Quantum Encryption Via Satellite 113
Jeff Scarpace writes: "The Economist is reporting that last week, at the International Conference on Quantum Information in Rochester, New York, physicists from the Los Alamos National Laboratories in New Mexico explained how to build a system that will broadcast uncrackable messages via satellite."
Vulnerable to Man In The Middle Attack (Score:2)
However, the method is still vulnerable to a complete Man-in-the-Middle attack where attacker (call him Malcolm) COMPLETELY intercepts the key stream from Alice to Bob, blocking transmission to Bob entirely. Malcolm negotiates with Alice until they both agree on a key using the same method described, Malcolm pretending all the time that he is really Bob. Malcolm then initiates a new photon key transmission to Bob, as if he were Alice, and negotiates a separate, completely different key, with Bob. Once the real encrypted data begins to flow, he intercepts it, decrypts it with the Alice-to-Malcolm key, then reencrypts it with the Malcolm-to-Bob key.
There are ways to work around this, but they are all the domain of existing cryptography technology. So in reality, this "encryption" scheme, while using quantum physics to perform a key exchange/agreement, doesn't buy a lot that's new. Sure, it's a good idea, IF it can be made practical, and IF a complete protocol for use can be developed that avoids MITM attacks (and anything else this sort of key agreement/exchange system may turn out to be vulnerable to).
Unfortunately, he article described the key exchange as uncrackable encryption. That was a naive mistake. The method of key agreement/exchange was just that, a way to agree upon a key securely (barring a MITM attack). Once the key has been exchanged using the described method, even if it is secure, the data to be sent/encrypted is still most likely encrypted using a standard, existing algorithm, as vulnerable or as strong as that existing algorithm is today.
Re:Hmm. (Score:1)
The reason behind this is that distributing one time pads to everyone you may want to communicate with is not really feasable. If you can get a large amount of random bits to your compatriot securely, why not simply give him the message over that channel?
One-time-pads must be just that, one time, because reuse of the keys makes them eaiser to crack. (Aparrently, this is how the NSA's VENONA intercepts worked.)
Pgp is nice because it doesn't presume that a secure channel exists, and it allows a large amount of data to be exchanged without a high probabilty of decryption. (Unless the NSA knows something we don't.)
BTW, if you're ever in the Washington DC area, visit the National Cryptologic Museum, just outside the NSA compound in Ft. Meade, MD. They have some really neat stuff there, including Enigma machines that people can just use.
Re:Hmm. (Score:1)
I came up into systems administration by way of helpdesk, so I learned a good knack for breaking down complicated issues into little two-sentence paragraphs, when documenting things for end-users.
--
Re:Hmm. (Score:2)
The problem is that since you use each one exactly once, each side has to have either the same list of pads or arrange a new pad for each message.
If you have a list of pads, that's subject to theft/social engineering/other compromises ahead of time.
If you arrange a pad for each message, you need to transmit the pad over a secure channel to avoid man-in-the-middle attacks. And if you have such a secure channel, you don't need one-time pads, you can just send the message itself securely. Note that this problem also applies to distributing lists of pads.
[Note that the idea of creating a public-key secure channel to send a symmetric one-time-pad-style session key is how almost all 'public-key' systems actually work, for performance reasons.]
Basically one time pads are perfect in very limited circumstances, but completely unusable for basic day-to-day end-to-end encryption.
That's what public-key crypto is all about -- the ability to publish a key far and wide whose encryption can ONLY be read by a different key.
--
Re:Hmm. (Score:2)
You can quickly run into a scalability nightmare, though. You can't use the same CD for multiple friends, and here's why. If you give the CD to two friends, and you send a message to person A using up bytes 100-200 of the OTP, somehow person B has to get the message not ever to use bytes 100-200, or else it's no longer a OTP, it's a repeat key subject to cryptanalysis.
So, somehow friend B has to get the message not to use those bytes. You could cc B on the mail, or send out a separate notice that those bytes are used, but then you have a lagtime factor -- both you and A could be sending to B at the same time using the same byte range.
