Ultrasecure Quantum Communications Over Thin Air 214
SlashDotIDOne writes "Well, given a hundred years at university and a few extra titles to my name, I'd be comfortable trying to summarize the article so don't take what I say at face value. Apparently British and German researchers have found a way to use quantum crypto through the air, thus allowing it to be used to communicate with satellites, etc. A very secure form since you know whether a message was intercepted, rather hard to tamper with ;). Courtesy India times and Google's new news service."
"The Code Book" mentioned this several years ago (Score:4, Insightful)
This has been a working theory for years (and the book suggests it had been done across a distance of several hundred meters back then!)
I hate it when people say "wow, we have an unbreakable code now". We find out new things and rubbish old theories about the universe and it's properties all the time, we may have violated [bbc.co.uk]the second law of thermodynamics, what's to say this is "unbreakable" - it's only secure so far
Re:"The Code Book" mentioned this several years ag (Score:1, Interesting)
Re:"The Code Book" mentioned this several years ag (Score:3, Insightful)
Second, they talk about boosting the signal to achieve the ability to transmit to satalites. This would be at the detriment of the security of the key as the greater the signal strength, the more photons it carries, the easier it is to split off a portion of the beam to be read. This of course is still not in any way easy as statistical analysis of the strength of the signal can reveal that it is being split.
Third, the fact that the signals are being bounced of a satilite autmoatically invalidates the security. If it is relayed, the key is stored in non-quantum states which invalidates it's security. The article sais that the signal on fiber optics has to be boosted every 6 miles. That is also garbage. Boosting the signal again invalidates the security. I don't know anywhere that quantum keys are used through signal boosters.
This experiment is notable though. The farthest a quantum key has been transmitted was 32ish km (I believe in germany), over a single fiber-optic cable. This is the first transmission of a quantum key over a signifigant length through atmosphere.
Re:"The Code Book" mentioned this several years ag (Score:2)
Isn't the whole point of cryptography that information can be sent freely with only the intended recipient being able to easily decrypt it? And isn't the point of quantum cryptography to guarantee that only the intended recipient can decrypt it?
Re:"The Code Book" mentioned this several years ag (Score:3, Informative)
Re:"The Code Book" mentioned this several years ag (Score:2)
Re:"The Code Book" mentioned this several years ag (Score:2)
Re:"The Code Book" mentioned this several years ag (Score:2)
Re:"The Code Book" mentioned this several years ag (Score:1)
One time pads are ABSOLUTELY unbreakable...
Re:"The Code Book" mentioned this several years ag (Score:3, Insightful)
Erm, no they're not. If you get hold of the decrypting pad you can break it, not that much different than stealing a pgp key and passphrase really.
Re:"The Code Book" mentioned this several years ag (Score:2)
Re:"The Code Book" mentioned this several years ag (Score:2)
So the cipher is unbreakable, but the system as a whole may not be, due to passwords written on Post-It notes etc. IANAC, but I think analysis of new encryption methods doesn't concern itself with such possibilities
Re:"The Code Book" mentioned this several years ag (Score:3, Insightful)
But if you didn't do it correctly, or your pad choices aren't truly random, or someone knows some of the plaintext, or half a dozen other things, then a one time pad can be broken with a lot of guesswork.
Re:"The Code Book" mentioned this several years ag (Score:2)
Knowing some of the plaintext will not help you break the one time pad. The only part of the message that you will be able to deduce given that you know some of the plaintext, is that part of the plaintext that you already know.
Re:"The Code Book" mentioned this several years ag (Score:2)
You could be given THISISAONETIMEPAD and decrypt it into any string the same length, period. You would have to know the whole plaintext (assuming the OTP is random, which it ought to be), in which case decrpyting it wouldn't be helpful, would it?
The bottom line is that known-plaintext doesn't hurt OTP, because you cannot recover any portion of the pad except for the part that reveals the plaintext.
Pay attention now: (Score:2)
If it's not done correctly, say, the guy used the same pad on two different messages, or the guy isn't using a good random generator, then a known plaintext attack will give you new parts of messages.
Especially if the guy used the same pad twice.
Like I said, if it's done *correctly* then it's unbreakable. But it often is not done correctly.
Re:"The Code Book" mentioned this several years ag (Score:4, Informative)
You miss the point. The information is not encoded by modulating the frequency or the amplitude of the photons, it's done by manipulating quantum variables that are sensitive to observation. So, when you snoop the data, you change it, and the stream becomes corrupt. Personally, I just don't see how this beats symetric key cryptography where you can communicate the public portion in the clear (e.g. encode it into public transmissions or send out six couriers with the same info, since you don't care if one of them is intercepted).
Re:"The Code Book" mentioned this several years ag (Score:4, Informative)
The adavantage of quantum crypto is that it gets rid of the couriers. What if the attacker intercepts all six couriers - possibly by bribing them all. It just takes one more factor out of the equation. Also - the transmission is not susceptible to cryptanalysis or brute force, assuming your key data is truly random. The actual transmission is encrypted by one-time pad - the only way to crack it is to have the key.
