## Researchers Simplify Quantum Cryptography 106

Posted
by
kdawson

from the again-with-the-bob-and-alice dept.

from the again-with-the-bob-and-alice dept.

Stony Stevenson writes

*"Quantum cryptography, the most secure method of transmitting data, has taken a step closer to mainstream viability with a technique that simplifies the distribution of keys. Researchers at NIST claim that the new 'quantum key distribution' method minimizes the required number of detectors, the most costly components in quantum crypto. Four single-photon detectors are usually required (these cost $20K to $50K each) to send and decode cryptography keys. In the new method, the researchers designed an optical component that reduces the required number of detectors to two. (The article mentions that in later refinements to the published work, they have reduced the requirement to one detector.) The researchers concede that their minimum-detector arrangement cuts transmission rates but point out that the system still works at broadband speeds."*
## Quantum Post! (Score:5, Funny)

## Re:Quantum Post! (Score:5, Funny)

## Re: (Score:2)

## Re: (Score:2, Funny)

## Re: (Score:1, Funny)

## Actually... (Score:1)

## Re: (Score:2, Interesting)

Hey wait, that shouldn't be possible.

> Quantum cryptography, the most secure method of transmitting data,

Technically it would only be tied at best with a one-time pad, and, at worst, slightly less secure. I wonder if it has codes that could be cracked by social engineering, as one time pad's co

## Re: (Score:2)

## Re: (Score:1, Funny)

## Re: (Score:1)

## what's the big deal (Score:1)

## Re: (Score:2, Informative)

## Re: (Score:3, Informative)

## Re: (Score:2)

That's roughly correct, however the caveat to QC is that the end result must be some sort of amalgamation of all the "parallel" runs. I.e. you can't have all your parallel runs produce different outputs, and look at each output independently.

It ties in with superposition. You can know some sort of "final answer" by processing superposition states, but you can't know intermediate answers (or the results of each individual "parallel run") without collapsing the superposition-solution into a single intermedi

## Re:what's the big deal (Score:4, Informative)

Don't expect the above to be completely correct, though - I'm hardly a cryptography expert (which doesn't stop me from putting a reference in my sig [wikipedia.org]).

## Re: (Score:1)

## Re: (Score:2)

If by "conventional" you include the one-time pad, properly used, then quantum cryptography is possible to crack. The issue is that the one-time pad is relatively difficult to use properly.

One of the canonical examples of the power of quantum cryptography, BB84, is basically just a secure way to negotiate between two parties a one-time pad (thus the process called quantum key distribution, QKD). If there is someone listening in as the negotiation takes place, quantum mechanics means that (1) they often ge

## Re: (Score:1)

## Re: (Score:1)

## Re: (Score:1)

Who cares? I want to know if it will run Duke Nukem Forever!

## Re:what's the big deal (Score:5, Informative)

The fact of the matter is that quantum encryption provides much greater security than standard algorithmic encryption.

## Re:what's the big deal (Score:5, Interesting)

This is all nice, but it is going to be tricky to implement it in the future. How do you send a photon from one computer to another a long distance away without using repeaters or branches? It will be a little tricky. Would this require a fiber optic connection between every computer that wants to communicate with quantum encryption? Or can you adjust the medium so that photons are transmitted and branched undisturbed?

## Re:what's the big deal (Score:4, Informative)

The first one has been demonstrated, and works over limited distances.

The second is an "advanced concept", right next to fusion reactors.

## Re: (Score:2)

How do you send a photon from one computer to another a long distance away without using repeaters or branches?

You don't. You just use branches and repeaters! It sounds counter-intuitive, but you can do something called entanglement swapping [wikipedia.org] to send the quantum state from Alice to Bob through Charlie, without Charlie changing (or even being able to detect) the state Alice sent.

Also you can control/change the path of the photon using electro-optical controls without changing it's state (or at least without changing the part of the state that carries the information), though this would likely be more difficult/exp

## Mod parent up (Score:3, Informative)

I was just discussing entanglement swapping with my supervisor the other day, actually. Neat concept. Roughly, person A has two entangled photons, A1 and A2. Person B has similar, B1 and B2. They both send their 1 photons to C. C entangles A1 and B1 and because of this, A2 and B2 are now entangled. This can then be used to generate a bit of a key.