The only solution to this, if you actually want to use your OTP's in a one-time fashion, is to have a separate OTP CD for _each_ relationship you have. With you, A, and B, that's two CD's per person, three total unique pairs. Add in C, and that's three CD's per person, six pairs. Add in D, that's 4 CD's per person, ten pairs. E, 5 per person, fifteen pairs. And on and on.
That's the basic scaling nightmare of ANY symmetric key solution, whether it's OTP or simply static keys.
The thing that makes public-key more secure is that you can encrypt your private key such that even if it WERE stolen. it has to be brute-forced open just like your mail would. With a symmetric key scheme, you can encrypt your key, but then you have to pass that key AND the decryption method around, meaning your local key is only as safe as the weakest link of your web of trust. With public-key, your local key is as safe as you, yourself are.
Sense? Your idea COULD work, but you're basically reinventing the wheel and inheriting a lot of the problems that were ameliorated (not solved, mind you...) with the rise of cheap and easy public-key schemes.
--
Think I figured it out (Score:2)
But it's also relying on a random bitstream with VAST bandwidth (10 million million "numbers" per second is 100 Terabits/sec if a "number" is a byte, right?), the idea being that whatever stream you use has to be signifigantly beyond anyone's ability to record it. Since no one can record it, the public key exchange only has to be secure for as long as it takes to get to the start point, which should be somewhere between right away and far enough down the line that no one can save that much data. If you can increase the bandwidth of the bitstream, you can shorten that time, otherwise you just wait longer.
But if the bandwidth is too low, then your public key exchange may be cracked before the start of the bitstream is hit, so it really does need to be huge.
So, the requirements are actually that you have a communications channel that can't be cracked in the amount of time it takes to transmit the bits for the key, and that you're transmitting enough bits in that time that no one can save them.
It's a neat idea... but wake me up when I can get 100 Terabits/sec into my house.
Re:Think I figured it out (Score:2)
Actually, strike that. It doesn't really require 100 Terabits/sec of network capacity, it just needs a hardware device that can take random data (which both parties receive) at that rate and pluck a key out at a specified time. Quite possibly from a satellite, but any kind of broadcast will do. That's probably feasible in some form, but still not easy.
Neat. (Score:2)
Re:Sounds great... (Score:2)
Of course there's always the usual hardware hacks...
Granted, and of course, you're right that that's how it's done nowadays - to my knowledge, nobody's cracked the regular old public-key crypto they use now. So attacks uniformly consist of avoiding the triple-locked front door and looking for less-secure back doors. And that'd be how you'd attack it in the future, regardless of whatever super-duper encryption is used.
Re:Sounds great... (Score:3)
It'll be the end of the DirecTV pirates, anyway.
Re:But how do they measure the same photon? (Score:2)
No, I'm not a reading major (which I don't think exists). But my english comprehension is pretty good, which is why I don't think this story makes sense.
Re:But how do they measure the same photon? (Score:2)
If you send lots of photons for each bit, so that multiple copies of each photon are available to both bob and eve, then eve can crack the key! Eve can just receive multiple copies of the photon, and perform all three polarization tests which bob might perform, and the whole thing falls apart.
Remember, quantum crypto is based on sending single photons. That's why it works. Alice measures a photon and then sends that exact same photon to bob. Not a copy. Not a hundred copies. Certainly not enough that anybody with a telescope for five miles can see it! One photon.
But how do they measure the same photon? (Score:3)
But how the hell are you supposed to do this via a satellite? I find it simply incomprehensible that a single photon could be successfully bounced off of a satellite and detected when it hit the Earth. Or even successfully shot between two points on the Earth. And if you can manage to send single photons between two points, why not just send plaintext? Sure, someone might tap a fiber without your knowledge. But "tapping" open space without anyone noticing?
Hmmm, boss, there seems to be a van with dark windows parked between alice and bob. Maybe we should stop transmitting? Dont' get me wrong, quantum crypt is neat stuff. And I definitely think it has applications. But not for sending messages thru open space. By the time you have solved the engineering problem of sending single photons reliably over long distances outside, the crypto is meaningless. If you want to see if any one is listening, just look. If your enemies figure out how to make their eavesdropping equipment invisible, you have bigger problems to deal with!
