Forgot your password?
typodupeerror
Security

Australian Gov't May Employ a Homegrown Quantum Key System 141

Posted by timothy
from the lasers-spin-counterclockwise-there dept.
mask.of.sanity writes "The Australian government is trialling a new Quantum Key Distribution (QKD) system built by Aussie scientists. QKD is considered the world's toughest security because the slightest attempt to intercept the one time keys, coded into lasers at the quantum level, will disrupt the beam. The technology differs from current cryptography tech primarily because it's cheap. Well, less than the $US100k price tag of rival systems. It uses off-the-shelf networking gear instead of proprietary technology, and is built on open standards, so it's easier to install. The random key is encoded at the quantum level in the sidebeam in the phase and amplitude, or brightness and colour, of a highly tuned laser beam. The creators, who built the system in part for their Ph.Ds, said it can be used to transport the most sensitive data like critical infrastructure and secret commercial IP. The days of hand-delivered security keys are numbered."
This discussion has been archived. No new comments can be posted.

Australian Gov't May Employ a Homegrown Quantum Key System

Comments Filter:
  • by d3ac0n (715594)

    So... you could say the Aussie scientists have taken a Quantum Leap in cryptography for the AU?

    *rimshot*

    Thank you, I'll be here all night! Remember to tip your waitress!

  • by Anonymous Coward

    The days of hand-delivered security keys are numbered

    ...but we can't tell you exactly how long you'll have to wait.

    • by Slumdog (1460213)

      The days of hand-delivered security keys are numbered

      ...but we can't tell you exactly how long you'll have to wait.

      We don't know if we can or cannot tell you, or even whether you or someone else will have to wait

  • by joeflies (529536) on Thursday March 05, 2009 @09:16PM (#27085909)

    In general I think that although standard key exchange methods are theoretically less secure than quantum key exchanges, at least the standard key exchange methods are a) well understood, b) tested and c) commercially supported.

    Putting highly secret documents in the hands of a technology made by college students working on PHD thesis seems to be a premature use of this technology.

    It's not the technology itself, but the implementation of the technology that I'd worry about. And cost doesn't seem to be a good reason to take a gamble.

    • by fuzzyfuzzyfungus (1223518) on Thursday March 05, 2009 @09:26PM (#27086007) Journal
      Worse than that. The quantum stuff is really cool, and all kinds of useful for making sure a given bit of fiber isn't being eavesdropped on; but it is only link-level security. You have to have a run of fiber directly between hither and yon for communications to be secure. With ordinary crypto, you can use public internet or untrusted network segments controlled by others, or bailing wire or whatever. That is the ultimate limitation.
      • Re: (Score:3, Insightful)

        by erbbysam (964606)

        Exactly. Is public key crypto broken enough to need to spend any money to switch over to QKD?
        For that matter is public key crypto over the internet broken?

        From the QKD guy in the article:
        "Conventional cryptography is exposed to threats from advances in computing power that provide for brute force attacks,"
        As long as you stay up to speed (ie. keeping your key sizes up to standards), I don't see how this is an issue...

        • by SpazmodeusG (1334705) on Thursday March 05, 2009 @10:36PM (#27086591)

          Exactly. Is public key crypto broken enough to need to spend any money to switch over to QKD? For that matter is public key crypto over the internet broken?

          Yes. Think secret plans that can't get out, even in 20 years time.

          Can you guarantee quantum computers won't be around in 20 years time?

          • by pacinpm (631330)

            All it does is safely transports a key used in ordinary crypto algorithm. So you may use the same futuristic quantum computers to break those keys.

            If you really fear of quantum computers you should up your key length.

      • by domatic (1128127)

        It could be a good compromise on the limitations of both. This could be used to transmit one-time pads in bursts and the pads could then be used over unsecured channels. As it stands, such pads have to be delivered or picked up by hand.

      • by kvezach (1199717)
        You have to have a run of fiber directly between hither and yon for communications to be secure.

