

Practical Quantum Cryptography 164
Alien54 writes: "Saw this on Eureka Alert: A commercially available system for quantum key distribution and cryptography has been released by a spin-off company from the University of Geneva. The system has been tested over distances up to 70km (from Geneva to Lausanne) through standard optical fiber cables and connects to PCs via USB ports. Transmission rates of about 60 bits per seconds were achieved, sufficient for key distribution. You can see the original abstract here, which also has a link for download of the paper in PDF, Postscript, and other formats."
All I have to say "neato" (Score:1)
Of course QC is really only secure when they are direct connections. So if we want to use routers and switches to make connectivity practical we will lose the security.
This type of thing would be cool for businesses and such that want a secure connection with other branches or offices. They could do a token ring style idea where they relay from their own branches to reach a wide area.
Tom
Re:All I have to say "neato" (Score:2, Interesting)
Re:All I have to say "neato" (Score:1)
Re:All I have to say "neato" (Score:2, Informative)
Re:All I have to say "neato" (Score:1)
Re:All I have to say "neato" (Score:1)
If you could do both in parallel, I can see this being a very tasty system indeed, being only the cost of the more expensive part (slow/secure vs. fast/not-secure).
THL.
Re:All I have to say "neato" (Score:1)
Re:All I have to say "neato" (Score:1)
Ne'er mind.
THL.
Re:All I have to say "neato" (Score:3, Informative)
The jist is if I send from
A =====> B
and someone traps the bits in the middle
A ===/C/===> B
e.g. an eavesdropper than they will change the spin of the photons and B will know [and in turn A].
So with quantum crypto you can send from A to B without any real crypto and you will be assured that an eavesdropper cannot get the message.
The big problem is this all requires direct connections.
Tom
Re:All I have to say "neato" (Score:1)
I think an evesdropper could intercept the messagse just fine, its just that the reciever would know its been intercepted.. I might be wrong about this, but from what you say here
Sounds like to me that they will still be able to look at the data, but they would know.
Re:All I have to say "neato" (Score:1)
real message, so you don't care if someone
has listened to it. If you find out that no
one has, then you use the random data as a
one-time pad.
Quantum cryptography as practiced is more correctly
called Quantum Key Distribution for this reason.
Re:All I have to say "neato" (Score:1)
I thought that quantum cryptography was a means towards creating a reliable and truly random one time pad (quite unlike the previous claim posted on Slashdot). So A would send a stream of photons to B... B would measure the photons with one of two different measuring templates.... The eavesdropper could also try to measure the photons.... but she only gets one chance.... Now A and B talk on a public line. A asks B, how did you measure the first photon? If it is different than how A intented it to be measured... it is thrown out.... The ones that are left after this process create a random number that both A and B have.
This random number can then be used for the OTP...
Re:All I have to say "neato" (Score:2)
The laser-based system hopes to eventually bounce the signals off mirrors on satelites, sending keys anywhere in the world. (For a price... good for diplomats and military I suppose.)
The fiber systems are still in need of a repeater-like device before they can get more significant distances.
Re:All I have to say "neato" (Score:2)
If it's going to be bouncing light off of mirrors on satellites without actually modifying the light itself, I don't see how they can charge. Anyone that points the dish right can bounce it off the mirror. Of course it also seems you'd have no control of where it eventually ends up (since the mirror will be bouncing it to wherever the satellite is targetting it).
Re:All I have to say "neato" (Score:2)
Spin-off company (Score:5, Funny)
Re:Spin-off company (Score:1)
Re:Spin-off company (Score:1)
Re:Spin-off company (Score:1)
I'm not so sure about practical... (Score:4, Insightful)
As nice as this scheme might be compared to previous quantum cryptography schemes, there are still fundamental problemns with implementing quantum cryptography. First off, you need a single, otherwise unused optical fiber to connect the two boxes. This means running your own cable. There's really no way around that. You're not going to find unrepeated, unused fiber just lying around.
Re:I'm not so sure about practical... (Score:2)
Actualy between 1998 and 2001 comapnies spent 500 billion dollars for fiber optic lines, analists aproximate the surplus of fiber optic bandwith at 95%. Unfortunately I have no english sources for the figures.
