BBN Announces Functional Quantum Encrypted Network 169
anzha writes "BBN Technologies has announced that under DARPA's Quantum Network Project to have built in conjunction with Harvard University the world's first functional quantum encrypted network. This is probably funded under DARPA's Quantum Information Science and Technology Program."
Patents.. UCK (Score:5, Insightful)
Patent-pending BBN protocols pave the way for robust quantum networks on a larger scale by ...
AND
We were ahead of the technology curve with the ARPANET and the first router, and our quantum network exemplifies the same kind of forward thinking and innovation that has made BBN a technology leader for over 50 years
All this would be just fine if it wasn't for the horrible P word. They've automatically, like all people who patent cryptography, made their entire idea completly unprofitable and made sure that no-one ever implements it. The thing is.. there's no market pressure to adopt this stuff.. we already have secure communication. Sure.. it's improved but so was eliptic curve cryptography but no-one uses that because of patents.
What a waste of time!
Simon.
Re:Patents.. UCK (Score:5, Insightful)
Yes, just like RSA, and Diffie-Hellman key exchange, SHA-1... C'mon. You use patented stuff all the time.
there's no market pressure to adopt this stuff.. we already have secure communication.
Oh, where to begin... we don't have secure communications, what we have are communications that nobody knows how to break yet. Quantum cryptography is a different ballgame. It can't be broken without changing the laws of physics.
Re:Patents.. UCK (Score:3, Interesting)
Aren't at least some of the widely used security algorithms proven to be likewise unbreakable without changing the laws of, mmmm, mathematics?
Re:Patents.. UCK (Score:5, Informative)
Re:Patents.. UCK (Score:2, Funny)
N=1
Re:Patents.. UCK (Score:2, Insightful)
You should add, "in specific cases, for specific mathematical operations, as far as we know or anyone will admit, and as long as the users of said encryption adhere to correct operating procedures, use strong keys which are not generated according to a guessable or calculable pattern, and the security of the cryptosystem itself is not compromised."
The mathematics of Enigma looked very ugly until the Allies got a model, found some weaknesses, developed some powerful approache
Re:Patents.. UCK (Score:2)
Re:Patents.. UCK (Score:4, Informative)
Re:Patents.. UCK (Score:5, Informative)
None, except for one-time pads (which have other problems). For example, many schemes depend on the fact that it's impractical to factor large numbers. The truth is that nobody knows how to factor large numbers today, but it's also true that nobody knows how hard this problem really is. Perhaps someone clever will figure out how to do it tomorrow... and in the meanwhile, someone already has figured out how to factor large numbers using quantum computing. Nobody has built a quantum computer large enough to run the algorithm, but once they do, you can kiss all these schemes goodbye.
Re:Patents.. UCK (Score:2)
That is the whole issue with quantum computing, once it becomes easy to factor large numbers, it is much easier to figure out which numbers cannot be factored and are therefore primes. Thus much of today's encryption techniques will not stand up against a quantum computing device.
Re:Patents.. UCK (Score:2)
Uhhh, he didn't say anything about prime numbers, just factoring large numbers which is close enough to the truth for the current discussion on conventional encryption. People in glass houses should not throw stones.
Re:Patents.. UCK (Score:2)
Have you ever studied prime numbers and factoring? Do so, you'll learn a lot.
You're not a very good troll.
While it may be possible, theoretically, to come up with a magic prime number algorithm - if that happens, it's a breakthrough in math systems akin to the development of Calculus and algebra. :P
These are both developments
Re:Patents.. UCK (Score:2)
Re:Patents.. UCK (Score:1, Informative)
Re:Patents.. UCK (Score:5, Informative)
Yes, just like RSA, and Diffie-Hellman key exchange, SHA-1...
None of those are in patent. RSA was patented but that patent expired a few years back. SHA-1 was never patented nor was Diffie-Helman.
we don't have secure communications, what we have are communications that nobody knows how to break yet
Well, not exactly we have the One time pad but that aside: What makes physics different to mathematics? You can't prove a physical theory is true like you can a theorem. There is a small chance quantum mechanics is wrong and there is an alternate theory that describes the photons in a deterministic way.
Yes, it's a small chance.. but don't forget that there's also a small chance that you can find a quick algorithm to solve AES. Changing the laws of physics tends to happen once a century - Theorems on the other hand last forever.
Simon.
Re:Patents.. UCK (Score:3, Informative)
The SHA-1 algorithm is not patented, but many uses of the algorithm are.
Do your reading.