        One can use quantum teleportation to build quantum repeaters [stanford.edu]. Add an out of band signal for addressing, and it shouldn't be that hard to make a quantum encrypted network - direct connection not required. If men in the middle rearrange the addressing data, the only thing that happens is that the signal doesn't arrive at the correct destination; the adversaries still can't clone the particle, so they still can
    • You never had to check each and every codebook delivered to ensure someone had not created a 1/4" slice in the side seal so they could insert a camera. I'm sure they don't use paper booklets anymore, but I'll bet the new media is just as susceptible to undetected interception. In addition, old media is still extremely useful, since an opponent need only record encrypted communications and play it back later. The U.S. suffered colossal damage in the 80's due to John Walker doing just that. The ability to sim
  • by Narnie (1349029) on Thursday March 05, 2009 @09:18PM (#27085933)
    So... are the scientists that frustrated with the Aussie internet filter [slashdot.org] that they're employing a quantum key encryption system just so they can get their porn?
  • by SuperBanana (662181) on Thursday March 05, 2009 @09:24PM (#27085993)
    "That's not encryption. THIS, now THIS is encryption."
  • by nog_lorp (896553) on Thursday March 05, 2009 @09:37PM (#27086085)

    Now the Australian government can finally protect their communications from the myriad foreign governments trying to spy on their communications!

    Oh, wait...

    • by timmarhy (659436)
      what makes you think they aren't, and that it's only foreign governments that do the spying? fail.
    • by domatic (1128127)

      You're being facetious but any government is a subject of interest for foreign intelligence services. The Russians for one spy on Canada not because they're necessarily super interested in Canada but because they can glean information about the US or anybody else the Canadians deal with. It must also be said tech like this would afford more protection against the US intelligence services than the Russians. All intelligence serices employ both electronic eavesdropping and myriad forms of "humint" (human i

    • Re: (Score:3, Funny)

      by ozbird (127571)
      More likely, now Australian scientists can protect their communications from the proposed Internet filter.
    • Re: (Score:3, Interesting)

      by Cimexus (1355033)

      Guess where a great deal of the US's intelligence data is collected from. Hint: it's a large, dry country within long-range radio distance from China.

      Guess where that data gets transmitted back to the US from? Hint: several top-secret joint US-Australian bases located in various places in Central Australia (i.e. the middle of nowhere)

      And guess which country has more access to intelligence sharing with the US than any other allied nation (except for the UK)?

      Australia's geographic position means a LOT of US i

  • Wait a minute... (Score:3, Insightful)

    by nog_lorp (896553) on Thursday March 05, 2009 @09:42PM (#27086129)

    It travels over fiber, and "the slightest attempt to intercept the one time keys, coded into lasers at the quantum level, will disrupt the beam".

    How do you route it to its destination? Do you need a dedicated fiber line between the source and destination for this service to work?

    Otherwise, why can't someone just, y'know, intercept it completely and then generate the same key again?

    • Re: (Score:3, Informative)

      by wdsci (1204512)
      Last I heard, quantum cryptography did require a dedicated line. And you can't intercept and regenerate the signal because the laws of quantum physics make it impossible to measure enough information about the beam to generate a copy of it. The way quantum cryptography works (at least this is one simple scheme), the sender of the key transmits photons that are polarized in one of 4 directions: N-S, E-W, NE-SW, or NW-SE. But when you measure the photons, you have to choose whether to make a N-S vs. E-W meas
      • Re: (Score:3, Interesting)

        by TinBromide (921574)
        So, someone with enough knowledge as to which orientation the key will be encoded on can intercept it and generate a new photon with the same recorded information? Because, as you say, you can't record EVERYTHING about a photon at once, and you destroy it as you filter/record it, wouldn't the receiver destroy it as they filter/record it?

        I know that you use a simplified example based on the polarity of the measurements, but if a nefarious evil party had the same equipment configured the same way as the true
        • Re:Wait a minute... (Score:5, Informative)

          by shadow_slicer (607649) on Thursday March 05, 2009 @11:16PM (#27086889)

          The key is not encoded -- it is random. Both the "sender" and receiver have no idea what the photon's characteristics are. They both flip coins to see which type of measurement to make. Then they keep the bits where they made the same type of measurement and throw away the others.