And you are right - the basis of quantum physics is that you CANNOT measure the photon properties using any technique at all without altering them. If there is a clever way around this it would mean that the laws of physics as we understand them are quite wrong. Not that this is impossible, but quantum theory has been tested quite thoroughly. There is always that one experiment that could shoot it all down - but nobody has found it yet.
Re:"The Code Book" mentioned this several years ag (Score:2)
Could have been said, circa Newton: "The basis of physics is that time's passage is constant between any two bodies. If there is a clever way around this, it would mean that the laws of physics as we understand them are quite wrong."
Could have been said, circa Einstein: "The basis of relativistic physics is that actions happen independantly and interact through the transfer of energy, which is bounded by C
It's not that Newton was "quite wrong" or that Einstein was "quite wrong", but rather that they were both correct for a certain problem domain. I suspect that the current work on quantum cryptography will fall apart once we get the GUFT nailed down.
Symmetric key cryptography is sensitive to brute-force and possibly cryptanalysis
Everything is susceptable to brute force. Don't buy it? Try to keep a secret, and I will send some brutes over to your house to torture you... Brute force always works
Sending a courier with symetric key data or a one time pad has the disadvantage of being subject to undetectable interception. When you send 6 couriers with the public portion of an asymetric key, any 5 of them can be intercepted, but a) getting the public portion does not allow decryption and b) replacing the courier/key can be detected by comparing all 6 when they arrive. Expand the number of couriers as required.
Re:"The Code Book" mentioned this several years ag (Score:2)
As far as the laws of physics changing, that is always possible. One advantage of quantum crypto is that it prevents interception. If somebody figures out how to bypass it and divulges the vulnerability, you can stop using it and rest assured that nobody intercepted anything prior to the disclosure (unless the NSA figured it out five years ago and is keeping quiet about it - but they probably employ a lot more mathemeticians than quantum physicists).
However, with asymmetric or symmetric encryption anybody can intercept your communiction. True - they can't read it now, but they can always save it until technology improves. Some secrets are only important for a few weeks or months - like the next querterly report for comnany XYZ. Some secrets are important for a lifetime. In the first case, I wouldn't be too afraid that somebody might break my message using a quantum computer in three years - in the second case I'd be VERY concerned. Suppose it is a government secret being transmitted from embassy to embassy which contains data obtained by espionage on an allied country (such as the British spying on the Americans or vice-versa). That data would be very sensitive for as long as the alliance exists (how long have the USA and the British been friends now?). You don't want it divulged twenty years from now when somebody finds some old messages and pulls out their 10,000,000 processeors running at 100 petahertz pocket calculator and does a "little" math.
Quantum crypto is a completely different approach to safeguarding a secret, and I think that it will be quite valuable for many years to come - or at least until the laws of physics are changed. And once that happens, you can just stop using it and not worry about who has already intercepted your data. The only other method which comes close is the one-time pad - and then only if you are certain the key is protected and transmitted securely.
Re:"The Code Book" mentioned this several years ag (Score:2)
Re:"The Code Book" mentioned this several years ag (Score:2, Informative)
Of course, if there is something we don't yet know about quantum mech then perhaps it's not perfectly safe. Also, actually achieving 100% secure communication requires care in implementing the design - you can't put too many photons out there or some of them can be intercepted without tipping off the recipient.
Re:"The Code Book" mentioned this several years ag (Score:2)
Each photon is a single bit - so if one is intercepted but not part of the key it does no damage. And ones which are intercepted would be rejected as becoming part of the key. (Remember, you decide that you have a secure key BEFORE you send the message - so if it looks like somebody is intercepting bits you can decide not to send the message at all. You could even send a bogus message (which would still be indecipherable) to give the impression that a message was sent when it was not.
Allowance of crypto (Score:5, Insightful)
Whether they should be allowed?? Whether they're allowed or not has little bearing on what would happen. You look at the US's export restrictions for crypto, asking people outside the US to download the inferior version, they haven't exactly worked wonders have they?
Re:Allowance of crypto (Score:5, Insightful)
Yes, this was the bit that got me as well. It amazes me that this sort of thing can be stuck in as a throw away sentence, as if to imply that there is no doubt about the correctness of this POV, and anyone who thinks otherwise must be stupid.
The saddest thing about the world we live in (in the West at least) is the horrible kneejerk 'won't somebody think of the children' attitude that comes before any form of rational thought is employed.
Here's my list of things we must ban immediately -
Let's ban pencils, pens and paper, since criminals can use them to draw plans of the joint they are casing or even, God forbid, create one time pads to pass uncrackable codes to each other.
Ban open spaces since criminals could use them to converse with each other out of earshot of the police.
Let's ban flags since they could be used to pass secret messages in semaphore.
In fact let's just ban all forms of verbal and non-verbal communication - let's see those criminals make plans now!
Slashdot would be the first to go obviously. All that 'geek talk' is obviously just a clever criminal code.
