Scientists Make Quantum Encryption Breakthrough

Madas writes "Scientists working in Cambridge have managed to make quantum encryption completely secure (registration required) by putting decoy pulses in the key transmission stream. According to the story this paves the way for safe, encrypted high-speed data links. Could this allow completely private transmission of data away from snooping eyes and ears? Or will it mean film studios can stop movies from being copied when traveling on the internet?"

Re:The drawbacks others haven't mentioned

[jd]

Don't know if they still do, but in the 50's, the British used synchronized tapes with one-time pads. As best as I understand it, both sides of the link started their tapes at the same time and from the same offset (synchronized over secure phone) but had no control over when the machines at each end would actually sync up. (The exact sync mechanism is something I'm also a little unclear over - nothing from the tape was ever transmitted.) The practical upshot was that anyone who had a copy of the tape AND a copy of the transmission would still face a daunting computational challenge to break the encryption.

If you combine this with the split key concept, so that the difficulty of obtaining a full pad is considerably greater, and perhaps even run each fragment through a public key encryption algorithm to make getting that fragment a near-impossible task, you get damn close to the theoretical level of security offered by an OTP.

A correctly-implemented OTP, in which the pad cannot be derived algorithmically from known quantities, where the pad is not cyclic, and where the pad is used exactly once, cannot be broken at all without physically obtaining the specific part of the pad that is actually used and some computationally-viable method of eliminating any excess. If the pad is rendered unreadable, or the specific information required to make the pad usable simply doesn't exist except at the moment of transmission and then only on the machines involved, then OTP is essentially unbreakable.

The premise of encryption is that nothing can ever be made 100% tamper-proof or uninterceptable, merely very tamper-resistant and very hard to intercept, and so you're far better off making what is obtained unusable. Having something that is supposedly not interceptable is so much snake oil. For a long time, nobody was sure you could undetectably tap optic fiber. What are the vulnerabilities of the endpoints? Is the connection between the "secure" endpoint and the computers at either end exploitable? Are any of the computers involved open to being monitored by TEMPEST or other remote techniques? If the machines are on partially or fully exposed networks, are the machines susceptible to having the transmission intercepted either prior to being secured or after being restored? (Partially exposed can include computers that share USB memory sticks or floppies with unsecure machines. All you need is a carrier for a virus.)

What about....

[edwardpickman]

The process obviously won't stop copying material but my question is could the same or a similar technology be used to create a dedicated display screen? Let's say with quantum entangled particles as an example you directly drove a screen from a linked source. For every screen manufactured a dedicated chip was loaded into the system linked to your display device. No lines would be needs to transmit the data but like a traditional TV reciever there would be no signal to tap it simply drives the screen. You order your content on demand and there's nothing to record so no piracy but if it was a one time purchase situation you wouldn't have to worry about lost, damaged or degraded media. It would solve most of the complaints except for those wanting free material. It would eliminate a lot of the distribution issues and end the dependence on satelites. No more screwed up signals when there's a lot of solar activity. Granted we're talking decades away but there is a potential for secured storage and distribution of media.

DOS

[pfortuny]

Problem with what is today called qc is that it is not cryptography, it is a safe signing algorithm.

So what if the eavesdropper makes the communication impossible just tainting each and every bit? As they are not safe, they are deemed worthless and the message needs to be re-sent...

This seems to me the problem. You have not built a safe channel, you have built an eavesdropper-aware channel, which is not the same.

They're different things

[Moraelin]

Actually, quantum encryption and computing are different things.

Quantum encryption is, well, basically nothing about using quantum mechanics to _encrypt_, but to send the key (and maybe the data too). The idea is that you send single photons. So basically if someone tapped into the line, you can't split the photon and get only a bit of the signal. Either you get it or the endpoint gets it, but not both. It makes man-in-the-middle attacks a bit harder. In fact, it claims to make it outright impossible.

Since the whole idea here is to elliminate the possibility for a man in the middle, intrusion detection is something valuable. Mind you, if the sending single photons was as un-interceptable as originally claimed, intrusion should be simply not possible, so I'm a bit stumped as to why would they want to detect something impossible. Maybe they know something we don't about how impossible it really is? (E.g., come to think of it, a laser kind of device inserted on the line could multiply that original photon thousands of times, all the clones having the exact same phase, polarisation, whatever.)

It may be pie-in-the-sky, I don't know, but at least it's one of those sane ideas that aren't too impossible to understand even for the layman. The only "quantum" thing about it is that you send individual quanta of light, i.e., photons. Since it's only one and it's indivisible, only one endpoint can get it. All simple and sane, IMHO.