We were actually discussing it in the context of producing entanglement between ions (good for storage/memory) and photons (good for transmission), since in the

## Re: (Score:3, Funny)

## Re: (Score:2)

## Re: (Score:3, Insightful)

I was with you up until about there. It occurs to me that there are any number of mathematical terms that could be combined at random to induce the same effect in me, and I wonder if this is true of all the people who modded you up.

I think i'm just gonna take your word for it.

## Re:what's the big deal (Score:4, Funny)

spherical numerical analysis techniques: That is standard maths; If you need to compute something involving for instance a cow, you start with "Assume a spherical cow with radius R".advanced quantum distribution array matrices: That just your normal quantum distribution array matrices but with the new icons and toolbar.## Re: (Score:1)

## Re: (Score:2)

## Re: (Score:2)

Uniform density!

## Re: (Score:2)

The fact of the matter is that quantum encryption provides much greater security than standard algorithmic encryption.In your dreams. No quantum computer exists that can break encryption used today by a very, very large margin. It seems doubtful whether researchers can get beyond a few bits at all, let alone scale up to a few thousands. Presently this is all hype to get research money. There have been much more similar things that failed and only very few that deliverd on their claims.

## Re: (Score:1, Insightful)

## Re: (Score:1)

## Re: (Score:2)

Parent shouldn't be modded informative, just about everything he said was wrong.

## Re:what's the big deal (Score:5, Informative)

## Re: (Score:2)

## Re: (Score:2)

That's my best guess, I've never really understood the theory either. It IS quantum physics, after all.

## Re:what's the big deal (Score:5, Informative)

Quantum Key Distribution is, in its most naive form, still vulnerable to man in the middle attacks. It makes it a little more difficult because you must be able to intercept information on two different channels (the quantum channel and the classical electronic channel), but it is still doable. (There are, however, cryptographic methods of detecting man in the middle attacks, but thats a subject for another time).

## Re: (Score:2)

Somebody correct me if I'm badly mistaken...

## Re: (Score:3, Interesting)

Here's something I've never understood. Alice prepares a one-time pad and sends it along using this quantum dealie. Eve intercepts it. Now supposedly this thing changes every time someone observes it, but could Eve just generate a new one based on the data she acquired? Alice created one 'from scratch', why can't Eve?Lookup quantum cloning and the "no cloning theorem".

But basically (and this is a naive implementation that won't actually work), Alice transmits to Bob using linearly polarized photons. Now, if

## Re: (Score:2)

Actually, in the naive scheme outlined above I think Eve can do: a|H> + b|V> => a|HH> + b|VV>, store her photon, wait for Bob to measure, eavesdrop the message from Bob to Alice and then make the same measurement on her stored photon.

Actually, the message telling which bits were send and/or measured at a 45% angle is only exchanged

afterBob has measured the quantum bits. So, even can't just store them, measure them and re-inject them after the fact.So, rather than just eavesdropping the message from Bob to Alice, she would actually need to destructively intercept it and change it.

## Re: (Score:2)

Actually, the message telling which bits were send and/or measured at a 45% angle is only exchanged after Bob has measured the quantum bits. So, even can't just store them, measure them and re-inject them after the fact.

So, rather than just eavesdropping the message from Bob to Alice, she would actually need to destructively intercept it and change it.

Eve isn't intercepting the bits. She's creating a pair of correlated photons without actually making any measurement. She sends one on to Bob and stores the o

## Re: (Score:2)

Here's something I've never understood. Alice prepares a one-time pad and sends it along using this quantum dealie. Eve intercepts it. Now supposedly this thing changes every time someone observes it, but could Eve just generate a new one based on the data she acquired? Alice created one 'from scratch', why can't Eve?Lookup quantum cloning and the "no cloning theorem".

But basically (and this is a naive implementation that won't actually work), Alice transmits to Bob using linearly p

## Re: (Score:2)

## Re: (Score:2)

The best that Eve can do is a DOS attack.

Tim.