Re:Allowance of crypto (Score:2)
Setting the Agenda (Score:4, Insightful)
Who said that this is the big question? This is not the "big question"; it has already been determined that "terrorists" did not and generally dont use crypto for communication, so thats just a lame excuse to keep the tools crippled (see A5).
Organized crime? just because an infinitessimal number of "organized criminals" (just where the hell are the disorganized criminals? [yes yes, GAOL]) might use crypto to secure thier telephones doesnt mean that the vast majority of people should be denied access, or given access only to cripple ware.
But you know this.
These agenda setting questions are pure bad journalism, plain and simple, and simple minded.
Re:Setting the Agenda (Score:5, Insightful)
Exactly. Indeed, the real criminals (corrupt bankers, high wealth people, etc) are those that use crypto because they have the money and paranoia sufficient. Terrorists use simple stuff like codes, languages that only the top spies can get translated, and other tactics like human silence policies and any number of other things. As for organised crime, well using PGP / crypto etc is just going to get the FBI to prick up their ears a bit more so is generally avoided.
People should not be paranoid about cryptography, it should be openly available. It should be used primarily for signatures, and yet most people just think it's there for protecting data transmissions. *Sigh*
Re:Setting the Agenda (Score:2)
As for organised crime, well using PGP / crypto etc is just going to get the FBI to prick up their ears a bit more so is generally avoided.
For now. As the percentage of encrypted general-interest traffic increases, the likelihood of a given message being important decreases. Thus, encrypted messages will attract less attention.
-l
Re:Setting the Agenda (Score:2, Insightful)
This isn't like SSL or public-key crypto, this is a totally different game where absolute and utter confidentiality of communication is necessary. Never mind the low-orbiting satellite system you'll have to setup or lease time on so that you can distribute your one-time pads to your circle of trusted communicators.
Now - don't get me wrong. I agree with the poster in that if criminals want to use this, it won't matter if its publicly available or not. Criminals can use one-time ciphers right now, some possibly do. The concept of this isn't new. The only thing new here is the dissemination of the one-time pads, which currently takes a fair amount of legwork. This article isn't about transmission of the message, its only about transmission of the keys to encrypt/decrypt the message. These keys are currently stored on media and couriered to embassies worldwide by a country's diplomatic couriers and such. Used 'one time' and then the media is destroyed to prevent any future knowledge of past keys. The messages that use these one time keys can be sent over any medium. I wouldn't be surprised at all if some are sent via specialized email systems that at some point hit a public point of the Internet or travel through the air where they could be intercepted.
Hope this helps!
Cheers.
Re:Setting the Agenda (Score:2)
Ever actually listen to or read the transcripts of American mafia conversations from FBi wiretaps? Even when they're in the same ("secure") room, it's hard to figure out what the fuck they're even *saying* let alone what kind of scheme they might be up to.
"Them guys that was gonna do that thing for them-"
"Wait, what thing? That one thing over there or the other thing we was talking about the other day?"
"Yeah, that one"
"Well, they had some problems with those other guys"
"What kind of problems?"
"Some guys from over there was having more problems like the kind we had that one time over in Jersey"
"OK now?"
"Yeah, I think so. Fuhgettabboutit."
Even without encryption the conversations are so obtuse as to be nearly meaningless without *years* of surveillance, undercover infiltration, etc. I'd guess where they hate encryption isn't in terms of intercepts, but the big charges that really cripple them are tax/fraud/money laundering, and encrypted records prevent a lot of those charges from sticking.
Re:Setting the Agenda (Score:4, Interesting)
Its awesome!
Re:Setting the Agenda (Score:2)
And how exactly was this determined? This makes the assumption that:
(a) We know how all terrorists communicate.
(b) All terrorists are idiots.
Of course terrorists do and will use crypto where it suits their purposes. Organized terrorists in general tend to be a lot smarter than organized criminals. And organized criminals *do* use crypto - especially large scale drug smugglers.
Now, this does not mean that crypto should (or can be) illegal.
In some ways it's solving the wrong problem (Score:5, Insightful)
Basically, if you can bug the users keystrokes when they type in their password for the crypto system, then that system is toast- similarly if they have a physical token- if you steal that token.
Or you bribe/blackmail the guy; or you use "lead pipe" cryptanalysis- you hit the guy over the head until he tells you his password.
This system looks good; but don't assume that its going to be 100% secure. In the real world it can't be, unless there's no people in the loop, not even designing the system.
Re:In some ways it's solving the wrong problem (Score:3, Interesting)
Re:In some ways it's solving the wrong problem (Score:2)
Re:In some ways it's solving the wrong problem (Score:1)
But that's just the problem, it doesn't keep it secure AFTER transmission, you have to go back to the old reliables (like PGP) - which may be broken by quantum computers
Re:In some ways it's solving the wrong problem (Score:2)
As long as this is true, the encryption can be considered effective. It's done it's job of preventing eavesdroppers on the line; it's not responsible for the rest of the world.
