Quantum Crypto in the Real World

bednarz writes "Swiss officials are using quantum cryptography technology to protect voting ballots cast in the Geneva region of Switzerland during parliamentary elections to be held Oct. 21, marking the first time this type of advanced encryption will be used for election protection purposes. "We would like to provide optimal security conditions for the work of counting the ballots," said Robert Hensler, the Geneva State Chancellor. "In this context, the value added by quantum cryptography concerns not so much protection from outside attempts to interfere as the ability to verify that the data have not been corrupted in transit between entry and storage.""

Yeah!

[UbuntuDupe]

Or at least, in a superposition of having been tampered with and not having been tampered with.

Re:

[Anonymous Coward]

Nice of you to leave your signature there - good for making sure your posts get modded down in the future.

Re:

[Anonymous Coward]

Unfortunately you are wrong, and perhaps should be referred to: http://www.getitwriteonline.com/archive/022703.htm [getitwriteonline.com]

"...in professional contexts, it is probably best to avoid ending sentences with prepositions simply because many people *think* that doing so is always incorrect. Many readers do not recognize the difference between ending a sentence with a preposition whose object appears earlier in the sentence and ending a sentence with a preposition that has no object."

The object of the tampering is the dat

Re:

[Garridan]

Prepositions are totally fine to end sentences with.

Re:

[ajs318]

But conjunctions aren't good to begin sentences with .....

Re:

[gluechucker]

Don't end a sentence with the word "with!!!!!"

Why not? You just did :). ... with.

Re:

[Ulven]

You may have linked to the article, but did you read it?

"Once the election is closed - at noon on Sunday, Oct. 21 - the sealed ballot boxes of all the polling stations are brought to the central counting station, where they are opened and where the votes are mixed with the mail votes. Counting them is then manually done at the central counting station. People counting the votes at this central station use computers to transfer the counts to the data center of the canton of Geneva," Ribordy explained.

The q

No fair, you changed the outcome by measuring it!

[Cyberax]

Nuff said :)

Re:No fair, you changed the outcome by measuring i

[Alwin Henseler]

So don't: just follow the news, get feedback from your slaves, count the # of eggs thrown at your limousine and the # of stones and RPG's thrown at your armored vehicle. Lock up some opposition leaders, and torture them long enough to get some real answers about your position in the political arena. Finally, have some of your drones calculate the statistical probability of you winning the election, and (when it's up in the high 90's) HAVE an election. Next, proclaim your statistical calculated guesstimate

Re:No fair, you changed the outcome by measuring i

[leonardluen]

more importantly, where do they keep all the cats in between elections???

Re:No fair, you changed the outcome by measuring i

[Per Abrahamsen]

Is it you, Professor Farnsworth?

Heisenburg Voting

[Anonymous Coward]

Each voter is voting for all candidates simultaneously until the vote is actually read.

Re:

[ultranova]

Each voter is voting for all candidates simultaneously until the vote is actually read.

Well, it's still a step ahead of Diablo [wikipedia.org] voting machines.

The Heisen-Rove uncertainty principle

[User 956]

Swiss officials are using quantum cryptography technology to protect voting ballots cast in the Geneva region of Switzerland

Bah, we hace somnething similar in the U.S. Diebold has been using quantum encryption technology on their voting systems for years. That is to say, attempting to examine the vote count, alters the count.

Immeasurable!

[kcbanner]

Election results rendered immeasurable for fear of changing the result!

I was born in Switzerland.

[frup]

While I do not live there anymore as far as I know barely anybody votes! I guess that means that if even a small sample of votes get tampered, it can have a big effect.

Re:

[darthflo]

Yep, it's rather bad - about 30-50% of all voters actually vote, but the upcoming elections might have a bit higher participation (some very aggressive campaigning been going on for the past weeks). I think this is directly related to Switzerland being a very direct democracy - with enouh support (that's in numbers of people, not money), almost every decision of the Swiss political leaders can be overturned by the Swiss people.

That Doesn't Make Sense

[logicnazi]

If the only concern is non-intentional errors introduced by hardware (or software) then a simple hash should be effective.

Re:

[phantomcircuit]

A hash of a single bit variable? Genius

Re:

[Jarjarthejedi]

Okay, we'll ROT2 it first...will that make you happy?

(Actually it would probably be better represented as a full string of the candidate's name. Sure, it's more memory, but it'd be an especially remarkable series of faults that manages to flip every bit in that string to another candidate's name (assuming it's not purposefully tampered with) while just about any error would mess up a single, or double (got to assume there's not just 2 candidates, even if there are usually only 2 candidates) bit encoding.)

Re:

[phantomcircuit]

Why bother hashing? why not just assign an arbitrary string of acceptable length to each candidate.

Re:

[darthflo]

It's not as simple as "A or B". IIRC, two houses for a total of some 250 people have to be populated out of a few hundred candidates distributed into some "lists" and being able to be voted for individually, a single integer probably won't be a viable option to store a vote (an array of integers might, but I assume it's going to be strings).