Re:Two reasons why this isn't big (Score:2)
Many of those applications do not involve networked hardware. Perhaps, systems for transmitting nuclear launch codes. Or discussing troop movements.
--
'broadcast' and 'quantum encryption' mutually excl (Score:2)
Quantum Crypto, such as it is in current theory, is purely a single point to single point system. Not to say that you can't use a satellite, but the language used to describe it needs to be chosen more carefully.
Kevin Fox
--
Re:Quantum crypto to find NSA goons? (Score:1)
Re:Not New, but Important (Score:2)
You probably mean RSA et al. (ie. public key encryption), which also doesn't rely on the assumption that primes are hard to find (because, in fact, they aren't), but rather that composites of two large primes are difficult to factor, or that discrete logorithms in a modular field are hard to invert.
And yes, I assume that now someone will nitpick this message.
Won't work... (Score:2)
All you have to do is bend a piece of fiber slightly - just enough to slightly alter the reflection properties of the cladding. A small percentage of the light will be refracted out of the glass, allowing whomever to intercept it and read the signals.
The only thing that the receiving end will notice is a slight increase in the dB loss. They may notice if they've already established a baseline, but in a trans-oceanic fiber, there are too many things that can degrade the capability of a fiber. A few extra dB loss wouldn't be a worry.
JJ
Re:still subject to "human engineering" (Score:2)
http://www.4thestate.co.uk/cipherchallenge/ [4thestate.co.uk]
The book has a good summary of Quantum Encryption, among other goodies.
Re:Problem (Score:1)
As long as everything is truly random.
Is this really new? (Score:1)
Re:Two reasons why this isn't big (Score:1)
Tom Swiss | the infamous tms | http://www.infamous.net/
Re:Two reasons why this isn't big (Score:1)
Foolish Rabbit... tricks are for kids. (Score:2)
As CmdrTaco always says, if they put it in our hands, someone will find a way to open it up. The same technology used to create the cryptography will be used to tear it down.
Luckily, human error is in our favor, and not of those wishing to keep the data hidden. It takes but one oversight to bring an entire empire down.
So the numbers get larger, the data gets crazy and all the slide rules in the world can't help you now. Its like those damn kids won't let us have the cereal. Who are they? What is just one bowl for one rabbit...
Of course, before ou know it, many rabbits are getting many bowls and the cereal factory closes down. So they would want us to believe! The truth is, many rabbits simply choose to purchase their own box of cereal... it is much simpler then fighting 3 or 4 of those brats on a dailey basis.
So in the end... those who want cereal will get it one way or another... eventually the majority will move onto something better like carrots and coffee.
Re:Foolish Rabbit... tricks are for kids. (Score:2)
I didn't want to say Trix(tm), I might infringe on someone's intellectual property rights and before I know it, three lawyers show up on my door with a baseball bat and a court summons.
Re:Quantum Encryption (Score:2)
It's (relatively) easy to send photons in a certain quantum state, which will then be decoded.
It's really freaking hard to get those quantum states to do computations for you. Note that the biggest quantum calculation they've done to date, last I knew, was 4 bits.
Just because they're both "quantum" doesn't mean that the technologies are related.
--
Vanishing Key Crypto more feasible (Score:3)
It's 100% unbreakable and available without any high tech satellites.
Mr. T: "Enough jibber-jabber fool" (Score:3)
Though it is too late for this response to make any difference, I'll waste my breath.
Quantum mechanically, a photon is an eigenmode of Maxwell's equations for the system under consideration. A photon is commonly thought of as a localized particle of light. It is not. It is most analogous to a wave (a plane wave is an eigenmode of free space; in a complicated system, the eigenmodes are less straightforeward).
A photon is not localized. A superposition of photons may be localized. Such a superposition is best called a wave packet; it is not strictly a photon though.
Confusion over this is why very few people can actually make sense of quantum mechanics, especially if explained without mathematics (all that non-sensical jibber-jabber about wave-particle duality with bad philosophy thrown in for good measure).
