Simple Comm Technique Beats Quantum Crypto 164
Atario wrote us with a link to a New Scientist article about an innovative new way of encrypting communications. An engineer at Texas A&M may have a way to exploit the thermal properties of a wire to create a secure channel. The result could be an effectively impenetrable way of securing communications, possibly outperforming quantum cryptography keys. "In their device, both the sender Alice and the receiver Bob have an identical pair of resistors, one producing high resistance, the other low resistance. The higher the total resistance on the line, the greater the thermal noise. Both Alice and Bob randomly choose which resistor to use ... Half the time ... they will choose different [resistances], producing an intermediate level of thermal noise, and it is now that a message can be sent. If Bob turns on his high resistor, and records an intermediate level of noise, he instantly knows that Alice has chosen her low resistor, in essence sending a bit of information such as 1 or 0. Kish's cipher does this many times, sending a random series of 1s and 0s that can form the basis of an encryption key, the researchers say."
broken link (Score:5, Informative)
http://www.newscientist.com/channel/tech/mg194260
dupe? (Score:5, Informative)
Well, they quote Bruce saying it's good. (Score:3, Informative)
Although I don't recall seeing anything about it on his website. Bruce knows a lot more than I do, but this just sounds weird.
And not just Ethernet. Any wire that has a repeater or relay or amplifier sounds like it would break this.
And don't forget man in the middle attacks. If Eve or Mallory get to the wire first, then the "normal" wire state that Alice and Bob see will include their taps.
Re:Well, they quote Bruce saying it's good. (Score:5, Informative)
Eavesdropping on this wouldn't do any good. From an eavesdropper's point of view, there are three noise levels, two of which mean nothing and one of which means a bit has just been transferred from A to B or from B to A. An eavesdropper can't tell which direction the bit is going or what the value of the bit was.
Re:Cool. (Score:2, Informative)
TFA (someone said it was /.'ed) (Score:4, Informative)
Re:Well, they quote Bruce saying it's good. (Score:5, Informative)
That would be: http://www.schneier.com/crypto-gram-0512.html#15 [schneier.com]
Already Broken (Score:5, Informative)
crappy crappy method (Score:3, Informative)
Speed of light? (Score:3, Informative)
This reminds me of another crypto method where the receiver adds noise to the line. The theory is that they know what the noise is, so they can remove it, but Eve can't get it because she doesn't know what the noise was. It falls down under the same attack because the signal is only propagated at the speed of light, not instantaneously.
Re:Cool. (Score:5, Informative)
Hope that clears up any debate this would generate.
And I don't know about the rest of the community, but I read the original post and thought "yep, got it in one". Apparantly I understand these things a little better than most.
Re:Security through Lack of Reference? (Score:3, Informative)
In both cases, you can authenticate the endpoints by prior exchange of key material. I can't see why you would want to do this in complicated, strange hardware when you can do it perfectly easily in existing software. This is the method by which ssh operates, if you have validated the host key correctly, or SSL/TLS, if you have provided the appropriate certificates.
The point of quantum encryption was that we might someday be able to prove it cannot be broken, if we can show that quantum physics works how we think it does (we are uncertain whether Diffie-Helman can be broken, like all other modern cryptographic algorithms, and have no idea whether we'll ever be able to prove it secure). No such proof appears possible with this method.
Re:Sure they can. (Score:3, Informative)
Noise endpoint 1 endpoint 2
High high high
Medium high low
Medium low high
Low low low
You throw out the high/low noise cases. In order to know what the other person is doing in the medium case you need to know what resistor YOU put in!
-Tom
P.S. one of my professors proposed this method during a casual conversation a few years back. It's and idea that has been kicked around for a while, and in my opinion is very solid.
P.P.S. there is no directionality to the signal here.
Re:Already Broken (Score:1, Informative)
Old news.
I'm always amazed by these people that make such outrageous claims like unbreakable encryption. Considering all the the bizarre stuff that has been done in breaking systems I can't imagine claiming something like this. There is always a way to break it, always. I imagine even quantum cryptography is breakable, that is if we ever get a practical system.
Arguments from last time.. (Score:1, Informative)
MITM... (Score:5, Informative)
I read Schneier's page because I respect the guy, and I figured he'd know what he was talking about. It already seemed trivially vulnerable to a man-in-the-middle attack, but I wanted to see if I was the only one.
Looks like I'm right:
He actually details a few more problems:
But then, I guess it's the best we've got:
Old news: Broken, rebutted, broken, rebutted again (Score:3, Informative)
I agree with Schneier's assessment of quantum crypto as a solution in search of a problem, and this appears the same, although much cheaper to implement.
The most recent paper on the topic was a plenary talk [arxiv.org] given by the author last week at a conference in Italy. The references in that paper will give you the complete list of papers arguing with his results and his responses to those arguments.
Broken Nine Months Ago (Score:1, Informative)