Re:That Doesn't Make Sense

[Beryllium Sphere(tm)]

Also not making sense are the reference to the "1 GHz quantum encrypter" and the statement that they're holding back information about how it works for security reasons. Either it's vulnerable or it isn't. And gigahertz are the wrong units of measure. And quantum key exchange doesn't work that fast.

Re:

[Jarjarthejedi]

But the biggest question of all...how many Parsecs does it take for this system to make the Kessel Run?

Re:

[ceroklis]

It does make sense if you realize that the only point of the exercise is economic promotion of the Geneva region. Robert Hensler is also pushing internet voting (using local technology) for the same reasons. See for instance this [geneva.ch]. The mention "ideal business location" should give you an idea of what this is all about.

I love this misguided attempt at security

[spagetti_code]

Its kinda like when someone says they are using 4096 bit encryption for their SSL banking, and not realising their password is being stolen by a keylogger.

The biggest problem we face today is *not* the encryption. We have bags of good encryption technologies out there, from AES (symmetric) to a variety of Public Key techniques. The problem actually comes from the people and processes at either end of the encryption pipe.

Guess what - no-ones SSID has (probably) ever been stolen while in transit via SSL over the internet. The millions of SSIDs stolen to date have been theft [attrition.org] of [washingtonpost.com] laptops [yahoo.com] or admins not securing their websites [utexas.edu] properly. Hopefully they will understand this, and spend an equal portion of their time/energy securing their endpoints.

In other words...

[NotQuiteReal]

The problem actually comes from the people

We let too many stupid people vote? Is that what you are saying?

Re:

[Spy der Mann]

We let too many stupid people vote? Is that what you are saying?

Unfortunately, it's true. Remember how many votes Bush got in 2004? :'(

Re:

[Adambomb]

as far as the original reasons, The need for an electoral college wavered with the telegraph amd died with the airplane.

And I never did understand the concept of "unfair popular votes between states". Yes, you're all distinct by state, but isn't the president the president of the country? Wouldn't the senators, governors, and house representatives still be distinct to their regions?

Could someone put this into perspective that makes any sense to the outsider?

Re:

[logicnazi]

No, the electoral college has important value besides merely respecting states rights. Hell, once we abandoned real electors and sworn electors were selected by popular vote arguably the electoral college does more to hurt state local interests than help since there is no need to fuss with states that are clearly in one column or the other.

The real benefit of the electoral college is to blunt the tendency of incomplete turn out to encourage extreme views. Notice that there are two ways to win elections: A

Re:

[Fred_A]

With the electoral college it doesn't matter how many extra votes you get out in a strong red/blue state it still counts the same. What matters is whether you can carry the moderate states. Thus there is less incentive to take extreme positions motivating turn out in the states that strongly support you and more to take the sorts of positions that will win in the moderate states. Sure there are still partisans of both stripes in every state but a republican in ohio isn't the same thing as a republican in Wyoming.

Your logic seems to imply that if there wasn't an electoral college in place, all the people in a given state would still vote the same way.
Presumably that wouldn't be the case. Most states would be moderate with a wide ventilation of votes across the spectrum.
(disclaimer, not from the US. And I never really got that electoral state thing either.)

Re:

[SnoopJeDi]

You'd have to have one hell of a computer to do it in any reasonable amount of time.

...or use these new Quantum Computer things. You know, the ones that can run algorithms that can crack conventional cryptography.

If they weren't using this, people would be complaining that politicians aren't utilizing technology enough.

Re:

[AllAboutVoting]

I agree. I see little of value here. Part of that may be due to the lack of details in the article and the useless trust destroying statement "the Swiss government is not sharing a lot of information on certain details for security reasons."

Counts are encrypted as they are passed from one place to another. Note that that those counts should be public information anyways, so the intent of the quantum crypto is to preserve the message - not to keep it secret.

Those counts could have been adequately protecte

They never get it

[goombah99]

Crypto and now Quantum Crypto--theve voting machine folks just never get. Too wrapped in the forest of their own cleverness to see the trees. All these assertions of provable voting miss the entire point of transparency. Voters need to be able to see how it all works. You don't wrap it up in a trust-me-the-math-proves-it burrito and call it transparent. All that does is exclude participation in the process and every time you centralize the cryto it means it takes fewer and fewer people to exploit the hole they forgot to close and don't know about yet. The real solution is to spread the problem out in the sunshine so that even if it allows more people access to fudging things it also takes more people to achieve a significant fudge and the risk of getting caught is higher.

The key thing about voting is this: it's actually unlikely anyone will cheat but every wants to be sure it did not happen. Voting is about convincing the losers they lost not proving who won. it has to be convincing.