At no point in any quantum mechanical formalism I've seen (Hamiltonian-based, Lagrangian-based, Heisenberg matrix mechanics, Schrodinger wave mechanics, Feynman path integrals, relativistic field theory,
Quantum mechanics is about waves (or more precisely eigenmodes of the Hamiltonian). Superpositions of waves makes particle-like excitations.
So, you can send a single photon everywhere. For a quick example, think of the two slit experiment. It still works when the photons pass through the system one at a time (this has been experiementally demonstrated). Thus, one photon passes through both slits and interferes with itself on the other side.
If photons were localized, as you seem to think, the two slit experiement would fail.
However, producing a single photon is not simple. Devices like lasers will produce a spectrum of photons with a certain narrow energy spread and a certain narrow angular spread. Such superposition of photons will be localized in space and are what people often call photons or particles of light. The probability of detecting such a wave packet in two widely separated places is negligible.
However, other devices (like say an antenna) produce wave packets which are not localized.
And in response to another post:
The reason that quantam[sic] encryption isn't used everywehere, is that it's so darn hard to detect the spin of single photons.
Detecting the spin a stream of photons is much easier than you think. Photon spin and photon polarization are closely related (photon spin is a different set of basis vectors to express photon polarization). Detecting photon polarization is trivial (sunglasses anyone?). Detecting a single photon's polarization with a bit error rate low enough to be usable over long distances is more challenging but not impossible (especially if you are just doing key exchange).
Yes, I have a Ph.D. and quantum electronics is my day job.
Kevin
Re:Bruce Scheier comments on this (Score:1)
Bruce Scheier comments on this (Score:3)
Woman-in-the-middle can still work (Score:2)
If you've got an authenticated channel between Bob & Alice though (not necessarily encrypted, just authenticated), then this sounds pretty cool.
Re:Sounds great... (Score:2)
Highly doubtful. First, you would have to replace every cable box and dish to handle getting the qbits (I'm assuming that normal cable dishs cannot handle doing this, which seems highly likely). Not to mention launching new sattelites, which would be even more expensive (especially because then you esentially throw away your investment in the previous generation of sats).
Secondly, you would need some 'normal' hardware to actually encrypt the video stream once you've exchanged a key. People have had great sucess breaking this stuff in (IIRC) Europe. Good tamper-resistant hardware is hard to do, and expensive to boot. Also, even if the key exchange itself is unspoofable and untappable, you can always try to get the key out of the normal silocon that it's stored in afterwards.
Of course there's always the usual hardware hacks, like pulling the video/audio after it's decoded directly from the chips into some specialized hardware which then dumps it into a PC. Messy and hard to do, but possible.
Quantum Cryptography is nice, and certainly very interesting, but rarely are social problems solved by technological means alone. The DirecTV guys, and others, might have to works a little harder, but it seems highly unlikey that DirecTV, or whatever, would become un-copyable. I say this because nobody has ever managed to make anything uncopyable (and semi-usable at the same time), despite any number of grand claims to the contrary.
Re:A bit of clarification (Score:1)
Re:Hmm. (Score:1)
With PGP, however, the public key can be known by everybody, and it's all that Joe Blow needs to know to communicate securely with amazon.com. Furthermore, public keys can be endoresed by trused corporations - "CA's" - in such a way that Joe Blow knows definitively that the amazon.com public key he has it truly genuine.
Re:The Economist? (Score:1)
Re:Bruce Scheier comments on this (Score:1)
--
Re:I see a problem here (Score:2)
--
Re:The No Clone Theorem (Score:2)
--
The No Clone Theorem (Score:3)
--
Re:Is this really new? (Score:3)
--
Re:Not New, but Important (Score:1)
Re:Man in the middle attack (Score:1)
The cat may be alive or it may be dead, but god does that box stink.
So store and forward basicly becomes impossible. (Score:3)
Ok. So it's fine to authenticate the source of the transmission, assuming that you only care about the last machine to touch the transmission, but when the transmission passes through multiple machines you can't prove the original source from the data received at the destination. All you can do is hope all the previous connections are trustworthy.