Re:Patents.. UCK (Score:5, Informative)
The network consists of fibre optic cables over which SINGLE PHOTONS are transmitted back and forth between "Alice" and "Bob". If anyone is trying to spy on you -- poof, your bits disappear, and you notice.
The actual crypto that's used on the network is fairly normal. The quantum part protects the key exchange.
Quantum vs. Quantum (Score:2)
My sole knowledge on the subject came from a book called "The Code Book", if I remember correctly -- an EXCELLENT READ for the layman, by the way. Anyway, I recall reading about two things: a quantum network using polarized photons as bits, and a quantum computer, which somehow embodied the Schroedinger's Cat principle of processing all possibilities at once. The first was secure because it was impossible to eavesdrop without detection, because the simple act of observing th
Re:Patents.. UCK (Score:3, Insightful)
What you should have said is that It can't be broken without changing the laws of physics as we know them (yet) . The "Laws" of physics change all the time, as we make new discoveries and adopt new theories.
Re:Patents.. UCK (Score:3, Insightful)
Well the Laws don't change at all, we just get closer and closer to fully understanding them as time goes on. As in, there is a truth that we observe as X. The truth is elusive, and the best way we can describe it currently is X. We call this the 'Laws of Physics' which are the simplest explanation for what is happening, and generally correct to a certain fidelity. This fidelity increases as our understanding
Re:Patents.. UCK (Score:3, Insightful)
The Laws don't change at all. You may or may not have noticed that there have been no new Laws of Physics in at least a hundred years, if not longer. Physics the science has long since recognised that there are few if any absolutes, and so stopped calling things "laws" a long time ago. Even Relativity (very actively investigated, yet to be disproved) is "only" a theory.
Re:Patents.. UCK (Score:2)
Re:Patents.. UCK (Score:3, Informative)
Quantum cryptography, at least in this application, only uses the quantum network to exchange KEYS to conventional symmetric crypto.
The same crypto algorithms are used, this is just a "secure" method of key exchange. PKI was invented because of the problem of exchanging keys securely -- this is just a fancy way of doing the same thing.
Re:Patents.. UCK (Score:2)
You mean it can't be broken with in a reasonable amount of time.
Re:Patents.. UCK (Score:2)
Re:Patents.. UCK (Score:2)
Re:Man-in-the-middle is not possible against QC (Score:2)
Yes they are. The post you reference is talking about practicalities, not theoretics. It describes a communication system using two channels: a quantum one and a public one. Information describing which attributes of the quantum stream should be read are transmitted publiclly.
If the MIM could replace traffic on both the public and quantum streams, he can make a successful attack (both victims think they're talking to each other, but are really talking to MIM). But the assumption in th
It's for the governments. (Score:3, Funny)
Re:Patents.. UCK (Score:1)
You mean pending? I jest but it is good that it does say pending because that means there is a chance it will be throughn out.
Lots of DARPA projects doing network stuff... (Score:5, Interesting)
What's wrong with IPSEC? (Score:3, Funny)
Re:What's wrong with IPSEC? (Score:2)
No... quantum "cryptography" has certain concrete advantages over normal mathematical encryption.
For IPSEC, SSH, or anything normal, a spy can record years worth of traffic between two victims. Then much later, burglarize or interrogate one of them to learn the password. (Or even spend 100 years of brute-force CPU crunching) With that, all of the logged messages become retroactively readable.
QC protects
Re:What's wrong with IPSEC? (Score:2)
Just google for IKE and Perfect Forward Secrecy.
Re:What's wrong with IPSEC? (Score:2)
Tsk, tsk. Even that only uses a 1024 bit key, so I only need to try 1.8e+308 or so possible keys to find the right one-- not currently practical, but a few years of Moore's law might render the problem solvable within the lifetime of the known universe [gil-barad.net], even precluding a major breakthrough in quantum computing [qubit.org].
There's a difference between problems that are absurdly difficult, and problems that are outright impossible.
Re:What's wrong with IPSEC? (Score:2)
Regardless of it using "only a 1024bit key", the fact you need to try 1.8e+308 keys for EACH message since each one uses a different key, it's not truly practical, unless ofcourse quantum computing or a nondeterministic turing machine is developed.
Re:What's wrong with IPSEC? (Score:2)
Well, yes, which is the point: Quantum encryption is a one time pad, furthermore with absolutely guaranteed security in pad generation and distribution. There are several possible non-algorithmic weaknesses to an ordinary one-time pad:
* Alice must make a truly random pad.
* The pad must not be intercepted and copied by Eve when Alice attempts to securely send it to Bob.
* The pad must NEVER be reused.
