Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Encryption

Quantum Cryptography Broken, and Fixed 118

Posted by kdawson from the knowing-the-unknowable dept.
schliz writes in with research out of Sweden in which researchers showed that, looking at a quantum cryptographic system as a whole, it was possible for an eavesdropper to extract some information about the QC key, thus reducing the security of the overall system. The team then proposed a cheap and simple fix for the problem. "The advanced technology was thought to be unbreakable due to laws of quantum mechanics that state that quantum mechanical objects cannot be observed or manipulated without being disturbed. But a research team at Linköping University in Sweden claim that it is possible for an eavesdropper to [get around the limitations] without being discovered. In a research paper, published in the international engineering journal IEEE Transactions on Information Theory (abstract), the researchers propose a change in the quantum cryptography process that they expect will restore the security of the technology."
This discussion has been archived. No new comments can be posted.

Quantum Cryptography Broken, and Fixed More

Quantum Cryptography Broken, and Fixed

Comments Filter:

  • Re:Wah? (Score:5, Interesting)

    by mrbluze ( 1034940 ) on Tuesday May 13, 2008 @07:24PM (#23397476) Journal

    The advanced technology was thought to be unbreakable due to laws of quantum mechanics that state that quantum mechanical objects cannot be observed or manipulated without being disturbed.

    Well the worst thing about an encrypted stream is that you trust it, not really knowing if someone is listening half way down the line. If you get a hint that it's being listened to, you can start sending garbage (or misinformation) down the line so as to confuse the hell out of the eavesdropper, whilst taking up alternative methods of communication or something.

    This makes me wonder if cryptography needs to become cleverer. I mean, depending on the type of data you're sending, might there be a role in padding encrypted streams with 'honeypot' data, like random bits of vaguely interesting crap that the expected listener might want to be interested in. Sort of a live equivalent of Truecrypt's plausible deniability.

    What do people think about that?

  • Fundamental Flaw in Quantum[Anything] (Score:1, Interesting)

    by thinktech ( 1278026 ) on Tuesday May 13, 2008 @07:33PM (#23397552)
    The whole thing strikes me as a theory in a vacuum, I don't believe that ANY quantum object is invulnerable to observation. At it's core, this is a theory on paper that has no real-world solution. It's like the perfect gas. It simply doesn't exist. And any "fix" will invariably need fixing again. When did common-sense stop making sense in science?

  • Re:There is no such thing as absolute security (Score:2, Interesting)

    by Slashdot Suxxors ( 1207082 ) on Tuesday May 13, 2008 @08:05PM (#23397768)
    So how do you retrieve something that's not retrievable?

  • Re:Wah? (Score:3, Interesting)

    by MadnessASAP ( 1052274 ) <madnessasap@gmail.com> on Tuesday May 13, 2008 @09:32PM (#23398264)
    It doesn't matter. The moment he tries to read the stream to see whether the data is garbage or not he has changed the quantum properties and the receiver will know someone is listening. It is theoretically impossible to discern anything about the stream without being detected.

  • [N]obody understands QC, and anyone that does can't simplify it for the rest of us
    You've just summed up the entirety of quantum physics. Really, it's impossible to simplify it enough for the general public to both know what it means (as in, the behaviours it predicts) and "understand" it in any intuitive way. Hell, most physicists don't understand it in that sense. It just isn't intuitive (for common definitions of the word). So some of the time (probably more than we'd like to admit) we just plug in the math. And it works.

  • Re:No, not really (Score:2, Interesting)

    by taylor ( 11728 ) on Wednesday May 14, 2008 @10:29AM (#23402750) Journal
    Actually, quantum cryptography can work with non-secured intermediate repeater stations. In essence, rather than attempting to send the random bits directly, one attempts to build an entangled pair of quantum bits, one at each end of the repeater chain. This is trying to build a specific state, which can be verified before use. The random key is generated using the non-classical correlations of the entangled pair (for more info, one can google "Ekert quantum repeater").

    As you might expect, the protocol for this case is very different from that used in classical repeaters: one cannot measure the signal and amplify it, because doing so would negate the security you are attempting to establish. Instead, a quantum repeater focuses on the specific task of creating an entangled state at the either end, which can then be used to generate cryptographically secure random bits. Because one can verify the final state at the ends of the system before it is used, and independently of malicious users in the middle, a quantum repeater is no more susceptible to an intercept attack than a short-distance single fiber approach. Again, both are susceptible to a complete man-in-the-middle replacement / redirect.

Slashdot Top Deals

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Close