Anyway the system is not supposed to be used by every internet user, I think at first the embassies in capital cities will be connected with it.
Re:I'm not so sure about practical... (Score:2, Insightful)
So the type of networking fiber that telco's do and the type that QC requires are not compatible.
[well the cables are the same, I meant the way they are laid out and used]
Tom
Re:I'm not so sure about practical... (Score:1)
Re:I'm not so sure about practical... (Score:2)
Commercially Available Product Link (Score:4, Informative)
Re:Money isn't everything... (Score:1, Offtopic)
Still pay more money? [laugh] "Only the little people pay taxes."
Re:Money isn't everything... (Score:2)
Hmm...so if the top 1% of income-earners pay more than a third of all income tax revenue, the top 5% pay over half, and the top 10% pay nearly two-thirds, how do you arrive at the conclusion that "only the little people pay taxes?"
(Source: http://www.atr.org/talkingpoints/012202tp-2.htm [atr.org])
Re:Money isn't everything... (Score:1, Offtopic)
Gives some insight to what
Thank you for the real stats, but I am sure you will be attacked for not being specific enough, or one of the AC chickens will be pouncing on your syntax.
Re:Money isn't everything... (Score:1)
A lot of government money ends up spent on socially destructive programs like welfare, or given out in "pork-barrel" contracts in order to strengthen some politico's bargaining position. And a lot of the government programs that are worthwhile, like NASA, get almost nothing.
So think before you call for bigger government. Most of the "big" governments of the twentieth century have not been nice places to live... or die, as the case may be.
U.S. restricted? (Score:1)
Re:U.S. restricted? (Score:1)
What exactly IS quantum cryptography? (Score:1, Informative)
The site is located at http://www.qubit.org/intros/crypt.html [qubit.org], and is part of the Center for Quantum Computation (Oxford University).
Here's a nice basic overview of QC from the site mentioned above: "While classical cryptography employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, in quantum mechanics the information is protected by the laws of physics. In classical cryptography an absolute security of information cannot be guaranteed. The Heisenberg uncertainty principle and quantum entanglement can be exploited in a system of secure communication, often referred to as "quantum cryptography". Quantum cryptography provides means for two parties to exchange a enciphering key over a private channel with complete security of communication."
Linux > Help > About [monolinux.com]
Re:Ah but once you know the key... (Score:2, Insightful)
Re:Ah but once you know the key... (Score:1)
Re:Ah but once you know the key... (Score:1)
Re:Next comes the mindset (Score:2)
Re:Next comes the mindset (Score:1)
To me it works against mysticism by drawing into rational frameworks of thought phenonema like consciousness which are impossible to analyse comprehensively within the framework of Newtonian mechanistic physics.
Like many "alternative" things being forced to exist on the fringes of mainstream thought attracts the kooks who habituate those fringes. So yeah some of its crass - read the good stuff.
A little background on QC (Score:5, Informative)
Re:A little background on QC (Score:2, Funny)
If the reader just blinked at that question, there's an article that explains it somewhat.
http://www.suntimes.com/output/zinescene/cst-fin-
The Libra
"I am Homer of Borg. Prepare to be...Oooo! Donuts!"
Re:A little background on QC (Score:2, Informative)
Re:A little background on QC (Score:1)
Seems this page is a Slashdot victim due to Tripod's bandwidth limits...
Google's cache of the page is here [google.com].
Re:A little background on QC (Score:1)
QUANTUM CRYPTOGRAPHY: Uses the Heinsberg Uncertainty Principle to create cyphers that are more or less random. Somehow light patterns were involved, using filters that polarize the light, then repolarize it... about this time I lost interest. Not because it wasn't a great article, it just got a bit deeper that I care to read about right now.
Biomorphic Sequence Generator: Uses patterns of colony-growth to create hundreds of thousands of algorithmns, each one growing and shrinking like a colony of bacteria. Sort of similar to the old DOS-based "Life" game, where you create bacterial colonies and then see whether they thrive or die, or create neat recurrent patterns.