The laws of quantum mechanics insure th
Re:What's wrong with IPSEC? (Score:2)
Improved transmission security, exactly. (Score:2)
And if you think "Ev
Re:Improved transmission security, exactly. (Score:2)
Some people go crazy over it. They don't like computer generated keys, because they are psuedo random. They don't like 1024-bit encryption because when they are dead and buried, someone might crack the key and find out what they had for dinner last night.
I feel as though that given enough time, secre
Little more explanation please (Score:3, Funny)
Re:Little more explanation please (Score:2)
Try this [wikipedia.org] first.
Re:Little more explanation please (Score:5, Informative)
This scheme might be subject to denial-of-service attacks by eavesdroppers, but I'm sure they've thought of that in their network design. Probably they can send the keys via alternate routes in case of interruption of a link.
Re:Little more explanation please (Score:2)
Re:Little more explanation please (Score:2, Informative)
Re:Little more explanation please (Score:2)
No. That's where the quantumness comes in. Each photon has multiple attributes to it... two different axes of polarization, let's say. The only way to measure one of those values is to bounce something off the photon, which would screw up the other value. So it's like there is a stream of bit-pairs {(01)(11)(00)(10)(10)(11)}, but you can only read one of the bits from each pair.
There is no way to reproduce
Re:Little more explanation please (Score:1)
Re:Little more explanation please (Score:2, Informative)
Re:Little more explanation please (Score:1)
Re:Little more explanation please (Score:2)
Stupid question (Score:3, Interesting)
Can someone please explain how on earth this works?
Re:Stupid question (Score:3, Informative)
Or alternatively, see this (goatse-free) image [optics.upol.cz].
heisenberg (Score:1)
and he's the leading suspect in the murder of Schroedinger's cat. [wikipedia.org]
Simple explanation (Score:5, Funny)
Re:Simple explanation (Score:1, Funny)
If a cat created by inspection of random quantum fluctuation appears in the woods, with nobody to scratch, is the data still encrypted?
Re:Stupid question (Score:3, Informative)
Quantum mechanical systems, unlike classical systems, can exist in a superposition of states. A classical bit for example, can only be either 0 or 1, while a quantum bit, or qubit, can exist as both 0 and 1 at the same time with some probability. Hence, when you 'observe' a quantum system, the system is forced to be (I won't use the word collapse here!) in a new state consistent with the apparatus or observable you used to observe it. That's an over
Objectivity (Score:3, Informative)
For instance, if you measure the polarization of a photon, which was previously in a superposition of polarization states, in some sense you have created the new polarization of the photon, you have made it be what you measured it to be. So if I send you a diagonally polarized photon, and you measure it straight
Couldn't you eavesdrop by creating entanglement... (Score:2, Interesting)
Re:Couldn't you eavesdrop by creating entanglement (Score:3, Informative)
"Observing the entangled photon(s) would not change the originals..."
Not exactly true. Look into the EPR experiment and what's known as "spooky action." It turns out acting on one entangled photon instantaneously (faster than lig
Functional? (Score:1)
Misspelling in link in article (Score:3, Informative)
Re:Misspelling in link in article (Score:1)
What's your threat model? (Score:3, Insightful)
Re:What's your threat model? (Score:2, Informative)
Quantum Encrypted Network? (Score:3, Informative)
I think we'll all just have to wait and see [uoregon.edu].
Interdimensional Routers (Score:5, Funny)
"Holy Fuck! There's a giant squid crawling out of a rip in space-time near the water cooler!"
Buckaroo (Score:3, Funny)
John Bigboote: We've had our chance. Your Overthruster's for shit. We're lost.
Lord John Whorfin: One more word out of you, Big-booty...
John Bigboote: BIG BOO-TAY. TAY. TAY.
Re:Interdimensional Routers (Score:2)
Rejoice! (Score:4, Funny)
Re:Rejoice! (Score:2, Interesting)
I've been wondering. (Score:5, Interesting)
Re:I've been wondering. (Score:3, Funny)
Re:I've been wondering. (Score:2)
Authentication a problem? (Score:2)
Hey it looks like they're really thinking ahead on this one. But a big issue seems to be how to deliver secret keys? You must make sure you give them to the right person. I would think since you're going this far with security, wouldn't biometric be the best way? Maybe combined with some posessed object like an implanted rfid
Re:Authentication a problem? (Score:2)
Um... no. Delivering secret keys is the whole point of quantum cryptography. You send the secret key down the quantum channel, and you know whether or not it's been compromised. If it has, throw it away and try again. If it hasn't, great - you've successfully and securely delivered your secret key.