Now how many people here work with a technology that has NO store and forward capability?
Man in the middle attack (Score:1)
Maybe im confused since IANAP (physicist) (Score:1)
Re:You are confused since YANAP (physicist) (Score:1)
Re:Hmm. (Score:1)
In your example, You've used all printable ascii in the message and even started the sentence with a capital letter. Again, it gives me something to work with. In a nutshell, you're demonstrating the weakness in SSH and how others have shown that it can be cracked, given enough effort -- and who's to say that a computer won't be capable of performing that decryption 10 years from now?
So, in a nutshell, you've definitely demonstrated a solution -- it's just not a perfect solution.
Re:Quantum crypto to find NSA goons? (Score:2)
Re:Echo (Score:1)
---=-=-=-=-=-=---
Re:hmmm.... (Score:1)
This one is based on quantum cryptography, although there's no information in the article as to specifics on how they intend to transmit discrete quanta over satellites.
Exchanging one-time pads (Score:1)
still subject to "human engineering" (Score:3)
Re:Maybe im confused since IANAP (physicist) (Score:1)
The satellite doesn't break the laws of physics; it doesn't make any measurements, so it doesn't have to recreate the stream of photons.
Re:I see a problem here (Score:1)
Did you read the article? The Los Alamos people are doing an experiment to attempt to do this. They don't know how to do it yet. That's why it's called an experiment.
Quantum Fun (Score:1)
Although a pgp key is unbreakable byt brute force means, anyone can sniff the key to decrypt the messages after the key exchange
Although you can sniff a key during the exchange, it's not that easy for everybody, so not anyone can break a pgp encrypted message
But, thanks to Quantum encryption, we can be assured the key exchanged was not sniffed, and then safely use a simple channel to echanged encrypted messages
But, thanks to Quantum computers, this very same key will be cracked in no time, without need to ever sniff it, thus making the cracking technology easier to anyone (with access to a Quantum computer)
It's amazing how quantum technology adresses all needs in crypto...
Re:Sounds great... (Score:2)
the idea of this cryptothing is not so much to encrypt things in a way that only a few person will be able to decrypt it, but to detect when somebody else is listening...
it is not a copy protection or an encryption scheme that is offered here (despite the misleading introduction), but a garantee of privacy. you have a conversation with a remote host, and you are garanteed noone else heard what was said. now if someone could hear it, well too bad.. maybe he will be able to decrypt what you said. the facct is, you will be aware of it. So, then about the encryption stuff.. it's about the same problem it was before.. the new thing is just that when you send your dynamic key to the host, you can be sure only it have the key you sent, if you are warned "somebody was listening". you can change the key and again and again until the key is exchanged without anybody else listening.
so you could very easily dos it
(just by listening all the time)
Anyway, you don't have a better brute force cracking protection than before, you are just making sure that brute force cracking is the only way they can get the key...
Also, to get (just) sure of that is so hard and painful I don't think it will be aplicable yet to point->many points (Direct TV) Anyway... it's possible I just didn't understand the whole process (very possible)
Re:Hmm. (Score:2)
Then win2k shit, and I started over.. must of left that out.
I think that the OTP file would be just as vunerable as your private key, because, after all, it is stored on your computer, that's subject to theft/social engineering.
But for people who you can trust (friends) - and are competent, do you think this method would work?
I'm writing a program that does, and just wondering about how good something like this would be.
The slashdot 2 minute between postings limit: /.'ers since Spring 2001.
Pissing off coffee drinking
Hmm. (Score:3)
I'm not talking about simple XOR, where every character is changed by a single amount (which can be solved by running a loop 256 times), but one where each character is modified by a different value, based on a "one time pad" file.
i.e.
Bob, lets kill Joe tonight (message)
a4g6uk98hgdwegfh6532d7ih44 (key, also includes high ascii values which are not here because of the lameness filter)
gregjlghrtg095gjr234fsasdf (result, also high ascii)
I'm assuming, that without the key (or a way to duplicate it), that the message would be "unbreakable", because without knowing the key, there is no real way to decrypt the message - Sure, you can try every possible combination, and even filter out results that don't make sense (or aren't in a dictionary), but there are still thousands of
a four letter word could be
"four"
"kill"
"hell"
"fuck"
"HTML"
"idea"
"hack"
"shit"
"book"
"unix"
"1337"
"them"
"blow"
" bob"
"b ob"
"bob "
etc...
