Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Quantum Crypto in the Real World

Posted by CowboyNeal on Thu Oct 11, 2007 09:46 PM
from the people-really-use-this-stuff dept.
Encryption Security
bednarz writes "Swiss officials are using quantum cryptography technology to protect voting ballots cast in the Geneva region of Switzerland during parliamentary elections to be held Oct. 21, marking the first time this type of advanced encryption will be used for election protection purposes. "We would like to provide optimal security conditions for the work of counting the ballots," said Robert Hensler, the Geneva State Chancellor. "In this context, the value added by quantum cryptography concerns not so much protection from outside attempts to interfere as the ability to verify that the data have not been corrupted in transit between entry and storage.""
+ -
story

Related Stories

Submission: Quantum crypto in the real world by bednarz (1026650)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Quantum Crypto in the Real World 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • Or at least, in a superposition of having been tampered with and not having been tampered with.

      • Re: (Score:2, Funny)

        by Anonymous Coward
        Nice of you to leave your signature there - good for making sure your posts get modded down in the future.

      • Re: (Score:2, Informative)

        by Anonymous Coward
        Unfortunately you are wrong, and perhaps should be referred to: http://www.getitwriteonline.com/archive/022703.htm [getitwriteonline.com]

        "...in professional contexts, it is probably best to avoid ending sentences with prepositions simply because many people *think* that doing so is always incorrect. Many readers do not recognize the difference between ending a sentence with a preposition whose object appears earlier in the sentence and ending a sentence with a preposition that has no object."

        The object of the tampering is the dat
      • You may have linked to the article, but did you read it?

        "Once the election is closed - at noon on Sunday, Oct. 21 - the sealed ballot boxes of all the polling stations are brought to the central counting station, where they are opened and where the votes are mixed with the mail votes. Counting them is then manually done at the central counting station. People counting the votes at this central station use computers to transfer the counts to the data center of the canton of Geneva," Ribordy explained.

        The q

  • No fair, you changed the outcome by measuring it! (Score:5, Funny)

    by Cyberax (705495) on Thursday October 11 2007, @09:54PM (#20949153)
    Nuff said :)

  • Heisenburg Voting (Score:5, Funny)

    by Anonymous Coward on Thursday October 11 2007, @09:55PM (#20949155)
    Each voter is voting for all candidates simultaneously until the vote is actually read.

    • Each voter is voting for all candidates simultaneously until the vote is actually read.

      Well, it's still a step ahead of Diablo [wikipedia.org] voting machines.

  • The Heisen-Rove uncertainty principle (Score:5, Funny)

    by User 956 (568564) on Thursday October 11 2007, @09:57PM (#20949167) Homepage
    Swiss officials are using quantum cryptography technology to protect voting ballots cast in the Geneva region of Switzerland

    Bah, we hace somnething similar in the U.S. Diebold has been using quantum encryption technology on their voting systems for years. That is to say, attempting to examine the vote count, alters the count.
  • Election results rendered immeasurable for fear of changing the result!
  • While I do not live there anymore as far as I know barely anybody votes! I guess that means that if even a small sample of votes get tampered, it can have a big effect.

    • Re: (Score:2, Insightful)

      by darthflo (1095225)
      Yep, it's rather bad - about 30-50% of all voters actually vote, but the upcoming elections might have a bit higher participation (some very aggressive campaigning been going on for the past weeks). I think this is directly related to Switzerland being a very direct democracy - with enouh support (that's in numbers of people, not money), almost every decision of the Swiss political leaders can be overturned by the Swiss people.

  • That Doesn't Make Sense (Score:3, Insightful)

    by logicnazi (169418) <logicnazi@g[ ]l.com ['mai' in gap]> on Thursday October 11 2007, @10:00PM (#20949195) Homepage
    If the only concern is non-intentional errors introduced by hardware (or software) then a simple hash should be effective.
    • A hash of a single bit variable? Genius
      • Okay, we'll ROT2 it first...will that make you happy?