Re:In some ways it's solving the wrong problem (Score:2)
By using a strong secure encrypted link, you are moving the points of attack to areas under your control. It also much reduces opportunist attacks as the attacker will have to take some physical risk (for example, as you mention after, bugging a keyboard) as opposed to passively sitting in a public place and plucking bits out of the air.
or you use "lead pipe" cryptanalysis- you hit the guy over the head until he tells you his password.
It's "rubber hose" cryptanalysis; just as painful but leaves far less evidence of torture after they finally release you.
This system looks good; but don't assume that its going to be 100% secure.
It's only used for the key exchange. You can always break or brute force (given enough computing power) the symmetric algorithm that then uses this key for encryption.
Phillip.
Re:In some ways it's solving the wrong problem (Score:2)
The system as described seems vulnerable to a man-in-the-middle attack right now; so that's not completely true; however adding passwords and so forth in there allows the advantages you mention. It looks to me though that the right thing to do is layer an ordinary crypto system on top of a quantum one and rely on the quantum system to prevent interception and use the conventional crypto to give authentication and so forth.
Re:In some ways it's solving the wrong problem (Score:2)
Re:In some ways it's solving the wrong problem (Score:2)
Re:In some ways it's solving the wrong problem (Score:2)
Quantum cryto only detects if a message is passively intercepted - it does not authenticate who you are talking to in the first place. There are other ways of doing this (such as old-fashioned RSA), but these systems are not nearly as bulletproof as quantum cryto and require trusted keysigners (hence we're back to the key distribution problem).
Think of it this way - quantum crypto ensures that nobody is tapping your phone line. It does not ensure that the person on the other end of the phone is who you think it is and not just a really good voice actor. In some ways the phone is more secure in this regard - you can at least hear the other party's voice, which is hard to replicate. With data communications, you just get text/binary data - how do you authenticate that? Software like PGPPhone has you read a digest of the key over the phone, this blocks the man in the middle attack for voice communications, assuming the attacker cannot replicate your voice (just recording and resending doesn't work, as the key digest would be wrong). But this is a highly manual method, and probably not foolproof to a very determined attacker who knows what your voice sounds like in advance.
Re:WRONG! it does not have a PASSWORD. (Score:2)
As I understand it, the usefulness of this form of quantum communication is in key distribution, much like public key cryptosystems.
If Alice and Bob have a quantum link between them, and want to communicate securely, then they can use a secure cipher of some sort. Alice can generate a key and send it to Bob. Now, given the nature of quantum physics (is this related to the Heisenberg Uncertainty Principle?), an eavesdropper cannot intercept this key without both Alice and Bob knowing. Now that they have a shared key, they can start to communicate using the strong cipher that they selected.
Correct me if I'm wrong.
Re:WRONG! it does not have a PASSWORD. (Score:2)
Alice: Hey Bob, are you out there?
Eve: Uh yeah, this is me Bob, that's the ticket.
Alice: OK Bob, let's do our secure key exchange.
Eve: Sure thing, Alice.
Alice and Eve now have a secure channel between them.
Bob: Alice?
Eve: That's me.
Bob: Let's exchange keys.
Eve: Yeah, let's do that. That way no one will be able to intercept our traffic.
Bob and Eve now have a secure channel between them.
Bob: I love you, Alice.
Eve: Well, it's a good thing that you told me over the secure channel. But alas, I am in love with someone else. You know who would make a good lover for you? Eve. She's just your type.
Bob: Gee, thanks Alice.
Alice: I love you, Bob.
Eve: Sorry baby, I've found someone better.
Re:WRONG! it does not have a PASSWORD. (Score:2)
Not that you should believe everything you read on the Interweb (especially on geocities), but this site [geocities.com] begs to differ.
" What is really special is that Eve will not be able to eavesdrop on the message without alerting Alice and Bob. This is again a result of the Heisenberg Uncertainty Principle. If Eve is to measure the photons sent by Alice, she must use a filter, thereby polarizing the photon. As a result of the Heisenberg Uncertainty Principle, 25% of the photons measured by Eve will be totally blocked and will not reach Bob. Alice and Bob will quickly notice this after several occurences and know their message has been corrupted. Thus, quantum cryptography gauruntees complete secrecy."
I think we're both talking about the same thing. The reason your snooping changes the message is because of the Heisenberg Uncertainty Principle.
Re:WRONG! it does not have a PASSWORD. (Score:2)
Re:WRONG! it does not have a PASSWORD. (Score:2)
That is indeed very true. But unconditional confidentiality cannot be done with a key smaller than the message. Unconditional autencity is different, that can be done with a key smaller than the message. This is very important because without unconditional autencity quantum cryptography is not secure.
When transmitting a message you can include a key for the next session, so you don't have to use the signature key more than once.
Re:WRONG! it does not have a PASSWORD. (Score:2)
Usually you would want to authenticate the user, not the cryptographic equipment in case it gets stolen, or otherwise accessed by the black hats; and that requires a password and/or a biometric or something.