It would seem that the same restrictions apply
PGP users have to keep their private key safe, just as users of this method would have to keep their "key disk" safe.
I belive PGP can be broken with enough time / effort, as could this method, but I belive that there would be a shitload more garbage for people to sort through using this method. Besides, I'm sure that the NSA has some way of reading PGP / whatever encrypted messages already. Seriously, the stealth bomber was designed in 1970, and although it's not the "best of the best", it is still considered an acheivement today, they have some pretty nifty shit somewhere.
The advantages I see to encryption like this are:
- Keydisks can be physically destroyed quickly. Stuff on HDD's tend to stay there, you smash a CD, it breaks into several hundred pieces, tends not to be put back together.
- A message could be one of thousands of the possibilities, and without the key, it would be unknown which one was actually correct. I'm sure you'll get some great works of literature (i.e. monkeys writing shakespeare) popping out.
- With some additional ambiguity, such as codenames, possible translations of the message, padding the message with garbage values, a constant message size, bad spelling, personally giving the disk to the receipient (business card CD's would be perfect for this, although the 8cm ones look a lot cooler for this), etc.... it would seem that this system would be VERY secure.
Of course, there would be no way to prove that you didn't write "bob, lets kill the president tomorow" without handing over the key.
If anyone can help me out / unconfuse me, it would be great... Suggesting some good sources would be great too.
Thanks.
The slashdot 2 minute between postings limit: /.'ers since Spring 2001.
Pissing off coffee drinking
Satellite and Quantum are separate systems (Score:1)
The encryption via satellite that they mention is just the Zong-Rabin hyperencryption system [harvard.edu] and has nothing to do with quantum encryption. It's just the streaming one-time-pad with the assumption that no one can store the bit stream for long enough to retrospectively break an arbitrary message.
The author (Score:1)
A bit of clarification (Score:3)
The communication doesn't have to travel via satellite. The satellite is just used to exchange keys.
Or, in other words, this solves the same problem as RSA and D-H key exchange techniques. Once both sides have agreed on keys, you could use carrier pigeons for the actual excrypted data transmission.
b&
Quantum Encryption (Score:1)
SO
as soon as quantum computing shows up:
1. RSA, Lucifer, Raindoll are all rendered useless.
2. A better(and THEORETICALLY unbreakable) way to encrypt also is possible due to quantum computing.
Re:The No Clone Theorem (Score:1)
Re:I see a problem here (Score:1)
Re:Vanishing Key Crypto more feasible (Score:1)
But how did Bob know the sequence? From the standard-encyrpted message. If that standard encryption can be cracked, anyone can then use that info to grab the same sequence of random numbers from the satellite (or wherever). Yes? No?
Cracked... (Score:1)
Mmmmmm. Quantum Spice channel.
Viv
-----------
To paraphrase Doctor Who (Score:4)
DW: I never cared much for the term "uncrackable", it seems a bit too much like "unsinkable".
Brigadier: What's wrong with "unsinkable"?
DW: "Nothing," said the iceberg to the Titanic [glug glug glug]
Well, your fingers weave quick minarets; Speak in secret alphabets;
Two reasons why this isn't big (Score:5)
1) It isn't anywhere near feasible for common use, nor cheap enough.
2) We already have "pretty good privacy". It's not the best, but it is sufficient and now we need to work on the next big step: securing both ends.
I think we've pretty much covered the encryption news to death and left out some of the big stuff, the compromising of a machine on either end of the communication.
What good does a secure method of communication do when the website you are dealing with stores your credit card info in clear text databases on machines 4 different crackers have access too?
What good is securing a transmission with a customer when their Windows box is already compromised by a Subseven server?
I guess what my biggest beef with secure communication overkill like this is that we've already determined it is possible to secure a transmission. We haven't determined how to properly secure both the client and the server.