        (Actually it would probably be better represented as a full string of the candidate's name. Sure, it's more memory, but it'd be an especially remarkable series of faults that manages to flip every bit in that string to another candidate's name (assuming it's not purposefully tampered with) while just about any error would mess up a single, or double (got to assume there's not just 2 candidates, even if there are usually only 2 candidates) bit encoding.)

    • Re:That Doesn't Make Sense (Score:4, Insightful)

      by Beryllium Sphere(tm) (193358) on Thursday October 11 2007, @10:41PM (#20949441) Homepage Journal
      Also not making sense are the reference to the "1 GHz quantum encrypter" and the statement that they're holding back information about how it works for security reasons. Either it's vulnerable or it isn't. And gigahertz are the wrong units of measure. And quantum key exchange doesn't work that fast.

    • Re: (Score:3, Informative)

      by ceroklis (1083863)
      It does make sense if you realize that the only point of the exercise is economic promotion of the Geneva region. Robert Hensler is also pushing internet voting (using local technology) for the same reasons. See for instance this [geneva.ch]. The mention "ideal business location" should give you an idea of what this is all about.

  • I love this misguided attempt at security (Score:5, Insightful)

    by spagetti_code (773137) on Thursday October 11 2007, @10:07PM (#20949243)
    Its kinda like when someone says they are using 4096 bit encryption for their SSL banking, and not realising their password is being stolen by a keylogger.

    The biggest problem we face today is *not* the encryption. We have bags of good encryption technologies out there, from AES (symmetric) to a variety of Public Key techniques. The problem actually comes from the people and processes at either end of the encryption pipe.

    Guess what - no-ones SSID has (probably) ever been stolen while in transit via SSL over the internet. The millions of SSIDs stolen to date have been theft [attrition.org] of [washingtonpost.com] laptops [yahoo.com] or admins not securing their websites [utexas.edu] properly. Hopefully they will understand this, and spend an equal portion of their time/energy securing their endpoints.

    • In other words... (Score:5, Funny)

      by NotQuiteReal (608241) on Thursday October 11 2007, @10:29PM (#20949381) Journal
      The problem actually comes from the people

      We let too many stupid people vote? Is that what you are saying?

          • as far as the original reasons, The need for an electoral college wavered with the telegraph amd died with the airplane.

            And I never did understand the concept of "unfair popular votes between states". Yes, you're all distinct by state, but isn't the president the president of the country? Wouldn't the senators, governors, and house representatives still be distinct to their regions?

            Could someone put this into perspective that makes any sense to the outsider?

            • Re: (Score:3, Interesting)

              by logicnazi (169418)
              No, the electoral college has important value besides merely respecting states rights. Hell, once we abandoned real electors and sworn electors were selected by popular vote arguably the electoral college does more to hurt state local interests than help since there is no need to fuss with states that are clearly in one column or the other.

              The real benefit of the electoral college is to blunt the tendency of incomplete turn out to encourage extreme views. Notice that there are two ways to win elections: A

              • Re: (Score:3, Interesting)

                by Fred_A (10934)

                With the electoral college it doesn't matter how many extra votes you get out in a strong red/blue state it still counts the same. What matters is whether you can carry the moderate states. Thus there is less incentive to take extreme positions motivating turn out in the states that strongly support you and more to take the sorts of positions that will win in the moderate states. Sure there are still partisans of both stripes in every state but a republican in ohio isn't the same thing as a republican in Wyoming.

                Your logic seems to imply that if there wasn't an electoral college in place, all the people in a given state would still vote the same way.
                Presumably that wouldn't be the case. Most states would be moderate with a wide ventilation of votes across the spectrum.
                (disclaimer, not from the US. And I never really got that electoral state thing either.)

      • You'd have to have one hell of a computer to do it in any reasonable amount of time.
        ...or use these new Quantum Computer things. You know, the ones that can run algorithms that can crack conventional cryptography.

        If they weren't using this, people would be complaining that politicians aren't utilizing technology enough.