## Re: (Score:1)

## Impossible to eavesdrop, otherwise, a big yawn (Score:5, Interesting)

Otherwise, you are perfectly correct. Many cryptographers, including Bruce Schneier, believe that quantum cryptography is a solution to the wrong problem. Nowadays, most probably, the least secure part of your communication system isn't in your key distribution scheme, but is somewhere else --- like in social engineering, or the computer systems which deal with the decrypted cleartext.

## Re: (Score:2)

Otherwise, you are perfectly correct. Many cryptographers, including Bruce Schneier, believe that quantum cryptography is a solution to the wrong problem. Nowadays, most probably, the least secure part of your communication system isn't in your key distribution scheme, but is somewhere else --- like in social engineering, or the computer systems which deal with the decrypted cleartext.

I disagree with Bruce on this, no matter how much I respect him. Once we have a reliable crypto scheme, people will stop looking at the technology when there's a failure, and start looking at the real issues. And I'm pessimist enough to believe that nothing else, no amount of education, training or awareness, will make them do that.

## Re: (Score:2)

## Real world usage? (Score:1, Offtopic)

## Not much (Score:3, Informative)

Both of these look like special uses set up for publicity by vendors.

## Re: (Score:2)

Both of these look like special uses set up for publicity by vendors.They are. Nobody competent would use quantum techniques for things that really need to be secure. The physics is not that well established, for one thing, leading to an unknown risks. Sure, the properties look nice, but when was the last time a fundamental physical theory turned out to be not quite accurate? Yes, that is true, when the current theory replaced the last one. That has happened so far to every theory except the respective curr

## I doubt it. (Score:1, Redundant)

## Yep! Re:Real world usage? (Score:1)

Google it...

or check this: http://it.slashdot.org/article.pl?sid=06/12/13/1458238&from=rss [slashdot.org]

## Yay! Saved! (Score:2, Funny)

## Oblig XKCD (Score:3, Funny)

## Broadband Speeds (Score:2, Interesting)

For reference, in Australia not only does the incumbent Telco consider 256/64kbps to be broadband, but they also describe it as "Fast [bigpond.com]".

## Re: (Score:2)

The whole point is to be able to securely pass an encryption key.

Then you can encrypt and use any method you like for transporting the encrypted data.

Whether it's Australian 'fast', Internet2 fast, or a stationwagon full of Terabyte hard drives fast.

## Broadband? (Score:2, Insightful)

## Re: (Score:1)

## Re: (Score:2)

## Not the most secure (Score:3, Insightful)

In practice none of this is relevant since the hassles associated with correctly implementing either QC or a OTP are sufficiently large that for most applications they are both inferior to public key cryptography and symmetric ciphers. There are some exceptions, but the only way you could possibly justify describing quantum cryptography as "the most secure way to transmit data" would be by ignoring so many aspects of information security that it will have no relevance to practical applications.

## Re: (Score:3, Informative)

Quantum cryptography schemes are guaranteed to inform both Alice and Bob if their communication is intercepted. That's the entire point, and what has everyone so excited about quantum cryptography in the first place. Secrecy in the sense of undecryptability isn't the point of quantum cryptography (as data isn't even *encrypted* in the classical sense), just certainty that there are no eavesdroppers.

Your post just suggests that you haven't actually read anything about

## Re: (Score:3, Interesting)

Or better yet, what would happen if some new device could record without observing?

---Quantum cryptography isn't a cipher. It's a method of transmitting data, which does one specific thing, which is guarantee that you'll be able to tell if people have attempted to eavesdrop. It's not a complete cryptosystem; it's not meant to be. It's meant to be just one component of cryptosystems, and in doing what it does, it's provably secure in the sense that secure is being used here.

Of course

## Re: (Score:2)

I spend most of my time debating creationists, not laypersons who misunderstand quantum physics, but I bet physicists get as tired of shouting "IT DOESN'T WORK LIKE THAT" at people like you as I do at creationists.

You'll remember Feynman once compared our understanding of quantum physics to measuring the distance between New York a

## Re: (Score:2)

I spend most of my time debating creationists, not laypersons who misunderstand quantum physics, but I bet physicists get as tired of shouting "IT DOESN'T WORK LIKE THAT" at people like you as I do at creationists.