How exactly do these two types of cryptology start off from that to becoming a cypher that can be read by the needed parties, but not by others is far beyond me... and is probably a secret anyway.
The Libra
"We're heading deep into the center of the Earth where a race of mole-people are working 24 hours a day to debug the latest version of Internet Explorer" - Three Dead Trolls in a Baggie
The RIAA Should Fund Quantum Research (Score:5, Funny)
You probably recall how quantum computation works: essentially you shove all the extra computation off into parallel universes and then get the answer back when it comes. Why not expand on that idea and use quantum file storage? The RIAA can create CDs where only part of the audio track exists in our universe and the rest is retrieved from parallel universes by your quantum audio system. This makes file copying mathematically impossible.
Now someone is probably going to pop up and say "well, I can pirate the signal after it has been revirtualized from the quantum foam". I'm glad you brought that up because it leads right into phase two of my idea. In order to listen to music, all consumers would be have sound-decoding chips implanted in their brains. The music would be beamed directly into your head from your audio system.
Thus we see that file copying can be made impossible by those that are willing to pay the price of our freedom. The only solution is to keep quantum computers from becoming a reality
Re:The RIAA Should Fund Quantum Research (Score:1)
Pay attention, you dolt (Score:1, Funny)
Now someone is probably going to pop up and say "well, I can pirate the signal after it has been revirtualized from the quantum foam". I'm glad you brought that up because it leads right into phase two of my idea. In order to listen to music, all consumers would be have sound-decoding chips implanted in their brains. The music would be beamed directly into your head from your audio system.
So Funny! (Score:5, Funny)
"RIAA can create CDs where only part of the audio track exists in our universe..."
I would bet this appeals a lot to RIAA. But why stop there? From what I understand they're looking for a way to sell you the CD so that there's actually no music on it.
Perhaps just a recording of one of the executives in charge saying "Thank you for purchasing this digital music container device. We assume that you have a computer and have downloaded countless megabytes of our copyrighted material. Therefore, we have pre-removed the equivalent amount of data from this CD. Enjoy." Followed by 71 and 3/4 minutes of silence.
Sweat
My day must be more so (Score:1)
Re:The RIAA Should Fund Quantum Research (Score:1)
What if someone manages to get ahold of one of the chips that goes in your brain... after all, it's only electronic impulses.
Re:The RIAA Should Fund Quantum Research (Score:1)
So, given that it isn't written in the United States (where export of encryption is illegal overseas, and punishable by death across universe boundries), we should be able to just download it from an IRC server in one of the parallel Finlands.
Of course, having to wear a metal bowl on your head to pick up the signals as they're rebroadcast might make you looke kindof silly...
Not secure (Score:1)
Re:Not secure (Score:5, Informative)
Re:Not secure (Score:1)
Re:Not secure (Score:2)
Not exactly... (Score:2)
It's really quite clever...
-Mark
Re:Not exactly... (Score:2)
Re:Not secure (Score:2)
Still doesn't prevent truly paranoid stuff, like someone installing BO on your computer, and eavesdropping on the unencrypted stream.
Re:Not secure (Score:1)
Unless the man in the middle intercepts your phone call. Sound implausible? He intercepted your data traffic somehow, didn't he? Or you can put an ad in the paper. But what if the man in the middle calls up the paper as well to correct a 'mistake' in the ad you posted. Or you can post to a newsgroup, but so can he. You can't beat the man in the middle without a shared key of some kind.
-a
Re:Not secure (Score:2)
Re:Not secure (Score:1)
This doesn't work either. The man in the middle might try this, but he will be revealed when the two participants check their observations against each other. Remember, this isn't encryption itself, so much as a way to securely distribute keys.
Non-sequitor. How do the two participants check their results against each other? That's the problem. I write encryption software for a living, so I'm not just babbling here. The quantum key distribution is analagous to a Diffie-Hellman exchange. The principle advantage is that the DH is subject to cryptanalysis and brute-force cracking, whereas the quantum key exchange is not. However quantum KE, like DH, is not secure without proper authentication.
To do authentication, you need some kind of key. The "key" does not have to be a literal string of bits. If you phone the other guy and you recognize his voice and you believe that the man in the middle could not possibly intercept the call and fake your friend's voice, then you could consider your friend's voiceprint to be a form of key.
