Quantum Cryptography In Action 238
Whitney Wyatt writes: "Discover magazine outlines the first successful laser photon communication utilizing Quantum Cryptography. Called 'Perfect Encryption,' quantum encryption sends the key with the message, however it is impossible for an eavesdropper to intercept the message without changing it. One can only wonder what the FBI will do."
What will they do? (Score:4, Interesting)
Interception vs. Encryption (Score:2, Interesting)
Plus the distances involved are microscopic. For this to matter much to the government the single quanta of data has to last long enough to travel a significant distance.
Re:Interception vs. Encryption (Score:5, Interesting)
Yeah, it means the message can only be read once. But in this case the message is the key for a one time pad encryption.
Basically this makes one time pad encryption a whole lot more secure than it was before. One time pads, I think, are the best form of encryption--but the problem has been the security of the key.
this whole photon quantum encryption deal addresses that issue in a really neat way.
Re:What will they do? (Score:3, Interesting)
Sorry, one-time pad is not perfect (Score:2, Interesting)
You say it will *never* be breakable if you take some sort of security measures. Never's a pretty tough thing to prove. OK, which measures should you take? How do you know that 1000 years from now, someone will not have perfected time travel and invisibility... how do you know that someone is not standing over your shoulder while you are locked in a lead-lined vault deep inside Mt. Everest as you key in the pad? If you kill yourself after making the pad, how do you know the inflitrator does not have the technology to reconstruct your memories from your brain tissue? The one time pad being perfect "forever" is a bunch of crap. "For now" I can deal with, but not "forever"... which makes it just like most cryptography.
Routing (Score:2, Interesting)
key, not message (Score:3, Interesting)
The distance issue is the main problem with this technology but progress is being made on that front and I'm sure it will only be a matter of time before it is solved.
How This Really Works (Score:3, Interesting)
First you take your bits and XOR them with your randomly generated One Time Pad. Then you send the encrypted text over one channel.
NowNext to your computer you have a little box that generates entangled photons from some sort of parametric downconversion (one photons goes into a crystal and comes out two photons). These photons are (made to be) polarization entangled, meaning you don't know that their polarization is, but whatever it is, both photons share it.
Now you take one of those photons and send it through a polarizer that you have rotated according to the appropriate bit on your One Time Pad. Then you see whether you get a photon or you don't, and send this information to your friend.
Your friend receives the second of the photon pair, and runs a similar polarization measurement.
Now, your friend has three pieces of information: (1) your cyphertext (2) the results of your polarizer pass and (3) the other entangled photon. Thanks to quantum mechanics, your friend can now decode the cyphertext based on the results of his entanged photon passing through the polarizer.
The advantage of this system is that you need all three pieces of information to break the cypher, and the third peice, by the laws of physics, can only be measured once. If an attackers intercepts your communication, he might be able to read part of it, but you will instantly know that ther is someone tapping the line.
The disadvantage is that you can't use any repeaters, as this will destroy the entanglement of your photons. You just have to have really good fibers.
Sorry for the long-windedness, but a less technical explanation really leaves out the juice, and a more technical explanation goes into some extreme handwaving and diagrams.
Muerte
QC is perfect, current implementations aren't (Score:2, Interesting)
Quantum cryptography addresses this problem by creating a secure communication channel that is detected at the single-photon level. Because detection of a single photon changes it, any eavesdropper can easily be detected when unexpected results are found.
The property of the system that simultaneously makes it both secure and unfit for sending anything other than a one-time pad is that a random portion of the bits sent by the source are rendered useless. When the receiver picks an incorrect detection scheme, the results are ambiguous. The two parties compare notes on what methods they used, and then eliminate all the ambiguous bits. They can't know beforehand which ones will be thrown away. The way to check for eavesdroppers is to use an insecure channel to compare (and then throw away) a portion of the results to see if there are any discrepancies.
After the key is sent, the encoded message can be sent on an insecure channel, since both parties can be sure they have the same key. A one-time pad cipher can never be cracked because, for instance, a 1 kbit message can have any 1 kbit key as its cipher. Therefore the number of keys to check would be 2^(1024). Even after this is completed (well after the end of the world?) the decoded message is found along with every other possible 1 kbit combination. Any possible 1 kbit file can would be found among the results. This is no better than writing a program that fills memory with files that contain the numbers from 0 to 2^(1024)-1.
Some researchers are actually attacking the implementation of quantum cryptography rather than the theory. The devices used in QC actually send light down the fiber optic lines that damages the equipment on both ends resulting in predictable behavior. However, there are already safeguards developed against these type of attacks. Essentially it comes down to this question: "Is there a perfect implementation of Quantum Cryptography?"
man in the middle (Score:2, Interesting)
What if a I place a device between the intended sender and receiver in such a way that it blocks the intended sender and receiver completely. I intercept a key exchange attempt from the sender and respond as any recipient would. I then have a quantum encrypted channel between myself and the sender. At the same time, I negotiate my own quantum encrypted channel between myself and the recipient. I can now receive data sent from one channel and send it to the other channel. This seems to negate the benefits of using quantum encrypted channels (unless one can somehow assure that I cannot totally block the actual transmissions between the intended sender and receiver).
I suppose some kind of authentication needs to be incorporated into this technology to ensure you're establishing a session to the correct receiver.
Re:Initial handshake? (Score:1, Interesting)