Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Encryption

Quantum Cryptography Broken, and Fixed 118

Posted by kdawson from the knowing-the-unknowable dept.
schliz writes in with research out of Sweden in which researchers showed that, looking at a quantum cryptographic system as a whole, it was possible for an eavesdropper to extract some information about the QC key, thus reducing the security of the overall system. The team then proposed a cheap and simple fix for the problem. "The advanced technology was thought to be unbreakable due to laws of quantum mechanics that state that quantum mechanical objects cannot be observed or manipulated without being disturbed. But a research team at Linköping University in Sweden claim that it is possible for an eavesdropper to [get around the limitations] without being discovered. In a research paper, published in the international engineering journal IEEE Transactions on Information Theory (abstract), the researchers propose a change in the quantum cryptography process that they expect will restore the security of the technology."
This discussion has been archived. No new comments can be posted.

Quantum Cryptography Broken, and Fixed More

Quantum Cryptography Broken, and Fixed

Comments Filter:

  • There is no such thing as absolute security (Score:4, Insightful)

    by Anonymous Coward on Tuesday May 13, 2008 @07:23PM (#23397458)
    If data is stored, with the intent and purpose of actually being retrievable at some time in the future, and a mechanism exists to access said data, then it is not absolutely secure because it has been designed to be retrieved.
    As long as there is even one access method there exists the opportunity to expoloit it somehow.

  • Re:Fundamental Flaw in Quantum[Anything] (Score:1, Insightful)

    by Anonymous Coward on Tuesday May 13, 2008 @08:40PM (#23397960)
    Quantum mechanics is very real I am afraid.
    From superconductors to Aspect experiments

    BTW a Superconductor doesn't lose energy because QM makes it impossible for the electrons to scatter of the nuclei. Again something entirely impossible according to our common intuitions, which, alas, the world does not care about all that much.

    See also:
    http://en.wikipedia.org/wiki/No_cloning_theorem

  • Re:Fundamental Flaw in Quantum[Anything] (Score:3, Insightful)

    by fred fleenblat ( 463628 ) on Tuesday May 13, 2008 @08:44PM (#23397988) Homepage
    >> When did common-sense stop making sense in science?

    If something already makes sense then there is less of a need to study it scientifically. So science will gravitate towards non-intuitive things like neutrinos, recessive genes, bose-einstein condensates, etc.

  • Re:Fundamental Flaw in Quantum[Anything] (Score:3, Insightful)

    by kestasjk ( 933987 ) on Tuesday May 13, 2008 @08:55PM (#23398048) Homepage

    The whole thing strikes me as a theory in a vacuum, I don't believe that ANY quantum object is invulnerable to observation.
    Someone's beliefs are at odds with well founded, empirically established physical laws?!

    I just hope this doesn't catch on..

  • Re:hype alert (Score:3, Insightful)

    by bh_doc ( 930270 ) <brendon AT quantumfurball DOT net> on Tuesday May 13, 2008 @11:35PM (#23398950) Homepage
    While I agree it seems to be surrounded in hype, and while I'm unfortunately unable to access the paper itself (my university doesn't subscribe to IEEE Transactions on Information Theory, apparently), your comment about evesdroppers seeing the key is without merit. The whole point of quantum cryptography is that by employing superposition and state collapse, a key can be negotiated between two parties with an exponentially high probability that any evesdropper listening in will be detected, due to their back-effect of measuring the communication channel. (I might have muddled the terminology a little, but the concepts are true.) So you shouldn't have to worry about an evesdropper because they will make themselves known just by listening in.

  • Re:The End of The Science of Cryptography (Score:2, Insightful)

    by Anonymous Coward on Wednesday May 14, 2008 @12:42AM (#23399228)
    That book was full of shit. Cryptography is no where near finished. I wish people would stop making such a big God damned fuss about quantum cryptography. All it does is make eavesdropping detectable. In any secure application you still don't want the eavesdropper to be able to understand what they overhear, even if you can immediately detect them overhearing it, so you still need to scramble your message somehow, i.e. using actual cryptography. Furthermore, quantum cryptography works exclusively over fibre optic connections. It will never be applied to cat 5 LANs or to wi-fi connections because it fundamentally can't be.

  • No, not really (Score:5, Insightful)

    by Moraelin ( 679338 ) on Wednesday May 14, 2008 @01:22AM (#23399410) Journal
    No, not really. QC only works over dedicated, point-to-point fibre optic lines.

    Do you understand that one crucial aspect? If I want to talk to you completely securely, with quantum handshake, and able to detect eavesdroppers, I would need one uninterrupted strand of fibre from Germany to wherever you are. Screw 50kms, we're talking potentially tens of thousands of kilometres.

    Or a chain of routers along the way that we both trust blindly to not be compromised, because each breaks that quantum handshake, and each is a point where someone could eavesdrop. You can't tunnel QC over such a hop, so it's a bit like having SSL only from your computer to your ISP, then have it decrypted there and re-encrypted to the next hop, and so on.

    It's also pretty much against the whole idea of a network like the Internet. Since again, it needs dedicated uninterrupted point-to-point connections, not a loose mesh of routing machines. (You _could_ transmit the rest over the internet once you negotiated a key over QC, but: 1. you still need a dedicated connection for that handshake, and 2. you still need normal cryptography for the actual transmission then.)

    For two John Does like us it's already pretty infeasible to go QC all the way.

    Even for someone like the US Army:

    1. Good luck having an all-QC connection from Washington to Baghdad. Even in 50 km segments, you need a lot of basically routers every 50 km on the ocean floor, each of them being a potential eavesdropping point. So if you ditch normal cryptography, you'd need to do... what? Park a couple of submarines near each of them to make damn sure the Russkies and Chinese don't tamper with them? Have permanent manned bases on the ocean floor every 50 km, with a company of soldiers watching each router, and watching each other so none of them can be a double agent and tamper with it?

    2. And what do you do if someone drops a depth charge on one of those? You sure you don't want some regular crypto as backup?

    3. That still doesn't help your communication to your airplanes, tanks, cruise missiles, etc, there. You can't tie a cable from each of them to Washington.

    Etc.

    So basically... well, let me put it mildly: I don't know what book you've read, or by what author, but I'd bet it wasn't written by someone who knows much about cryptography. It sounds more like the kind of predictions made by self-styled "pundits" like Cringely or Dvorak. Or, of course, any other of the many like them.

  • Re:hype alert (Score:1, Insightful)

    by Anonymous Coward on Wednesday May 14, 2008 @12:57PM (#23405416)

    So you shouldn't have to worry about an evesdropper because they will make themselves known just by listening in.
    So that means, as far as I understand:

    I can safely exchange a key, because I can detect eavesdroppers and replace the sniffed parts of the key with new ones?

    But if someone is continuosly does that, doesn't he effectively prevent me from communicating at all??

Slashdot Top Deals

Everybody likes a kidder, but nobody lends him money. -- Arthur Miller

Close