          Any intermediate party will either receive the photon (so the receiver won't) or not receive the photon (and can't measure it). Further, no intermediate party knows what measurements the sender and receiver will make so they can't make the same measurements. If the intermediary can't make the same measurements then it can't generate the same key, and can't generate a passable photon for the receiver. Assuming the sender and receiver have another channel which is secure against man in the middle attacks (though not necessarily secure against eavesdroppers), they can tell each other which type of measurements they made and know what to keep.

      • by bh_doc (930270)

        And you can't intercept and regenerate the signal because the laws of quantum physics make it impossible to measure enough information about the beam to generate a copy of it.

        What you say is mostly true, but slightly misleading. Google "quantum repeater". Basically, it is possible to intercept and regenerate the signal precisely, but in doing so you cannot know what that signal actually was.

        [snip] and if you have access to both the quantum channel and the non-quantum channel, I guess you could pull off a

        • by wdsci (1204512)

          And you can't intercept and regenerate the signal because the laws of quantum physics make it impossible to measure enough information about the beam to generate a copy of it.

          What you say is mostly true, but slightly misleading. Google "quantum repeater". Basically, it is possible to intercept and regenerate the signal precisely, but in doing so you cannot know what that signal actually was.

          Actually I could say the same about what you say. Sure it's possible to intercept the quantum signal, but it is no

          • Re:Wait a minute... (Score:4, Informative)

            by bh_doc (930270) <blhiggins@ g m a i l . c om> on Friday March 06, 2009 @02:01AM (#27087901) Homepage

            I suspect we differ on the definition of "intercept". If you strictly mean "capture and extract information from", then I agree. Any measurement (the "extract information" part) will collapse the wavefunction, destroying the quantum coherences and ultimately (with approaching-unity probability) being detected by the QKD scheme. However, I was using the term in the more general sense of "have some device between", in which case what I said is entirely correct. Here's why:

            Sure it's possible to intercept the quantum signal, but it is not possible to regenerate it precisely - by which I mean reproducing the original quantum state. Read up on the "no-clone theorem" - for example Wikipedia's article.

            I'm well versed in the no-cloning theorem. As such, I know why it doesn't apply here. The no-cloning theorem is in relation to making an identical and independent copy of any (a general) quantum system whilst retaining the original system. In this context it would amount to producing a duplicate signal, independent but equal to the original signal. This is not possible under the no-cloning theorem. (I'll preempt a point here, too: Entanglement is not cloning, although it can sometimes look similar.)

            But, intercepting and regenerating the signal does not necessarily involve ever having both the original and regenerated signals existing at the same time. Take an example of a kind of quantum repeater, a device that converts a photon signal into some other quantum state, say electron spin, and then converts that spin into a new photon signal. It's roughly the same idea as classical repeaters in long-distance fibre-optic communications. Now, I consider this operation to be an interception of the signal and generation of a new signal with the same information. It's a coherent process; all the quantum information in the original signal remains intact. But you can't get back the photons from the original signal, so the no-cloning theorem is not relevant. (A more detailed explanation of the workings of a quantum repeater could include entanglement, which also means no-cloning theorem is not relevent.)

            A restriction on the device is that, to function, it cannot collapse the wavefunction. That means that (at a minimum) it cannot make a projective measurement of the quantum state. Thus, it cannot make any recorded measurement on the state, because that would require making a projective measurement, which would require defining a projection basis (randomly(!), because there's no better way), which would collapse the wavefunction, which would rightly end up being detected by the QKD scheme as eavesdropping.

            So, you can have a device which intercepts and regenerates the signal, you just can't ask it any questions.

    • Not an expert on quantum crypto, but from the sounds of it you will need an all optical link. This does not preclude the possibility of switching and routing though. Many networking functions are already being implemented optically, for example wavelength based switching devices that are all optical, and optical regenerative repeaters. Many of the basic building blocks are already available or being perfected.
    • by skeeto (1138903)

      How do you route it to its destination? Do you need a dedicated fiber line between the source and destination for this service to work?

