg knows for sure.
  • F4RVVMI0-4MV4K3-GNJWRLNVUWILSNVH47 TP9MTJ894PW3MJSK4L;M49TIMAJK TMVAKL;TMAW4K950[MAWVK9T[MK9PUD56MO/8NK 4SW-90A-94 8I3E-90 9Y5-4]Y59S,BOKSY;'5GB L; YL;SE,L YR;E'KAO P34[I693 A[90[ ZGFKGL;/ ,GL;D'F KGLSDF;'G DSFG,DFLG;D L; C3D1JKCN00892N5VFKLMD31NOV VTN5UIONT

    And that completes our tour of Hilbert Space. Any questions?

    Oh for crying out loud! Who let that cat in here? Now I don't even know what i said. That's one dead cat if I ever get my hands on it.
    • Thats a very good point. Quantum cryptography is essentially a form of One-time pad cryptography, which is an algorithm that uses a completely random assortment of characters as the key, and each key is used only once. This type of cryptography is said to be absolutely unbreakable, and in a realistic sense this is true. However, using brute force one can decode the possible message, but included with that you will get every other possible message that is of the same length as the encrypted message. This is what makes quantum cryptography so secure.
    • I certainly hope not. Most of the philosophisizing about quantum mechanics that makes its way into popular books is crap. They miss the crucial distinction between "unknown" and "indeterminate," and in so doing give quantum mechanics some spooky relationship with consciousness or a universal oneness that it just doesn't have.
            • If the tax tables were uniform then the "rich" would still pay more money.

              Still pay more money? [laugh] "Only the little people pay taxes."

              Hmm...so if the top 1% of income-earners pay more than a third of all income tax revenue, the top 5% pay over half, and the top 10% pay nearly two-thirds, how do you arrive at the conclusion that "only the little people pay taxes?"

              (Source: http://www.atr.org/talkingpoints/012202tp-2.htm [atr.org])

    • The 60 bits/second is only used for the key exchange. The key is for a ordinary symmetric cipher, such as RC5, DES, AES, or Blowfish. For example a 64 bit key for RC5 would take slightly over a second to transfer. And our friends at distributed.net have been working on breaking a 64 bit RC5 messages for the past four years and still have not exahausted the keyspace. Symmetric ciphers have many more valid keys per bitsize than asymmetic ciphers, giving you stonger protection. Keys for symmetric ciphers don't need to be as large as those for asymmetric cipers, 60 bits/second is a little slow, but definitely adequate.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.