Quantum computing, on the other hand, I don't know... there must be some sane researchers out there who know what they're doing, no doubt. But the media and marketting hype has drowned it all in so much bullshit it could fertilize a few acres, so from the layman (even with a decent grasp of physics and computing) point of view, it's hard to even tell what it would _really_ do, how it would work at all, and how would it be useful at all.

I've even seen such bullshit claims like that it basically holds all possible states at the same time, so it can calculate anything instantly, since the solution state is already one it simultaneously holds. Which is blatantly bull. If it simply holds all possible states at the same time, that's as good as saying that it has no state at all, or you can't measure it. To get an answer out of the computer, you need to get out of it a particular state which represents the result of the calculation. By that logic I could give you a CD with all possible 4 million DWORD (4 byte, 32 bit) values, from -2 million to 2 million, one of which is the result to your problem. There you go, any problem that has a DWORD result already has the result on that CD, so it was "calculated" instantly. Isn't it an impressive feat? I don't even know your problem, but that CD already has the result to it. It's also completely freakin' useless, if you don't know which one of them. That CD as such holds no more actual usable information that that it's a 32 bit number, which you knew in the first place.

Not saying that that's what the actual researchers study, but that's the kind of bogus info that you see from the outside. It's damn hard to tell if it's actually something that might work, or just snake oil to get a clueless VC's money. On par with extracting free energy out of water, the Infinium console, and other such fine con schemes that some people actually dumped millions into.

The only sorta working quantum implementations so far, are basically not even as much quantum computers as hyped, as glorified analog computers. The thing about quantum mechanics is that 99% of it are probabilities.

As some trivial examples, you can't tell for example exactly where an electron is in a potential well (e.g., in a CMOS transistor), or in some cases even if it is still in the potential well or it's out of it already, but you can calculate a probability cloud of, basically, what are the chances of it being in this particular point. Or if you do interference with electrons (think the school physics experiment with shining a light through two thin slots, o

Re:Mod parent up - it's easy to steal from servers

[TheRaven64]

Assuming the receiving mail server has a correctly signed certificate, it is practically impossible to intercept the mail in transit from one server to another. The catch it, the encrypted path is not guaranteed from end-to-end. If I send you an email, I will send it over a TLS connection to my mail server. It will then send it to your mail server (identified by MX), which may then forward it for several hops before it actually reaches you. I have no way of guaranteeing that the connection is secure beyond the first hop (my laptop to my mail server). Anything else might be no better than plain text because it might be plain text. If you want secure email, you need to use some kind of end-to-end encryption such as PGP and make sure you exchange keys over a secure out-of-band channel. Or, you can just accept that email isn't secure.

Re:ahem

[ysachlandil]

Not to mention the problems with "Man in the Middle" attacks. Since quantum encryption doesn't validate the endpoints, you could just cut the fiber and attach two new transceivers and nobody will know. And no, the technique in the article doesn't protect against this. There are only a few ways to get around this problem:

-Monitor the fiber for cuts by keeping it lit at all times. Backhoe accidents will still happen, and then you need to guard the cut and use trusted technicians.
-Have huge fiber ducts and patrol them with guards.
-Use certificates to validate the endpoints. But then you need to trust public key crypto and then quantum doesn't add anything.

So quantum crypto is still useless.

--Blerik

Re:it is an intrusion detection breakthorough

[geeber]

If by "Quantum encryption" you mean "Quantum key distribution" then you are incorrect. It is available commercially [magiqtech.com] now.

Re:ahem

[Wildclaw]

I think you missed the parents point. What you just described is a method that prevents eavesdropping.

What the parent suggests is the man-in-the-middle Dave intercepts both all and any communication between Alice and Bob. Alice sends a stream of photons over the quantum line, and Dave intercepts. Afterwards Alice does the public announce to check that bits havn't been intercepted, but Dave intercepts this message also, and this time acts as Bob to verify the photons recieved. Alica and Dave agrees that there isn't an eavesdropper on their line and starts communicating.

So know Alice is communicating with Dave instead of Bob. Dave repeats the same with Bob, but now as the sender. Bob believes that Dave is Alice and they get a link established. Now Dave has one line open to Alice and one line open to Bob and can retransmit what he wants. Nothing of this violates Quantum Theory, because instead of eavesdropping, Dave has created two communication channels.

The only problem Dave has to implement this is that he has to be able to intercept both the quantum channel and the public channel.