Re:WRONG! it does not have a PASSWORD. (Score:2)
This is outside the scope of quantum cryptography. But of course it is still of interest. There are two different aproaches to solve this problem:
The truth about quantum computers (Score:3, Interesting)
Quantum computation, however, is much more complex and much more interesting. Quantum computers are based on the concept of quantum entanglement, the ability of a quantum state to exist in a superposition of all of its mutually exclusive states: It's a 1 and a 0. However, this is not as easy to use as one might think. While it's true that if you have n quantum logic gates you have the ability to input 2^n data values simultaneously (as opposed to only 1 piece of data if you have n digital logic gates), this is not going to be the end of classical computing for a few reasons. First, quantum computers have to be perfectly reversible. That means for every output there's an input and vice versa. And there has to be no way of knowing the initial states of the data. You don't process data, you process probabilities in a quantum computer; if you know exactly what any one value is throughout the computation, you can find out all of the values: the superposition ends and you're stuck with a useless chunk of machinery. This means YOU CAN ONLY GET ONE RESULT FROM ANY QUANTUM COMPUTATION, THE END RESULT. You can't see what the data in the middle is or the computer becomes useless. (Landauer's principle makes heat loss data loss. When your processor gets hot, it's losing data. If the same thing happened to a quantum computer, it wouldn't be quantum anymore.) Decoherence is what happens when you randomly lose data to the environment by design, not by choice, and the superposition ends. This is bad for Q.C. Oh, and quantum computers can only do *some* things faster, like prime factorization and discrete logarithms. Not multiplication or addition. Plus, the circuits that would do basic arithmetic would be bigger and slower than what you've currently got.
So what does this all mean? It means that quantum computers are going to provide some advantages (real quick big number factorization), and some disadvantages (that whole RSA standard). The most realistic initial use of quantum computers will be as add-ons to existing super-computers to resolve certain types of NP-Complete headaches that regular math can't simplify yet. At best they will someday be an add-on to your PC; but they will never replace the digital computer.~
If you want more info, check out http://www.qubit.org [qubit.org], it's got some decent tutorials.
Any details at all would have been nice (Score:4, Insightful)
From the guff written here, it all seems implausible. Encoding a message in single photons is fine, but I find it hard to believe that you can transmit a stream of photons several miles through the atmosphere without a single one of them being absorbed or scattered (which would look the same as interception). It's just light, after all.
I wish I could remember any physics. Then I could say something about the possibility of "amplifying" a signal in which the symbols are single photons. But I can't, so I won't even try.
Plus, even taking the above on trust, it doesn't sound too hard to disrupt (with, say, a mirror).
Corrections and extra technical info most welcome!
Re:Any details at all would have been nice (Score:5, Interesting)
Essentially, the process runs:
send a large number of (more-or-less) single photon pulses, carrying random data
recipient reports over an open channel, which pulses they got and some more technical information.
From this, sender and recipient can work out the subset of the random data that they take into the next step.
Now they (openly) exchange some checksums and things to determine the rate of bits which appear to have changed in transit, either due to eavesdropping, or noise and to get a common bitstring. From this, they can work out how to combine the bits of the bitstring to get a shorter bitstring which (with high probability) no eavesdropper can guess any part of.
Finally, they use this common secret bitstring as a key for a one-time pad.
Simulations suggest that even 99.9% photon loss is not fatal.
Re:Any details at all would have been nice (Score:2, Insightful)
Aha! So the cyphertext itself can be transmitted over an "open" channel. Cunning.
But, it sounds to me like it could be fairly inefficient. From what I remember, you need one bit of one-time-pad for every bit of plaintext you want to transmit. The process above could be quite time-consuming (relatively speaking) if only 0.1% of your photons get through. And even if you're sending the equivalent of an email, you'll need a key-string of tens of thousands of bits. So it might be secure, but you'd end up paying for it in speed.
Interesting, though.
Re:Any details at all would have been nice (Score:2)
> for it in speed.
Absolutely right. From what we found out, you may need to send thousands of photons for every bit of shared secret you want.
Of course, at a small cost in security, you could use the shared secret as a session key for your favourite stream cipher, and change keys every time you manage to send enough extra bits over the quantum channel. using AES with (say) a 256 bit key and changing keys every millisecond or so should defeat all but really determined attackers.
You can also leave the quantum channel runnign all the time to build up a stock of one-time-pad for when you need it.
Re:Any details at all would have been nice (Score:4, Informative)
The one article I read about this talks about the satellite communications that were being intercepted in Europe from NATO troops in the Balkans. This new quantum crypto transmission method for one-time pads has nothing to do with that - THAT was about the military not having enough encrypted satellite channels for the amount of data that they were needed to transfer. This wouldn't change that in one bit. This only affects the legwork currently needed to disseminate one-time pads to all necessary parties. The one-time pad systems are already being used, this would just make the process a bit less resource intensive and available to more parties (not just the ones that have reliable access to diplomatic couriers). Maybe that would change the situation above, because more people could take advantage of the one-time pad system, but I doubt it. This seemed more of a limitation of the satellite bandwidth than anything else.
