Quantum Cryptography Ready For Wide Adoption? 125
An anonymous reader points us to an interview with the founder of quantum cryptography pioneer MagiQ Technologies. From the article: "Q: When do you think we'll see service providers offer quantum cryptography services to their end-customers? A: This will happen within one year and we'll see fairly wide adoption within the next three years. We are working with big carriers such as Verizon and AT&T as well as some companies that own fiber networks. The goal is to embed quantum cryptography into the technology infrastructure so it becomes totally transparent to the end-user..." The cost of a pair of MagiQ boxes to implement point-to-point encryption on a 120-km link is $100,000 plus service.
Quantum Crypto does not solve anything! (Score:5, Interesting)
I can't stand all the hype around Quantum Crypto. If you have a close look at it, you'll see that it doesn't solve anything...
When you transmit bits with QC the law of physics guarantee that nobody will see them, even if some genius breaks all the math behind classical crypto. This is all very well but the throughput is too low, thus QC is used to transmit a key which is then used to encrypt the data. Thus you still need symmetric crypto to encrypt your data.
Now, something everybody seems to ignore: QC does not authenticate the transmission. I can buy two magiQ boxes and set up a man in the middle attack. QC can not prove whether you are exchanging bits with the original sender or with some monkey in the middle. To solve this problem the QC vendors suggest:
Re:Huh? (Score:3, Interesting)
The only perfectly secure algorithm is one where the key is:
Because the resulting ciphertext then is just as random. The problem is that you've replaced a secret with another secret of the same size -- which is only a benefit if you've securely transported a briefcase with a copy of the random key you used.
In terms of practical application for you and me, encrypting traffic with VPNs is practical and really secure. Quantum Cryptography depends on being physically point-to-point, which is its flaw... making it unsuitable for most communication
Of course, there are better ways to find secrets sent across a perfectly secure link. Like infiltrating the organisation and reading the secret on the noticeboard :)
Re:SNAKE OIL! (Score:4, Interesting)
Specifically, what is being sent is one half of two perfectly entangled qubits. The fact that they are "entangled" means that if the two people involved each measure their qubit using the same basis, they will always get the same answer.
When you intercept one of the two qubits, you can measure it but in the process you destroy it, and you cannot create a new qubit that is entangled with the one kept by the sender. Thus, the final recipient of the qubit will no longer get qubits entangled with the original sender's, and so even when the two of them measure with the same basis they are no longer guaranteed to get the same result. In fact, on average 50% of the time they will disagree -- equivalent to what would happen if they both just generated independent random strings of bits.
Now you might say: why not have the repeater just generate a qubit such that the recipient will get the same measurement result as you did? The answer is that you cannot do this because you cannot know in advance what basis he will use to measure the qubit. In the case of photons, he could measure it in a horizontal/vertical basis, or he could measure it in a diagonal basis. (For each measurement he will pick one or the other on a random basis.) If you polarize your photon horizontally (which might correspond to a classical value of "0"), then the other guy will get a random result when he measures it in the diagonal basis. You can only hope to guess right 50% of the time.
Part of the QC protocol is to share selected strings of bits to make sure that they are in fact in ownership of a common secret. If these strings differ 50% of the time, then they know that someone was reading them in the middle.
Thus, the whole point of QC is that it is impossible to put repeaters in the middle to intercept the data without this resulting in a detectable error rate in the shared secret.
Re:SNAKE OIL! (Score:3, Interesting)
The way I understand so-called "quantum cryptography", is that it sends a known number of photons with known states down the fiber. Any attempt to intercept them will change their state and/or their number. A repeater will not be able to reproduce exactly the photonic pattern that the sender sent. This, combined with a kind of hashing or packet digest, will tell the receiver if the data packets were tampered with along the way. The message is not sent as a series of light pulses, but as individual photons which are polarised in one direction or another, representing 0s and 1s, with carrier photons that indicate the representational state at any given point in time. Because photons are discrete, there can be no leakage, hence any attempt to "tap" into or read the data en route will be detected.
That is the theory. I am very, very skeptical that the real units actually work that way, as the precision required, it would seem to me, is not currently feasible in commercial products. Counting and measuring photons and whatnot are the preserve of facilities like CERN.
I read this in bits and pieces, I know very little about quantum cryptography, so my understanding may be flawed. In fact, it may be that I have just pulled all this straight out of my arse. It wouldn't be the first time.