      Whatever you do, just don't cross the streams.

    • In what must be a first the Aussie government is a step ahead of what is needed. Basically Canberra (the Nations capital & home of more government than you can poke a stick at) has a wonderful fiber network called ICON [finance.gov.au] which happens to consist of dark fiber that is physically patched between agencies. Now that doesn't mean the QKD is a famously good idea since we already have really well thought through key distribution techniques, but it's not the lack of the network that will stop it.

  • The summary says the information is encoded in the frequency and amplitude of the light. Quantum systems encode information in the spin of photons...

    So is it just me, or is this not really a quantum system at all?
    • by khallow (566160)
      The communication model, that you refer to, can encode information via any pair of two state systems that can be quantum entangled. Pairs of photons happen to be a natural way to do that. I gather the approach of the article entangles the frequency and amplitude of small light pulses for a similar effect.
    • by mokus000 (1491841)

      Quantum mechanics applies to a *lot* more than just spin of photons. To name just one example, the classic double-slit experiment demonstrates quantum (or at least non-classical) behavior of the amplitude of light.

      IMO, even if it's true that every "quantum system" developed up till now has been based on photon spin (which I don't believe), any system which depends on a quantum effect would qualify as a "quantum system." Note also that entanglement is not the only quantum effect which might be relevant her

    • by iris-n (1276146)

      Actually, I've never seen someone encoding information in the spin of photons. As a spin-1 particle, they are a 3-state system, not very cosy to use as a qubit.

      Usually people encode information in the polarization of photons. In theoretical physics at least. But I guess for commercial uses its more practical to use frequency, as networking equipment are used to transmit it with high fidelity. But that's just a guess.

  • Like Australia even HAS a quantum handgun. Er...wait.
  • From the original Strine?

    > The random key is encoded at the quantum level in the sidebeam in the phase and
    > amplitude, or brightness and colour, of a highly tuned laser beam.

    Or is it just the gobbledegook it looks like?

  • "The days of hand-delivered security keys are numbered"

    Yeah, sure. Quantum key distribution DOES NOT protect against man-in-the-middle attack. So you'll still need to know that the channel is physically secure before transmitting quantum key.

  • by CrypticKev (1322247) on Thursday March 05, 2009 @10:08PM (#27086379)
    The creators, who built the system in part for their Ph.Ds

    They will encrypt their thesis with it. If ever decrypted, their doctorates will be revoked!

  • Okay but why? (Score:4, Insightful)

    by MichaelSmith (789609) on Thursday March 05, 2009 @10:20PM (#27086485) Homepage Journal
    I am at a loss to understand why the Australian Government would want this standard of security. This requires a dedicated fibre so it only works over a short range and over a land line. The bulk of security issues would be with international communications (say diplomatic stuff), wireless communications (police, military etc) and office networks (the federal public service).

    But quantum won't help you in any of those cases. Oh well. I doubt I will hear if it is ever actually used.
    • Re: (Score:3, Insightful)

      by dbIII (701233)
      I'm at a bit of a loss as to why you think a government doesn't have a military, police force or diplomats.
      • by tftp (111690)
        The GP says that military, police force or diplomats are not that likely to always have a dedicated fiber cable to Headquarters. Most communications to these folks are either wireless, or through switched (public) networks. For this quantum stuff to be usable you need to have a permanent need for high volume, high value link between stationary objects reasonably close to each other, like government buildings.
        • Re: (Score:2, Informative)

          by Cimexus (1355033)

          Well in Canberra (capital city of Australia), most government departments in the Parliamentary Triangle (where all the major/important Government departments area) are connected by a such a dedicated fibre network, that is completely physically separated from the Internet and other public networks This is particularly the case in the defence/intelligence precinct (which is a cluster of buildings in one particular suburb).