Cheers!
Re:Any details at all would have been nice (Score:1)
Well heres my take on this (Score:1, Interesting)
Our arguably most complex technology is the atom bomb but every highschool student with half a brain knows the basics of how a nuclear reaction works.
This isnt really a problem for us because regulation of these components is a relatively easy job. Its not like joe-terrorist can go mine his own plutonium or deuterium or uranium (the makings of most nuclear devices) though there are others.
smoke detectors contain valadium etc and as in a previous slashdot artical can be turned into nuclear devices. (remember the kid in his garden shed)
So back to the real point, how do the creators of this technology (read information) keep it secret. After all information wants to be free. Poloticians screw up interns leak data and university professors love to defeat these kind of things.
So if you're going to create it, you better be sure you want every one to have it. Which is incidently for the same reasons that the guy who created the atom bomb(well theory) is quoted as saying (paraphrased) that he never should have created it dispite the good that has come from nuclear energy.
--Editorial-- (well moreso)
I think that this technology should be created etc. But created for the public domain. Security and privacy are what good countrys are founded on. Through corruption and "wont someone please think of the children" we've given up this freedom peice by peice to the governments that represent men with money. (read riaa)
What then is the next logical step? i say declare war on privacy invasion; since the government isnt run for the people any more it must be business that impliments privacy for the people.
quantum state encryption will finally give people the ability to have a discussion in private. Is the fact that joe is cheating on his wife any more important than saddam having an abomb to joe? what if both were found out. with quantum tech this doesnt seem possible YET.
(alright its a spacious argument but blah)
so now that i sound like a madman i await your flames. encryption doesnt make a person a terrorist and good people have a right to privacy. the argument that if you dont have anything to hide you dont need encryption doesnt hold water. ANY information intended for one party should not be received by another.
Re:Well heres my take on this (Score:1)
From my understanding of what they are doing (quantum mechanics based keys) it will be very difficult to transmit keys any real distance through atmosphere, much less a cloud. It would certainly be easier to just use a laser in "binary" mode (on-off) to flash a key from point to point. You'ld still know if it was intercepted since the light would take longer to get there or wouldn't get there at all.
Re:Well heres my take on this (Score:2)
Mr. Science Science Project:
Take laser pointer pen.
Take cardboard paper towel roll.
Cut hole in top cardboard paper towel roll, so the roll is still intact and you can see the inside.
Shine laser through paper towel roll, look through hole, see wonderful beam shining through.
Flash laser pen for fun, notice you can see it shut off and turn on.
Binary with lasers, you say? Worthless, because it can be unknowlingly intercepted in transit.
Translation: (Score:1)
What I'm about to say MAY or MAY NOT be true. fnord
Re:Translation: A better RAW translation.. (Score:2)
ttyl
Farrell
fnord
a bit more info (Score:2, Informative)
British-government-owned company involved: QinetiQ [qinetiq.com]
Article from The Economist: "Free-space" optics [mail-archive.com]
'"Free-space" optics requires no fibre' (oh, how I love that British English)
Quantum secure key exchange paper: here [uni-muenchen.de]
Re:a bit more info (Score:2, Informative)
>From The Economist print edition
"Free-space" optics requires no fibre. That may be an advantage
FIBRE optics revolutionised communication by abolishing the law that light can travel only in a straight line. From that point on, light signals could be treated in the same way as electrical ones, and bent round corners. Some people, however, are never satisfied. And these dissatisfied engineers are trying to turn the clock back by developing systems that use "free-space" optics-in other words sending information from place to place by shining laser beams through the air.
Free-space optics has three advantages. It is easy to install. It can handle a technology known as wavelength division multiplexing (WDM) without, as it were, blinking. And it seems suited to a new-and allegedly uncrackable-encryption technique called quantum key distribution.
Speed of installation comes from not having to dig up the road to lay conduits. Free-space optics may thus be an answer to the difficulty of providing broadband connections to customers' homes and offices-the so-called "last mile". Free-space links that operate at speeds of up to 20 gigabits a second-as good as fibre-have now been demonstrated. They can be installed in hours rather than the weeks or months normally needed for broadband access. And if they can be put into place quickly, they can be upgraded quickly, too.
That matters in the context of WDM, a technique that allows a single optical path to carry thousands of parallel channels, as long as each is encoded in a slightly different colour. Upgrading a fibre network for WDM is hard. First, individual fibres are each compatible with only a few WDM schemes. The exact chemical composition of a fibre's glass determines how transparent it is to different frequencies, and also its tendency to disperse those frequencies even when it is transparent. Both restrictions reduce the number of channels that can be carried. Moreover, even if a particular fibre can be used with a particular scheme, the light sources, amplifiers, switches and associated paraphernalia usually cannot. Amplifiers, for instance, will not boost all colours equally, so special devices are necessary to compensate.