  • They never get it (Score:5, Interesting)

    by goombah99 (560566) on Thursday October 11 2007, @10:11PM (#20949281)
    Crypto and now Quantum Crypto--theve voting machine folks just never get. Too wrapped in the forest of their own cleverness to see the trees. All these assertions of provable voting miss the entire point of transparency. Voters need to be able to see how it all works. You don't wrap it up in a trust-me-the-math-proves-it burrito and call it transparent. All that does is exclude participation in the process and every time you centralize the cryto it means it takes fewer and fewer people to exploit the hole they forgot to close and don't know about yet. The real solution is to spread the problem out in the sunshine so that even if it allows more people access to fudging things it also takes more people to achieve a significant fudge and the risk of getting caught is higher.

    The key thing about voting is this: it's actually unlikely anyone will cheat but every wants to be sure it did not happen. Voting is about convincing the losers they lost not proving who won. it has to be convincing.

    • Re:They never get it (Score:5, Interesting)

      by causality (777677) on Thursday October 11 2007, @10:46PM (#20949473)
      While I can't say I know very much about how this is being implemented, and therefore could only speculate about the threat model and how it is being addressed, I very much appreciate your point about the need for transparency. I would further submit that an aspect of the problem that is not often discussed but certainly does have a strong influence in the outcome of elections and how they affect the country (i.e. the entire point of having a vote) is not so much how the voting is carried out, but who is doing the voting.

      I realize how unrealistic it is that this would actually be tried, but what I would really like to see is a restriction that prevents anyone from voting until they demonstrate that they understand how the government actually works. Something like a (hopefully very tough) civics test that must be passed every so often in order to retain the right to vote, with emphasis on what is and what is not the proper role of government. At least in the USA, it seems that just because so-called "literacy tests" were abused for the purpose of denying suffrage to black people, during a time when the evils of open racism were widespread, we threw the baby out with the bathwater and decided to discard the entire idea that a voter should demonstrate some competence before performing such an important duty.

      This could work if anyone who meets the other requirements (at least 18 years of age, not a convicted felon, etc.) is eligible to take such a test and maybe it would be a good idea to allow them to re-take the test until they pass. The idea is that with informed voters who understand how the system was intended (by the Founding Fathers) to work, elections would be determined more by a candidate's position on issues, their track record (if available) of how they handled previous positions of power, and whether their ideas are actually sustainable long-term (which many of our entitlement programs are not, such as Social Security and other vote-buying techniques) and less by 30-second ads on TV, campaign slogans, empty promises, and party affiliation. I believe this would also have the effect of selecting against the knee-jerk, ill-considered reaction of valuing security more than freedom and would probably also make it a little easier for candidates who do not belong to the two major parties to win elections beyond the local-government level.

      One thing that has always bothered me about politics is the unwillingness to try new ideas to see if they are superior (and if not, why) and abandon them if they are not. It seems that we have too much faith in the status quo and are only ever willing to change it in reaction to some kind of crisis -- often due to skillful use of Problem, Reaction, Solution aka Thesis, Antithesis, Synthesis (Hegel) -- by taking measures that wind up being set in stone and very difficult to change in the future.
      • So if your opinion of what a goverment should be deviates from the norm, then you can't vote?

        A system such as you describe will only strengthen the notion that there is one "correct" form of goverment.

        • Re: (Score:3, Insightful)

          by causality (777677)
          The idea of a civics test is not a particular outcome as you seem to suggest (nice straw man btw), but the more basic concepts of how the system is implemented. It would require that the voter knows i.e. what the executive branch does that the legislative does not, the intentions behind the Bill of Rights and what they were designed to protect (and what they were designed to protect from), and that government only really does three things well, which are: defense, law enforcement, and public works. Someon

          • Re: (Score:2, Interesting)

            by moogle001 (563970)
            I sincerely hope you realize that your post proves why there can't be any civics test. Your assumptions on what government can and can't do well and what's good for the common man are just that: assumptions. Many, many people in the world would disagree with you. But hey, you may be right, you may be wrong. It's all political theory, after all. Which is why we shouldn't be requiring people to agree.