-a
Re:Not secure (Score:2)
But if you're that paranoid, what's to stop some psychic or savant from somehow guessing the key? Miss Cleo might not be able to testify against you in court, but if she could decode your trade secret for the competitors...
Re:Not secure (Score:1)
If you're talking about some Col Waresque plot that involves a Russian KGB agent who has trained 20 years just impersonating your friends voice, and he is perfect, and also has the tech to intercept and then retransmit, well then I suppose you're screwed.
FYI, we already have multiple cryptographic techniques for key exchange. For example, there's the Diffie-Hellman protocol that I alluded to earlier. With DH, you can still do all the same paranoid stuff you can do with quantum key exchange, such as publishing your vectors in a newspaper or on a newsgroup or phoning the guy and analyzing his voiceprint. But in practice, no one does that, because people use RSA for authentication, and you only have to exchange the RSA keys once. Of course, the weak link in the chain is now the authenticity of the RSA key, which you now have to publish on a newsgroup or webpage, or distribute through PGP web of trust.
So what is the advantage of quantum key exchange over DH? Well, if someone listens in on the DH exchange, they can store the keys and then crack them 10 years from now with their $100 billion brute force cracking machine or their quantum computer. Before they do this, they have to intercept your keys, which means that they are probably either the government or AT&T. In either case, what's so improbable about them intercepting your phone call?
Also, note that you currently have to have a dedicated fibre line connecting you to the person you want to talk to, but for some reason, you didn't want to just meet with them ahead of time to decide on an authentication key. Now who's talking KGB plot?
-a
Re:Not secure (Score:1)
No key exists until the sender tells the receiver which of the receiver's settings were correct. Both sides then use some agreed-upon approach to turn the readings from the correct settings into a key. The only step at that point is to have both sides compare a subset of the resulting key to check that the data stream wasn't corrupted by an eavesdropper.
NSA (Score:1)
Re:NSA (Score:1)
Re:NSA (Score:1)
Just in time... (Score:3, Funny)
After all, I was getting a bit nervous with respect to my encryption needs in light of the retirement of further development of PGP [slashdot.org] and the possible inadequacies of GnuPG [slashdot.org]...
Re:Just in time... (Score:2)
...or should I say, all your keys are belong to us?
What's quantum cryptography/key distrobution? (Score:3, Informative)
http://research.microsoft.com/~gottesma/QKD.html [microsoft.com]
http://www.qubit.org/intros/crypt.html [qubit.org]
http://www.ecst.csuchico.edu/~atman/Crypto/quantu
The last link is particularly +1 insightful about the basics of quantum cryptography.
more reading here... (Score:3, Informative)
The company is: (Score:4, Informative)
Home Page here:
www.idquantique.com/index.html [idquantique.com]
Sneaky (Score:1)
baryon with me for a minute (Score:1)
Doh! (Score:1)
QC solves confidentiality, but not authentication (Score:3, Interesting)
But how do you know who the recipient is? QC offers no authentication. If you have to use public key for authentication, what advantage is gained by using superior methods for confidentiality?
The only one I can think of is that, with conventional cryptography, you can capture the data stream and crack it "off-line". I suppose that this is significant: with QC you only have to worry about whether they've cracked your private key (that you will use for authentication) already, not whether they can in 100 years (because you've used it for encryption).
Another argument might be that it is easier to eavesdrop on a channel than to redirect it. But that seems like a dubious assumption, if the enemy is determined.
Thoughts?
Re:QC solves confidentiality, but not authenticati (Score:1)
Redirection isn't a problem either; to redirect the stream you'd have to observe it, and by observing it you will change it, and make it impossible to view the messages.
I guess you could always kill the recipient and read his messages, but any form of cryptography short of biometric (and others have pointed out the flaws in that) will be vulnerable to that attack.