Free-space optics suffers from none of these problems. Air is transparent to a wide range of frequencies and has few dispersive tendencies (at least, when the weather is good). And with the associated kit clustered together in base stations, upgrades are easy to carry out.
The third advantage-for quantum key distribution-is more speculative. The technique exploits the arcana of quantum mechanics to let two computers swap a cryptographic key (and thus the means to decode a message) with perfect security.
Quantum key distribution has been demonstrated successfully in fibres, but it suffers from one major drawback: it requires a dedicated link, and so cannot be implemented in a network. However, two experiments carried out in the past few weeks have shown that it works with free-space optics. First, researchers at QinetiQ, a British-government-owned company, and Ludwig Maximilian University, in Munich, Germany, exchanged keys between two alpine mountain-tops more than 23km apart, though they did so at night, when sunlight could not confuse the signal. Then, another group of researchers, from Los Alamos National Laboratory in New Mexico, announced that they had performed a 10km key exchange in broad daylight.
These two groups are working towards military applications in which the key is exchanged from the ground to a satellite. But both recognise that the technology might be exploited commercially, and are part of a European Union collaboration called QuComm that is encouraging this.
Free-space optics would have the odd drawback, such as flocks of birds, showers of snowflakes or banks of fog interrupting the beams. But message-encoding systems are already set up to cope with lost data. Many customers might be willing to put up with a 99.999% available service that could be installed straight away, rather than waiting indefinitely for the 100% availability of fibre.
Speaking of last-mile broadband (we weren't?) (Score:1)
Has this .com craze really gone bye-bye? Please, say it ain't so.
Philip K Dick (Score:5, Funny)
Perhaps he was right. Perhaps taking lots of hard drugs allows you to tune in to alien quantum communications. Sounds like some experimenting needs to be done...
Re:Philip K Dick didn't write Blade Runner. (Score:2)
Well, he wrote "Do Androids dream of Electric Sheep", which Blade Runner was based on. Happy now?
Re:Philip K Dick didn't write Blade Runner. (Score:2)
Well, he wrote "Do Androids dream of Electric Sheep", which Blade Runner was based on. Happy now?
Nope.
Blade Runner wasn't based on "Do Androids Dream of Electric Sheep?" The MOVIE CALLED "Blade Runner" was based on ""Do Androids Dream of Electric Sheep?"
This is not a silly quibble. Blade Runner was a completely different book (By Alan E. Nourse, if I recall correctly). It's about a future dystopia where medical care is banned (in a misguided attempt to breed out dangerous recessives), except for people who have been sterilized. A very fatal Flu is circulating. There's a vaccine, but because you can't get it unless you volunteer for sterilization you're about to have a situation where all the surviving humans are sterile. One lead character is a "Blade Runner" - a surgical tool bootlegger for an illegal surgeon.
The makers of the movie version of "Do Androids dream of Electric Sheep" blatantly ripped off the name of the unrelated book - apparently because it sounded cool. Nothing in the movie is in any way related to blades or the book with the same title.
So the media empire strikes again, shafting TWO authors for the price of one.
Perl (Score:4, Funny)
"Gift a Washing Machine & get Pearl Set Free @ INR 8590"
They obviously don't know that Perl is FREE [cpan.org] for most systems.
Ultrasecure? (Score:2, Funny)
Old news (Score:2)
Seriously, if you search on slashdot on 'quantum cryptography', I predict you'll find quite an amount of previous stories saying exactly the same.
By the way, a few minutes ago:
Secure? (Score:2, Interesting)
I'm not sure how knowing if a message has been intercepted makes it more secure. I can yell to a friend across a crowded room, and when people turn their heads at the sound of my voice, I know my message has been intercepted. Does that make it more secure?
Re:Secure? (Score:2)
If you and a friend are in a room and are separated by a black curtain, and there is the potential that there is actually 2 curtains with a 3rd Person inbetween, you can't be sure of a secure conversation. Now, let's throw in QC, and you say "I have something secure to tell you" across the room. If that message is listened to by a 3rd Party, QC will FOR A FACT inform your friend that the message was tampered with before he heard it.
How does this help secure your conversation? Let's say you have an infinite number of rooms with which to experiment. Every time your message is intercepted, you simply change rooms (or channels) and repeat your "I have something secure to tell you" message until it is not tampered with.
But, you say, a 3rd party could just wait to listen to the "important part" of the message. Could they? I could sit there and say my insecure message for days and each time I would know when it was listened to. How would a person know when to listen to the right message? They wouldn't know which one is secure. So effectively, if the first message is secure, the next message will be as well.
Re:Secure? (Score:3, Informative)
The one problem I see with this is that Eve (the eavesdropper) can effectively DoS Alice and Bob's communication, by intercepting everything, thus stopping them from ever agreeing on a private key.
Re:Secure? (Score:2)
commercial uses? yes! (Score:3, Insightful)
from the article (yes I read it)
The big question, though, is whether they should be allowed to enter the commercial domain, where they could be used by organised crime and terrorism to thwart eavesdropping by police.