          Interestingly I tried Googling it and couldn't find much at all. But it exists ... I'v

          • by anto (41846)

            You are looking for ICON [finance.gov.au] Perhaps it was the *awful* acronym that beat you :)

    • by MrMista_B (891430)

      Anything less secure is monitored casually by Chinese, American, and etc interests.

      Really, I can't make it more simple than that.

    • by AHuxley (892839)
      Australia's internet packets may touch Australia's defense satellite operated by Singtel (Singapore government telco) at some point.

      "SingTel's Optus bid part of 20-year spy operation?" http://www.zdnetasia.com/news/communications/0,39044192,38000285,00.htm [zdnetasia.com]
    • by Threni (635302)

      > I am at a loss to understand why the Australian Government would want this standard of security.

      Derr...it's the Australian Government. Do have any idea what the Chinese, Russians or Americans could do with that kind of technology?

      • If a secure link like this is ever set up most of the stuff going through it will be .doc and .xls files anyway. Workstations on that network will be easy fodder for viruses, etc.

        The Americans practically run the Australian security services anyway. They just have to ask and they get what they want. As for the Chinese and Russians you may have a point there but I doubt using a few links with quantum crypto will add any useful security. Like plugging a sieve.
        • by tftp (111690)

          As for the Chinese and Russians you may have a point there

          If history teaches us anything, intelligence services just love to have agents within the organization that they want to monitor. This way they have automatic decryption of materials, and on top of that they get information that was never sent through the wire - such as opinions, rumors, personal observations, copies of physical materials, etc. You can't replace Max Otto von Stirlitz [wikipedia.org] with a tap on Schellenberg's phone.

  • attn: /. (Score:1, Funny)

    by Anonymous Coward

    for the love of god stop calling us aussies

    do you call yourselves yanks? no?

    fucking cut it out.

    • Some how "Australia Australia Australia Oi Oi Oi" just doesn't have the same ring to it as "Aussie Aussie Aussie Oi Oi Oi".
    • by Cimexus (1355033)

      I have no problem with Americans calling us Aussies, since we often use the term to refer to ourselves as well.

      But it would be nice if they pronounced it right. It's said 'Ozzie' (like Ozzy Osbourne), not 'ahh-sie'. The 's' is more like 'z'.

      NB. Some Americans do say it right. But 90% don't.

    • Agreed. Please everyone call them "residents of West Island".

    • Will do, aussie!
      Thanks for the tip, aussie!

      PS: You can call me "cheese eating surrender monkey", BTW

  • However great this system may/will be, there is no doubt that it's weakness will be the human factor on either end.
  • by Anonymous Coward

    yeah. the human eye doesn't perceive phase: the wavelength or frequency is color, but good luck finding a macro-world equivalent to phase.

  • by Manip (656104) on Thursday March 05, 2009 @10:47PM (#27086679)

    Sorry but you have $100k and you want to increase your security by wasting it on one highly secure pipe?

    That is pretty sad. That money could be better allocated to toughen up systems or to employ spot checks on supposedly tough targets.

    The truth is that almost no security breaches are conducted by cutting lines and intercepting the traffic (with the exception of satellite communications *cough* NSA *cough*).

    Ultimately humans are the weakest part of the system, followed by the destination's security, and then last I'd say the transit between A->B.

    • by tg123 (1409503)

      Sorry but you have $100k and you want to increase your security by wasting it on one highly secure pipe?

      That is pretty sad. That money could be better allocated to toughen up systems or to employ spot checks on supposedly tough targets.

      The truth is that almost no security breaches are conducted by cutting lines and intercepting the traffic (with the exception of satellite communications *cough* NSA *cough*).

      Ultimately humans are the weakest part of the system, followed by the destination's security, and then last I'd say the transit between A->B.

      You discount transmission interception too quickly I feel. Echelon comes to mind and I believe alot of information is gathered this way. http://en.wikipedia.org/wiki/ECHELON [wikipedia.org]

      Im not sure but I wonder if this could be used to defeat Echelon ?