Re:so... (Score:1)
The Economist? (Score:1)
Anyone have anything from a better source?
sorry to intrude on others' territory... (Score:1)
~
Re:still subject to "human engineering" (Score:1)
jeez.
~
Re:Hmm. (Score:1)
And another thing: you don't need to disclose the length of the message. Just set a size for every message, say, 1000 characters, and always send 1000. If you only have 40 characters, then just XOR 0 with 9960 bits from the one-time pad. It's equally giberish. If you want more than 1000 characters, then write near the end "Continued next message.". Through a one-time-pad method, you are guaranteed to be secure, but you need to have met securely with anyone you want to communicate with, and exchanged as much random data as you ever want to send. Random data is hard to find and keep secure, when there's lots and lots and lots of it. (As much as you ever need to transmit before you meet securely again). Through PGP, if I want only you to see a message, I get your private key from a server I trust. It doesn't matter if anyone else sees the key, they can't unencrypt what I encrypt just because they have it too. That's why it's ASYMMETRIC. Only the private key can unencrypt. So now here I am at an unsecure computer, with my every step watched and recorded, I download my own public key, I encrypt a file on the harddrive, and I erase the original. They've seen my key, but they still can't unencrypt anything.
~
sorry to intrude on others' territory (Score:2)
plus 128 more cats
now we meow secure.
~
Re:Hmm. (Score:2)
~
Re:Hmm. (Score:2)
~
hmmm.... (Score:4)
~
Re:So store and forward basicly becomes impossible (Score:2)
Once you've compared the test results, you can positively identify what photons have and have not been tampered with along the way - you pull out only those which have not been tampered with and use their values to build a key.
This gives you a secure key exchange protocol that guarantees the key has not been intercepted or compromised. Then you can engage in encrypted communications on ANY other medium.
Re:Sounds great... (Score:2)
The trouble that occurs to me is that if you're using the tech onboard a satellite to handle key exchange you have to trust the people who admin the satellites. That's fine if you're the pentagon or some big corp. which can buy its own satellite, but its true that doesn't help the little guy.
I'm not an expert on optics tech. but I think if photons can be sent down a glass fiber reliably they should also be able to be bounced off a satellite reliably. I mean bouced off its reflective surface, not transmitted to any gear on board.
Anyone ever seen or heard some amature astronomy geeks finding lunar lander remains and bouncing lasers off the reflective foil for fun? Well imagine that with a few hundred dollars in amateur astronomy gear you could set up a completely secure key exchange by bouncy a laser off floating space junk to your buddy half-way round the world ( of course curvature of the earth comes into play for lines of site to whatever satellite you choose ).
Re:But how do they measure the same photon? (Score:2)
"Tapping open space" as you call it is the easiest thing to do. All you need is a telescope. You can't watch everyone who has a telescope - that's absurd. Think of how much opportunity there is for refraction off the atmosphere and reflection off the satellite - if you sent plaintext anyone with a telescope could read what you're saying.
And besides - this isn't about message transmission, its about key exchange. You only need a short burst of a fraction of a second to send enough photons to make up an encryption key longer than any cryptosystem in existance could need.
Re:Quantum crypto to find NSA goons? (Score:2)
But, given that they have got some technique that can read information being sent and not leave this "echo", the quantum testing method should still be able to positively identify that someone is siphoning out photons, or intercepting and replacing them.
Re:Bruce Scheier comments on this (Score:3)
Basically you transmit a very long sequence of bits, and agree at a point beforehand to select out a given subset of this as a key. It all hinges upon an agreement of exactly what subset of the bits to use, and that an intermediate party does not know that subset.
The issue on a key exchange server onboard a satellite using quantum crypto is quite different. It involves setting and then measuring properties of individual photons of light, much more complexe than the system in the counterpane article.
Quantum crypto to find NSA goons? (Score:4)
It would be funny if the latest thing in crypto was able to catch the NSA with their pants down.