If we don't let the public use this, everyone we don't want to have it will get it eventually. There wont be a user base to be framiliar with to help the government in finding the weaknesses. It is the same with cryptography software. Those who want it really bad can write their own or violate an EULA. The law abiding public is shut off from protecting their own things when terrorists and organized crime still can.
Re:commercial uses? yes! (Score:2)
It still can't be 100% secure, (Score:1)
if i'm not mistaken, this only makes the transfer of quantum encrypted data secure. most of the methods of transferring encrypted today though probably not as secure as this, are more than enough for most needs and purposes.
its frequently the integrity of either the computer sending the data or the computer receiving the data that gets compromised, and that is usually the issue.
its still a positive development nonetheless though.
The last paragraph sums it up pretty well (Score:1)
The big question, though, is whether they should be allowed to enter the commercial domain, where they could be used by organised crime and terrorism to thwart eavesdropping by police.
Let me help answer the question. Yes, It should be allowed to enter the commercial domain. Their overprotection of encryption technology is getting old.
Au contraire. Americans found the way in '98... (Score:3, Informative)
BBC Link (Score:3, Informative)
Thin Air (Score:3, Funny)
But how thin does my air have to be? I mean, I try to keep my air in shape but it certainly isn't as thin as it used to be. Perhaps if I move to Tibet.
Well at least the communications are ultrasecure - I find that secure just isn't enough.
Hypothetically (Score:2)
Saddam therefore has the message information (which may be valuable on its own) and he has confirmation he's been busted. In other words, he knows he's disrupted Tony and George's communications, and he can take that into account when he acts on the info in the message.
Thus Saddam's role becomes one of "message wrecker" rather than "eavesdropper". This can still be quite a pain in the ass, particularly if wrecking messages is easy. After all, it would be particularly annoying to Tony and George to spend lots of their hard-earned money building such a system, and find that Saddam is wrecking every single message.
Am I right in thinking Saddam will be aware he's been busted?
Re:Hypothetically (Score:2, Informative)
But basically - no, what you suggest does not happen. You don't use a quantum channel (i.e. single photon stream) to send the message itself, you use it to agree a key, which is used as a one-time pad. The encrypted message could be sent over any channel - because it's encrypted with a one-time pad, it's absolutely secure on the wire. Remember the problem with one-time pads is key distribution, not decryption - if (and only if) you can securely distribute the key, one-time pads are pretty much perfect.
The key agreement protocol includes safeguards to avoid eavesdropping too - quantum physics means you can't reliably sample the stream of photons without changing it, and the protocol includes consistency-checking - if everything doesn't match up, the key-exchange is scrapped.
So basically, quantum cryptography is really just a very clever way of sharing a one-time pad key.
Will the US let it happen though? (text) (Score:2, Interesting)
It's doubtful based on the reports that the US will allow such a thing to pass unless they can intercept and read it.
One way to crack (Score:2)
Maybe I don't get it. (Score:2, Insightful)
how it works (Score:2)
If someone intercepted every attempt to transmit your one-time pad, you might have a problem, but there are apparently ways around that.
Re:how it works (Score:2)
Speaking of Google's New News Service... (Score:5, Interesting)
Re:Speaking of Google's New News Service... (Score:2)
Re:Speaking of Google's New News Service... (Score:2)
Maybe comments might even be more insightful on average?
Or maybe that's not saying much
I hate stupidity (Score:2)
Yes. True. On a similar note: cars, food and snail-mail are used by organized crime and terrorists for transportation, nourishment, and communications. Imagine how much better and safer the world would be if we didn't give the public access to these things.
Okay, this is probably a dumbass question... (Score:2)
The article says that it would be difficult to intercept because interception would be easy to detect because the interception would change the state of the photons. Okay. But then it says that since photons are so easy to deflect the reciever would have to send back info about what packets are missing. So couldn't you just intercept a bunch of bits and the reciever would just assume interference. Is this one of those signal-to-noise inference things a la Stephenson's "Cryptonomicon [cryptonomicon.com]"?
Furthermore, it mentions some absurd length of time to decrypt these messages, but I assume that's with current tech. What about with a quantum computer? Isn't that the sort of thing that they are supposed to excel at?
Just wondering....
Obfuscation (Score:2)
A laser transmitter was set up at the top of the 2,950-metre (9,587-feet) Zugspitze, and sent out pulses to a receiver, a 25- centimetre (10-inch) shop-bought telescope, positioned on line of sight on another peak, the 2,244-metre (7,293) Westlichekarwendespitze.
Obviously they encrypted the locations so readers wouldn't be able to attempt to eavesdrop as easily.
Re:Ok.. (Score:3, Informative)
Karmawhoring:
Re:What is Karma (Score:1)
Re:anyone watch discovery channel (Score:2)
Re:Quantum Communication is NOT SECURE ! (Score:2)
Re:Quantum Communication is NOT SECURE ! (Score:2)
They are always secure.