Researchers Simplify Quantum Cryptography

Stony Stevenson writes "Quantum cryptography, the most secure method of transmitting data, has taken a step closer to mainstream viability with a technique that simplifies the distribution of keys. Researchers at NIST claim that the new 'quantum key distribution' method minimizes the required number of detectors, the most costly components in quantum crypto. Four single-photon detectors are usually required (these cost $20K to $50K each) to send and decode cryptography keys. In the new method, the researchers designed an optical component that reduces the required number of detectors to two. (The article mentions that in later refinements to the published work, they have reduced the requirement to one detector.) The researchers concede that their minimum-detector arrangement cuts transmission rates but point out that the system still works at broadband speeds."

Broadband?

[Tubal-Cain]

What speeds are they calling broadband? 200Kbps?

Not the most secure

[BlueParrot]

There is only one cryptography scheme with proven secrecy, and that is the one time pad. Even if you assume no errors occur in its implementation, no physicist can guarantee there will never be discovered a way to eavesdrop on transmissions that use Quantum Cryptography. In contrast with the one time pad a Mathematician can more or less prove, at least to the extent you can prove anything at all, that eavesdropping is only possible if the implementation is flawed.

In practice none of this is relevant since the hassles associated with correctly implementing either QC or a OTP are sufficiently large that for most applications they are both inferior to public key cryptography and symmetric ciphers. There are some exceptions, but the only way you could possibly justify describing quantum cryptography as "the most secure way to transmit data" would be by ignoring so many aspects of information security that it will have no relevance to practical applications.

Why is this practical?

[Johnno74]

I'm all for R&D into pure science, and I'm not bagging the concept of quantum cryptography, but why does this need to be a commercial product?

Is there really anyone out there paranoid enough to need/want this besides various three-letter agencies? Maybe this is proveably secure, we think, but what is more likely - Someone finds a loophole in the very weird world of quantum mechanics that makes quantum cryptography as we know it obsolite, or someone figures out a way to find prime factors of obsenely large numbers in a reasonable time.

This article is about how it may be possible have a quantum crypto setup with a bandwidth of maybe 1024kbps by spending only $20k-$50k on one component to the system. I bet there is a lot of other components.
Compare this with a basic commodity PC, which can could encrypt 1024kbps using AES with ridiculous ease.

Re:Why is this practical?

[mrcaseyj]

I was thinking that it would be foolhardy to trust that some discovery in quantum physics would not render quantum cryptography insecure. But then I realized two things. First, you can always just use QC to wrap conventional cryptography so you get the security of both. Second, conventional cryptography can be eavesdropped on and recorded to be broken someday when weaknesses or more computational power is available. With QC your communications can't even be recorded for future breaking until some new physics comes along.

Re:what's the big deal

[spazdor]

spherical numerical analysis techniques or advanced quantum distribution array matrices.

I was with you up until about there. It occurs to me that there are any number of mathematical terms that could be combined at random to induce the same effect in me, and I wonder if this is true of all the people who modded you up.

I think i'm just gonna take your word for it. :)

Re:Apples and oranges

[Anonymous Coward]

How is your mathemetician going to distribute his one time pad?

The same way you are going to tell the receiver of the QC message to use Quantum cryptography in the first place.

Lots of people seem to have this confused. Quantum cryptography does NOT give you a way to do secure key exchange without meeting the person you are going to communicate with. If you think about it for a second you will realize that this CANNOT be done no matter what encryption scheme, and no matter what "spooky action at a distance" you come up with. No matter what encryption scheme I use to communicate with you, I first need to agree with you to use that scheme, or for that matter, I have to get to know you for the concept of "you" to even make sense. If we have agree to an encryption scheme, we could just as well have exchanged one time pads, or RSA public keys, while doing it.

To put it this way, I made this post, but there is NO way for you to EVER determine who I was. Quantum cryptography won't do it because you don't know who you should tell to be at the receiving end. Asking Slashdot what is in their server log doesn't do it, because somebody could be doing a man in the middle between me and Slashdot right now. If 3 people came up to you tomorrow, each claiming to have made this post, there is fuck all you can do to determine who is telling the truth.

As a consequence, since you cannot even know who I am, you cannot possibly communicate securely with me in the future. After exchanging keys you can communicate securely with some person who may or may not be me, but you will never be able to know for sure it was that person who made this post.

Finally it is also worth mentioning here that QC, like the OTP, is limited in the amount of data you can send before meeting again to exchange entangled particles to be used for future communications. If it was not it would have an advantage over the OTP in that the OTP only lets you send so much data before you have exhausted your pad. As it happens, however, each entangled particle pair can be used only once, since any measurement destroys the entanglement.

Re:what's the big deal

[devman]

The reason governments throw money at it is because whoever can build the first working one would theoretically have the keys to the kingdom. If a working quantum computer existed (and worked as theorized) suddenly secure communication over the internet would be a liability, thats assuming if one ever gets built (and works) and the public knows about it.