Re:so... (Score:3)
Yet one more reason to procure an aluminum foil deflector beanie [zapatopi.net]; when the aliens, thinking they're helping, begin transmitting quantum-encrypted mind control beams to counteract those of the military-industrial complex, if we don't have adequate protection we'll all go into convulsions, frothing at the mouth as our brains are overwhelmed by gibberish instructions. Society will end as we know it and the forces behind black helicopters and Jimmy Hoffa's unexplained disappearance will emerge from their hiding places to take over the world!
Protect yourself now [zapatopi.net]!
This will work... (Score:1)
"I am a man, and men are
animals who tell stories."
yeah, but what abt ppl? (Score:1)
Anyway, we had given up hope and he took me to the server (we were exploring it remotely) room. Only to find that one of the developers had looged on as root and left the system as such.
What I mean to say is that when you have developers, the so-called programmers and 'elite' computer literates being so reckless, the security system ceases to matter altogether. Because the fault would ultimately happen at the human end.
All this technology is great, but then the ppl using it should be careful enough. No use having a quantum encryptor and then sticking a printout of your private key on your table.
"...Fear the people who fear your computer"
Uncrackable? (Score:2)
But what about if Eve also intercepts the "agreement" photon string and compares it to the ones she has sampled? She would be able to reconstruct the key, although she never really sampled it and thus violated QM principles.
Should Eve adopt the so-called "bucket-brigade" strategy--to intercept and resend photons as quickly as she can--she will still give her presence away. The uncertainty principle dictates that Eve cannot copy Alice's photons exactly.
She can't copy them *exactly*, but to a very good degree limited by the specifications of her equipment. She will never be able to copy them 100%, but 99.99999999999% is very possible and very legal under QM rules. So, for example, if Eve was using a very sophisticated method of reading and sending photons, and Alice and Bob's method was only slightly less sophisticated, Eve would be able to succesfully crack the communication by fooling the two into thinking the photons were authentic, when in reality they differed only slightly by an unmeasurable amount, and thus for all intents and purposes were logically the same, but not physically identical. In order to really tell one photon from another, you have to have a measurable wide margin. When they get so close together that each seems as if they are the same, for our purposes they are the same. You'd have to have infinite (uncertainty principle impossibility) resolution in order to tell two very similiar photons apart. So the same very secure "law" is actually a two-edged sword.
Just because it's impossible to "directly" crack a communication doesn't mean its not uncrackable and quantum laws of the universe can't save it either. It doesn't take into considerations things like equipment sensitivity, and other real world things like that which go beyond how it would ideally work, or how it would work on paper. Heck, if someone really wanted the information, they could kidnap and force the people to admit it. That's crackable as far as I'm concerned, which leads me to my next point: if it's written down, known by someone, or even happened, there are always was of "cracking" the secrecy.
Sounds great... (Score:2)
Dancin Santa
I see a problem here (Score:3)
Re:But how do they measure the same photon? (Score:1)
I'm no quantum physics major, but you are definitely not a reading major. It says right in the article their work has led them to believe they can send a single photon reliably, day or not, good weather or bad.
If your enemies figure out how to make their eavesdropping equipment invisible, you have bigger problems to deal with!
By using satellites, you can broadcast your message EVERYWHERE. So technically anyone and everyone can intercept the message, they just won't be able to do anything with it.
so... (Score:3)
Further Reading (Score:2)
You are confused since YANAP (physicist) (Score:2)
--
Re:Two reasons why this isn't big (Score:3)
The bottom line is that this technology hinges on the ownership of secure nodes at either end of the optical path. Unless the public network goes all-optical and can route single photons from one end to the other, I don't see how this can be of use to the public.
--
Re:A bit of clarification (Score:1)
Re:Vanishing Key Crypto more feasible (Score:1)
Re:So store and forward basicly becomes impossible (Score:2)
The message itself you may as well publish on the web.
Re:The author (Score:1)
How is it possible for you to read the article and miss this:
Last week, at the International Conference on Quantum Information, in Rochester, New York, they explained how to build a system that will broadcast uncrackable messages via satellite.
Re:Quantum crypto to find NSA goons? (Score:1)
Not New, but Important (Score:4)