Re:QC solves confidentiality, but not authenticati (Score:2)
I mean interception, not man-in-the-middle. I cut your fiber and read your photons, without trying to pass them on to the intended recipient. Then, when you try to contact the recipient over some "conventional" channel for phase two (comparing the polarities on the two ends), I intercept that, and we discuss the polarities I intercepted. You require that my messages be signed by the intended recipient, of course, but I've broken RSA, so no problem. Then, you send the message xor'ed with the random bits, and I intercept that. I've stolen the message, and you're none the wiser.
Those light-beam duplication experiments? (Score:1)
Could one of these duplication beams be used w/out being detected? I know normal reception and retransmission IS detectable.
M$ also announced a competing product... (Score:1)
Re:M$ also announced a competing product... (Score:1)
GMFTatsujin
We must thank the cat (Score:5, Funny)
VB35 VL563OG G36JL5JV 6L45J3LN (Score:2)
And that completes our tour of Hilbert Space. Any questions?
Oh for crying out loud! Who let that cat in here? Now I don't even know what i said. That's one dead cat if I ever get my hands on it.
Re:VB35 VL563OG G36JL5JV 6L45J3LN (Score:1)
qANQR1DBwE4DmBod8oWMnB5+t0opVD15zJPHNvLYF1MxaUO
The mandatory swiss joke (Score:1)
Well that's pretty fast for the swiss...
Information Security magazine article on quantum c (Score:1)
http://www.infosecuritymag.com/articles/august0
"Don't touch anything."
Re:Why quantum key distribution? (Score:1)
Re:quantum = lame (Score:1)
"this is useless you linux fags!" They have linux on packets of cig's now?
Re:60 bits/second doesn't seem useful (Score:1)
Alternatively, send a 60 bit key every second for a 8092 bit key embeded in the high bandwidth data stream, use the 8092 bit key to decrypt the next second's block of data.
The important part is to understand that only the sender and the recipient have the keys. As I understand it the process itself is generating non-crackable keys.
Then again, I could be wrong.
-Rusty
Re:60 bits/second doesn't seem useful (Score:1)
Re:60 bits/second doesn't seem useful (Score:2, Interesting)
Similar thing happened to a friend of mine. (Score:1)
yeah, I know a guy that got fired from his job at Boeing for proving that his anti-gravity system worked. Boeing wanted non of it, told him that 'This company obeys the laws of physics'.
Can you direct us to a page with his proof on it? From what I've seen if Eve is trying to listen, then both ends know about it and can send a bouncer type to go kick Eve's ass off the line...If your friend can provide an example of how QC can be broken then I think all of slashdot would like to hear it. (the rest of the world is unimportant)
Re:Similar thing happened to a friend of mine. (Score:1)
I really want to be specific. The problem is, and this isn't a cop out, we all signed serious non disclosure agreements. If I disclose specifics about the technology we worked on, or how we got ourselves fired, our former client would immediately know who we were and I have absolutely no doubt I'd have the wrath of a public company on my ass claiming massive damages.
Let's just put it down to me being clueless and obviously not understanding how it works. "It is easier to discount than to disprove."
Have you ever noticed how many companies involved in security have more lawyers employed than software developers?
M.
Re:Easy to break. (Score:1)
"Los Alamos quantum cryptography uses photons randomly polarized to states representing ones and zeroes. Polarization refers to the direction of oscillation for the electromagnetic wave of a photon. These polarized photons are transmitted between sender and receiver to create a random string of numbers known only to the sender and receiver. This string of numbers becomes a quantum cryptographic key that locks or unlocks the encrypted messages that are sent via normal communication channels. Because the photons cannot be intercepted without tipping off the receiver, the quantum cryptographic key is secure and the data is secure."
So, what is the crux of the security... "Photons cannot be intercepted without tipping off the receiver..."
Really? So man in the middle cannot happen; let's just accept that on blind faith, and quantum cryptography will work. Now, never really believing in blind faith, lets think about how we can be man in the middle without tipping off the receiver, or how about who cares if we do. Don't think about the theory; its not as important as the application.
I drop fibre between A and B for key generation. I turn the magic switch and let the no key sync take place. WTH I just noticed my data is bad. A and B reset. How do I know I am still directly communicating? I jump through a bunch of hoops to make sure my twin is who I think it is and not some doppleganger... now the security is in your authentication/restart procedure, not the theory.