      What is really cool about a one time pad system is that its secure from end to end as long as the key is kept secret. http://en.wikipedia.org/wiki/One-time_pad [wikipedia.org]

      this technology allows the secure exchange of keys. so all you have worry about now is the human factor

  • Cryptography... (Score:3, Insightful)

    by girlintraining (1395911) on Thursday March 05, 2009 @10:51PM (#27086709)

    Will always be vulnerable to a gun to your head and the question "What does it say?"

    Try not to forget the human side of the equation when you're quoting statistics and mathematics.

    • by Eskarel (565631)
      This is true, but generally speaking, when you have an armed gunman in one of the endpoints of a high security communication, you have bigger problems than cryptography.
    • Re: (Score:3, Funny)

      by gandhi_2 (1108023)

      Spoken like someone who has neither held a gun, nor a human head, let alone at the same time, while interrogating a cryptographer, in Australia.

      How does one answer that question with respect to a 10 gig fiber connection? How fast can you say ones and zeros?

      I'm pretty sure firearms are an OSI layer 1 problem.

  • one time pad (Score:3, Interesting)

    by Fëanáro (130986) on Thursday March 05, 2009 @10:56PM (#27086757)

    I do not get the advantages of this system over the one-time pad.
    Is there anything this quantum key system could do that a courier carrying a terrabyte drive with a one-time pad once in a while could not?

    The quantum key may not be interceptable in theory, but you still have to trust the sending and receiving equipment not to leak anything.
    Auditing equipment advanced enough for quantum encryption sounds quite a bit harder than auditing a sealed box with a harddrive and a chip doing XORs for a one-time-pad.
    And people with the neccessary trust and clearance AND the skills in quantum physics should be harder to come by.

    Plus the bandwith of the quantum channel is low, so they are only sending the keys, and send the encrypted data by normal channels. So you also have to trust the encryption algorithm, while an OTP is provably unbreakable.

    • by blueg3 (192743)

      Yes -- it can transmit large volumes of data without trusting (and suffering the latency and costs of) hand-couriered secure encryption keys delivered on drives.

    • Re: (Score:3, Informative)

      by OzRoy (602691)

      This *is* a one time pad. This is Quantum Key Distribution. The quantum part ensures your key has not been intercepted. Once the key is recieved by the other party the actual message is encrypted by using one time pad.

      So the advantages of this over a courier is it's a hell of a lot faster and you guarantee the courier hasn't been mugged and had the pad copied.

      • by owlstead (636356)

        Yes, but you first have to build the infrastructure in a safe way. You cannot just start to communicate. The problem with Quantum cryptography [for key distribution using light] is that it only solves the part where you transfer the key. It's definitely cheaper and arguably more secure to transfer a bunch of disks (for redundancy, you don't want one hdd that can crash) than to build yourself system for Quantum Key Distribution. And it is infinitely more secure to put that money into other security propertie

  • by Anonymous Coward

    Now no-one will figure out which IP's are blocked HAHAHAHAHA! *evil*

    -zifr

  • Now, if only they can put the lasers on some shark's head.
  • Isn't it so, that quantum cryptography prevents attacker from obtaining the message without being noticed, but does not stop attacker that does not care whether he is noticed?
  • They should use it to encrypt the Transit Sidney Timetable. That way, they can be certain it won't be pirated.

  • I guess Alice and Bob http://en.wikipedia.org/wiki/Alice_and_Bob [wikipedia.org] were replaced in the design document with Sheila and Bruce!
  • The technology differs from current cryptography tech primarily because it's cheap. Well, less than the $US100k price tag of rival systems.

    Ah yes, that's so much cheaper than current cryptography. Take TrueCrypt for example, which is, er, completely free.

    Did the summary perhaps mean to state that this system is cheaper than other current quantum cryptography tech?

  • You can do this given a pair of needle nosed pliers and either a soft fleshy bit of the person you want to extract data from, or some of their teeth will also work.

    That's way easier than trying to intercept their keys.

  • Trial is a noun, you can't catting or trailing. They are testing or experimenting. Why invent a non-word when simple words of the CORRECT part of speech exist?

The unfacts, did we have them, are too imprecisely few to warrant our certitude.

Working...