All the time.

You'll remember Feynman once compared our understanding of quantum physics to measuring the distance between New York and Los Angeles to within the width of a human hair. I'd say anything with that kind of predictive power is probably accurate enough to trust your life with.

That's actually quantum electrodynamics. QED was "solved" by Feynman using approximations that involve shady cancellations of infinite quantities. It's accepted as an approximate solution, but the quality of the approximation is good. Simple quantum mechanics, like what quantum cryptography is based on, is much better-understood.

## Re: (Score:2)

Or better yet, what would happen if some new device could record without observing?"record without observing" doesn't make sense. In the words of Pauli, "That's not right. That's not even wrong." But trying to guess that you mean "observe without affecting in any way".

Then you can violate causality. Give me a device that can "record without observing" and I'll build you a device to communicate faster than the speed of light.

Tim.

## Apples and oranges (Score:3, Interesting)

You are comparing apples with oranges. The b

## Re: (Score:3, Interesting)

A one time pad guarantees perfect secrecy. A QC channel allows secrecy as any "listening" devices become in part with the system, thereby allowing detection.

I do think this is a bit excessive by stating.. Data is always time-dependent. Therefore, we only need protect data for X amount of years.

What combination of encryption technologies can we use to make the data physically hard to crack? We need a multi-tiered encryption setup that uses mul

## Re: (Score:2)

## Re: (Score:1, Insightful)

The same way you are going to tell the receiver of the QC message to use Quantum cryptography in the first place.

Lots of people seem to have this confused. Quantum cryptography does NOT give you a way to do secure key exchange without meeting the person you are going to communicate with. If you think about it for a second you will realize that this CANNOT be done no matter what encryption scheme, and no matter what "spooky action at a distance"

## Re: (Score:2)

## Until Mrs. Tenney becomes sloppy. (Score:2)

## Mod parent up... (Score:2)

## ... at this level the weakest link (Score:2)

For a really really good look at security, try to track down the earliest black+white TV series of Mission Impossible - (almost no gadgets, lots of neat social engineering).

Andy

## Actually, Quantum Cryptography Compliments OTP (Score:1)

Quantum cryptography promises, through quantum theory, that anyone trying to skim data from a secure channel ultimately corrupts it. So by measuring the noise level in the channel you can detect an eavesdropper.

A typical Quantum cryptography scheme requires two channels. One of the channels is a classical channel, like the internet,

## Re: (Score:2)

The process of quantum "cryptography" is such that you need to ensure that nobody *now* (when you are transmitting the data) will be able to eavesdrop successfully.

## Quantum hardware DRM... (Score:1)

...would suck.## Re: (Score:2)

## Why is this practical? (Score:4, Insightful)

Is there really anyone out there paranoid enough to need/want this besides various three-letter agencies? Maybe this is proveably secure, we think, but what is more likely - Someone finds a loophole in the very weird world of quantum mechanics that makes quantum cryptography as we know it obsolite, or someone figures out a way to find prime factors of obsenely large numbers in a reasonable time.

This article is about how it may be possible have a quantum crypto setup with a bandwidth of maybe 1024kbps by spending only $20k-$50k on one component to the system. I bet there is a lot of other components.

Compare this with a basic commodity PC, which can could encrypt 1024kbps using AES with ridiculous ease.

## Re: (Score:3, Insightful)

## Re: (Score:2)

Given that we don't know it makes sense to have both.

Advances in quantum computing may make the factoring problem an easy one.

Of course the commercial applications are rather niche right now and cost is no small part of that, but how many things often start that

## Re: (Score:1)

## Researchers Simplify Quantum Cryptography (Score:1)

## Thanks to this new breakthrough... (Score:5, Funny)

...quantum cryptography now requires 30% less cats and 46% fewer radioactive isotopes.

## 50k? no. 5k! (Score:1)

sounds expensive.

except, the real article states: "Bob uses four single-photon detectors, costing approximately $5,000-$20,000 each."

still pretty expensive, but it sounds like you could have a working one of these for only 10k in detectors!

## Re: (Score:2, Funny)

## Re: (Score:2)