            • You assume that the Founding Fathers intended for 90% of the government to come from local/state level, it might even be correct. However, the question is not what were their intentions but what is written in the constitution. By the way, they also intended for black people to be slaves and for women to have no vote, do you think anyone who think differently should not be entitled to vote? You might not say there is only one correct way to do things, but you definitly say there is a very small number of way

                • They build a mechanism that fitted the world as they knew it, not the modern world.

                  Some things are timeless, such as the observation that, given enough time, all governments decay into police states or dictatorships unless proactive steps are taken, primarily by those who can see the obvious, to prevent this. This is simply entropy on a large scale. The USA has already exceeded the life expectancy of a constitutional republic by nearly fifty years.

                  Modern things you might need from the government you

        • Technically, in the USA, the Peoples vote doesn't even matter.

          1: only when voting for President. All other elections are direct-election.

          2: Even then, it's a choice of one of two slates of electors, who go and are usually required by law to vote a certain way.
    • I doubt it. You trust the people to take the votes away somewhere and count them up. You probably don't have a clue who does the counting, where it is done, or how the counting machines work. I sure as hell don't.

      The system we have now is just as non-transparent as all the good voting systems. The only real difference is that you are familiar and comfortable with one and not the other. That will change in time. Once various clever crypto systems become more familiar people won't need to look inside an

    • Crypto and now Quantum Crypto--theve voting machine folks just never get. Too wrapped in the forest of their own cleverness to see the trees. All these assertions of provable voting miss the entire point of transparency. Voters need to be able to see how it all works.
      Ah but you can't look at it. That's the point of quantum crypto.

      But how does it work ?
      It's quantum.
      Can I look ?
      Not it would break it.

  • Schrodinger's President (Score:4, Funny)

    by BradleyUffner (103496) on Thursday October 11 2007, @10:13PM (#20949291) Homepage
    How did the scientists get around the fact that they don't know who won until after the person takes office?
    • They put him in a box with a large radiation emitter. The same thing's being considered over here I hear :P.

      What's that? We were only supposed to leave him in there a short time? Oh...new election!
  • "He who casts the votes decides nothing, he who counts the votes decides everything.... or not."
    • Gets a bit more complicated when it's a "they" who count the vote not a single "he". And unless you live in a totalitarian society like, say, the one Stalin had oppressed/dream-talked into submission to his every command, there should not be an easy way to convince all the people who should be involved in the voting procedure to do something illegal. That is why people on slashdot want less machinery/electronics and more people/paper involved - it is hard to pull off a conspiracy with thousands of people.

      An
  • If you don't like the election results, then just never observe the candidate, meaning they don't actually exist.
  • In Soviet Russia, votes observe YOU!
  • Quantum cryptography is not encryption. A method of secure key exchange perhaps, but it's not encryption.
    • Actually, it's a very fast method of detecting an intercepted communication. As such, it's usually grouped with encryption mechanisms. There's absolutely no way of intercepting the data that's not very rapidly detectable, so you can limit the loss of information before terminating the communication. If the information you're transmitting is such that a handful of bits is useless, it's an excellent security system.

      This is not, however, the first time it's been used.
  • it is exactly the same quantum cryptosystem that has recently been broken (by an attack exploiting a component imperfection) [arxiv.org]?

    In fact, I would love to see a statement from id Quantique that this security issue discovered in their equipment has been addressed. There hasn't been such a statement, to my knowledge.
    • That wouldn't make sense. This applies to a specific system and not to the general concept. The point of the paper isn't that there's a particular outstanding security problem (there is, but it only applies to the one device studied), but that just because quantum cryptography is theoretically perfect doesn't mean that device implementations are necessarily perfect.
      • You are correct. However the paper has studied exactly the same device implementation that is currently being used to secure the Swiss elections. It doesn't say so in the abstract, but in the body of the paper the lab version of the id Quantique cryptosystem is listed. It is likely their full-link version uses exactly the same quantum hardware as in the lab version, plus the classical VPN equipment.
  • <sawfish>That will take at least half an hour to break! </sawfish> *sigh* How I wish I had never seen that movie.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.