How does this work? (Score:3, Interesting)
Re:How does this work? (Score:2)
so what? (Score:2)
Oh, you said functional quantum encrypted network. My bad.
that's all well and good... (Score:1)
... but something about this type of cryptography seems a little bit fishy. what about a man in the middle attack? if you simply pass along exactly what you found, how can one computer tell that a change has been made from the original?
Re:that's all well and good... (Score:3, Informative)
Answers to lots of your questions at quantum.bbn.com [bbn.com], which is the actual document repository used by the development team. I think it's pretty cool that they make so much material publically available. There's also an overview [bbn.com] linked from the BBN homepage [bbn.com].
Re:that's all well and good... (Score:2)
Two reasons:
1. In the crypto world, anything not open is eyed suspiciously. Providing information and testing the lock are important.
2. That's the blessing of patents. While it is generally viewed here as patents==bad, it does make sure inventions are published.
Re:that's all well and good... (Score:1, Informative)
In order to find it you must look at it. In order to look at a photon you must make it collide with the back of your eye thus destroying the photon. No two people can look at the same photon.
Likewise, no two machines can look at the same photon because in order for a machine to look at a photon it must measure it. In order to measure it, the photon must collide with a sensor which destroys the photon.
So sure, a man in the middle can intercept a photon b
Re:that's all well and good... (Score:1)
theoretically, if the photon was sent by a computer, another computer could mimic that transmission.
you measure it. you destroy it. so what? you've got all there is to know about the data that's been sent; use that info to send out an exact replica.
i'm sure there's something i don't understand here. explain it.
4:30am and IANAP, but... (Score:2)
Both sides of the communications channel pick what polarization matters at random; that is the sender picks a polarization type at random to encode a random bit, and the receiver picks a type at random to detect. After sending and detecting the photon, t
Probably? (Score:4, Funny)
Because the more accurately we know the funding the less accuratly we know the results?
Truly this is quantum computing.
Re:Probably? (Score:3, Funny)
Re:Probably? (Score:2)
And the first quantum-encrypted message was: (Score:3, Funny)
Re:And the first quantum-encrypted message was: (Score:2)
"What hath Heisenberg wrought?"
Are you certain of that?
Any interference changes the photon, right? (Score:1)
The encryption is never the problem... (Score:2, Insightful)
When was the last time a security breach occured that was the result of someone brute-forcing an encrypted message or key?
The end-to-end system is what matters, as always. A keystroke sniffer installed via spyware is a vastly more economical approach to breaking an encrypted message. Which is exactly what
Re:The encryption is never the problem... (Score:3, Interesting)
No, the levels of loss are different.
When the laptop is stolen by enemies, they gain access to all data on the laptop, which gives them a password they can use to view data the rest of your organization is currently transmitting... OR to decrypt any data they've logged you transmitting before.
If the organization used QC, that last threat is taken away.
A few flaws in the system... (Score:2, Interesting)
Patent-pending BBN protocols pave the way for robust quantum networks on a larger scale by providing "any to any" networking of quantum cryptography through a mesh of passive optical switches and cryptographic key relays. Well, well... in previous posts, Assmasher and logicnazi noted the problem with repeaters and routers. It sounds like they are using passive switches, that is, purely op
Yeah (Score:2)
Yeah, well duh.
The worlds biggest carbon security flaw (Score:1)
In other news today... (Score:2)
Who knows where THIS one will be in 35 years.
Low information content... (Score:2, Interesting)
How many qbits? What kind of bandwidth? All optical point to point or switched? Transmission distance? What materials are being used for transport?
I'd love to know how many qbits they're playing with here to at least have a minor clue as to where the SOTA is...
Dumb headlines (Score:4, Informative)
This is not quantum encryption. Photon entanglement simply allows the recipient to detect if someone was listening. It's much like a signature, only stronger (signatures only go bad if someone tries to modify the data; quantum state of entangled photons changes if anyone even looks at the data).
You don't want to send critical information over such a link. You use that link to send a symmetric encryption key. Then you use crypto.
Eve, a passive MITM (WITM), can prevent you from ever using crypto by keeping the link tapped. You keep sending crypto keys across, but each time you realize they've been compromised. You cannot get anywhere in that situation unless you use public key crypto, at which point the quantum-entangled nature of the link gets you no extra security.
Network or link? (Score:2)
So I don't think that it is really a network..
OK, a fully meshed network is a network, but having to put a link between each node is not a very usable network when the number of node increase!
Or am I missing something? The article is quite low on detail..
What about idQuantique? (Score:2, Interesting)
Re:Eventually... (Score:2)