Totally Secure Non-Quantum Communications? 235
An anonymous reader writes "TEES is reporting that Dr Laszlo Kish, an associate professor at Texas A&M, has proposed a 'classical, not quantum, encryption scheme that relies on classical physical properties -- current and voltage. He said his scheme is absolutely secure, fast, robust, inexpensive and maintenance-free and relies on simultaneous encrypting of information by both the sender and the receiver.' The scheme uses properties similar to Johnson noise along with Kirchoff's Law to provide what he hopes to be an easier method of secure communications. Arxiv also has the full text [PDF Warning] of the paper."
Re:A lesson for venture capital (Score:4, Informative)
Re:A lesson for venture capital (Score:3, Informative)
In Quantum Cryptography, traditional man-in-the-middle attacks are impossible due to Heisenberg's uncertainty principle. If Mallory attempts to intercept the stream of photons, he will inevitably alter them if he uses an incorrect detector. He cannot re-emit the photons to Bob correctly, which will introduce unacceptable levels of error into the communication.
If Alice and Bob are using an entangled photon system, then it is virtually impossible to hijack these, because creating three entangled photons would decrease the strength of each photon to such a degree that it would be easily detected. Mallory cannot use a man-in-the-middle attack, since he would have to measure an entangled photon and disrupt the other photon, then he would have to re-emit both photons. This is impossible to do, by the laws of quantum physics.
Other attacks are possible. Because a dedicated fiber optic line is required between the two points linked by quantum cryptography, a denial of service attack can be mounted by simply cutting the line or, perhaps more surreptitiously, by attempting to tap it. If the equipment used in quantum cryptography can be tampered with, it could be made to generate keys that were not secure using a random number generator attack.
Sounds like Snake Oil... (Score:3, Informative)
Very interesting but what about tolerance? (Score:2, Informative)
Re:In related news, perpetual motion device perfec (Score:3, Informative)
Well, let's see. The perpetual motion machine doesn't exist, in theory, because the laws of thermodynamics and whatnot essentially rule it out. Of course, it may exist in somebody's theory, but their theory would be at odds with actual, working theories that correspond with reality.
You're closer to the mark when it comes to the honest politicians. I think the measure there should be "honest enough," or at least "honest about his/her opinions/policies when it comes to what we're actually talking about." No one, ever, is 100% honest. Civilization couldn't exist without a certain amount of fluff, white lies ("really, honey, you look great in that dress," or "some day, New Orleans will be just like it was before the storm"), and safety-minded subterfuge.
Perfect encryption? Don't know enough about it. But I know we can do better in talking about it than to use slightly off-balance analogies from other disciplines. It's probably far more useful, anyway, to talk in terms of how imperfectly normal human users use even the "perfect" tools we have for other purposes. That's where stuff always breaks down: GIGO.
Re:Voltage drop? (Score:3, Informative)
The is more to a butt set than it being a corded phone with alligator clips. It has an audio transformer in it which permits one to hear what is on the line without going "off hook". It allows one to monitor the line without being audibly noticed (there might still be a voltage drop).
Re:A lesson for venture capital (Score:3, Informative)
Yes, but without overlay network. Quantum cryptography works only for directly connected hosts, so it is basically useless except in some very special scenarios. I think the only reason quantum crypto (and that should be properly 'quantum modulation' or the like) as well as quantum computation is so popular today is because it captivates peoples imagination. Since quantum crypto is really just key excahnge, you could allways replace it with pre-comottated random keys in the neighbouring hosts with a tiny fraction of the cost. And you can also use permanent links and do key-refresh often, making the existing solution again as secure with a tiny fraction of the cost. Personally I feel that even its value as a curiosity has worn off. And the underlying physical principles are not validated enough to support even half the claime people make about quantum technology.
something to wonder about (Score:3, Informative)
There is also the slight problem of the common clock which must be available at each end. Somehow both sides need to be synchronised which implies either quite expensive atomic clocks or a side channel containing the information. Either limits the practibility of the idea.
Problems (Score:4, Informative)
As I mentioned, this is 100% secure, and any reasonably well-written book on cryptography will confirm that. To be 100% secure, however, the keystream must be as large as the data being encrypted, and must be absolutely random -- any degree of predictability can lead to breakage (e.g. search for "Venona").
The biggest shortcoming of a one-time pad is the key: first you have to generate an absolutely random key, and then you have to distribute that key to the people at both ends of the communication securely. The usual problem is that if you can communicate that key reliably, then you could normally communicate the data reliably just as easily. As such, a one-time pad is typically only useful in fairly limited situations like a spy receiving a DVD-ROM full of key material during a f2f visit, then using the key out in the field. For more typical scenarios it's rarely useful though.
This scheme seems to cure one, but definitely not both of those problems. It's basically a way of using two one-time pads simultaneously, so that the receiver can deduce the sender's key at any point, but what is transmitted over the wire basically depends on both his own key and his partner's key (not exactly an XOR, but a bit like it). If all the attacker does is collect the voltages on the line, I wouldn't be too surprised if this really is secure.
That doesn't mean there aren't any shortcomings though. One obvious problem is that both ends still have to generate absolutely, 100% random keys. Another problem is a man in the middle attack. If the pattern of resistor changes can be predicted, then the attacker only has to find the value once at one end to break all subsequent communications over the channel. Since the scheme doesn't (at least by itself) provide any kind of confirmation of who's on the other end of a line, a man in the middle has a pretty easy time with things.
Another approach would be to tap into the line at two points, preferably widely separated. Since the current only travels over the wire at (about) 2/3rds the speed of light, when one end changes a resistor, the change in voltage/current will be detectable first closer to that end, and some time later at the other end. Two widely separated measurments would allow an attacker to figure out which end changed resistors at any given time. Ultimately, the degree of separation does't even have to be particularly huge -- larger separation just reduces the precision of timing necessary, but even one foot apart gives about a nanosecond.
Re:A lesson for venture capital (Score:4, Informative)
People no longer understand p2p as "point to point", but rather "peer to peer". Point2Point cannot use significant IP addresses, but Peer2Peer must use them (or something similar).
Which means when Bob and Alice trade IP addresses,
I hope you meant "IP address" in some metaphorical way. There is no way QC can be applied to operate over an internet with real IP address. IP requires routing, and routing means packet-forwarding, but QC depends on an photonic signals that are irreproducible, and thus unroutable.
you ought to be able to have each other's IPs
Do you know the IPs of every mail-order vendor from which you might wish to order?
What you're doing is repeating the usual QC-request to have the initial exchange of recognition data left off of the vulnerability analysis, because it is in fact susceptible to every kind of man-in-the-middle assault.
Absolutely secure communication already exists (Score:3, Informative)
Re:Why must non-cryptographers be so dumb? (Score:2, Informative)