Re:They never get it

[causality]

While I can't say I know very much about how this is being implemented, and therefore could only speculate about the threat model and how it is being addressed, I very much appreciate your point about the need for transparency. I would further submit that an aspect of the problem that is not often discussed but certainly does have a strong influence in the outcome of elections and how they affect the country (i.e. the entire point of having a vote) is not so much how the voting is carried out, but who is doing the voting.

I realize how unrealistic it is that this would actually be tried, but what I would really like to see is a restriction that prevents anyone from voting until they demonstrate that they understand how the government actually works. Something like a (hopefully very tough) civics test that must be passed every so often in order to retain the right to vote, with emphasis on what is and what is not the proper role of government. At least in the USA, it seems that just because so-called "literacy tests" were abused for the purpose of denying suffrage to black people, during a time when the evils of open racism were widespread, we threw the baby out with the bathwater and decided to discard the entire idea that a voter should demonstrate some competence before performing such an important duty.

This could work if anyone who meets the other requirements (at least 18 years of age, not a convicted felon, etc.) is eligible to take such a test and maybe it would be a good idea to allow them to re-take the test until they pass. The idea is that with informed voters who understand how the system was intended (by the Founding Fathers) to work, elections would be determined more by a candidate's position on issues, their track record (if available) of how they handled previous positions of power, and whether their ideas are actually sustainable long-term (which many of our entitlement programs are not, such as Social Security and other vote-buying techniques) and less by 30-second ads on TV, campaign slogans, empty promises, and party affiliation. I believe this would also have the effect of selecting against the knee-jerk, ill-considered reaction of valuing security more than freedom and would probably also make it a little easier for candidates who do not belong to the two major parties to win elections beyond the local-government level.

One thing that has always bothered me about politics is the unwillingness to try new ideas to see if they are superior (and if not, why) and abandon them if they are not. It seems that we have too much faith in the status quo and are only ever willing to change it in reaction to some kind of crisis -- often due to skillful use of Problem, Reaction, Solution aka Thesis, Antithesis, Synthesis (Hegel) -- by taking measures that wind up being set in stone and very difficult to change in the future.

Re:

[Planesdragon]

Technically, in the USA, the Peoples vote doesn't even matter.

1: only when voting for President. All other elections are direct-election.

2: Even then, it's a choice of one of two slates of electors, who go and are usually required by law to vote a certain way.

Re:

[gnud]

So if your opinion of what a goverment should be deviates from the norm, then you can't vote?

A system such as you describe will only strengthen the notion that there is one "correct" form of goverment.

Re:

[causality]

The idea of a civics test is not a particular outcome as you seem to suggest (nice straw man btw), but the more basic concepts of how the system is implemented. It would require that the voter knows i.e. what the executive branch does that the legislative does not, the intentions behind the Bill of Rights and what they were designed to protect (and what they were designed to protect from), and that government only really does three things well, which are: defense, law enforcement, and public works. Someon

Re:

[moogle001]

I sincerely hope you realize that your post proves why there can't be any civics test. Your assumptions on what government can and can't do well and what's good for the common man are just that: assumptions. Many, many people in the world would disagree with you. But hey, you may be right, you may be wrong. It's all political theory, after all. Which is why we shouldn't be requiring people to agree.

Re:

[yariv]

You assume that the Founding Fathers intended for 90% of the government to come from local/state level, it might even be correct. However, the question is not what were their intentions but what is written in the constitution. By the way, they also intended for black people to be slaves and for women to have no vote, do you think anyone who think differently should not be entitled to vote? You might not say there is only one correct way to do things, but you definitly say there is a very small number of wa

Re:

[causality]

You assume that the Founding Fathers intended for 90% of the government to come from local/state level, it might even be correct. However, the question is not what were their intentions but what is written in the constitution. By the way, they also intended for black people to be slaves and for women to have no vote, do you think anyone who think differently should not be entitled to vote? You might not say there is only one correct way to do things, but you definitly say there is a very small number of way

Re:

[yariv]

I will not argue over what the Founding Fathers intended, but slavery was accepted by them, it was not forbidden by the constitution, and some of them held slaves (Washington, for example). Anyway, I am not american, so I don't really care what were their intentions. As for women's voting, the point is not whether women are less likely to vote by the standards you propse, but should they have a vote. In the system you propse, should they be tested. The Founding Fathers were (at least most of them) male-chau

Re:

[causality]

They build a mechanism that fitted the world as they knew it, not the modern world.

Some things are timeless, such as the observation that, given enough time, all governments decay into police states or dictatorships unless proactive steps are taken, primarily by those who can see the obvious, to prevent this. This is simply entropy on a large scale. The USA has already exceeded the life expectancy of a constitutional republic by nearly fifty years.

Modern things you might need from the government you

Do You Watch Them Count The Vote?

[logicnazi]

I doubt it. You trust the people to take the votes away somewhere and count them up. You probably don't have a clue who does the counting, where it is done, or how the counting machines work. I sure as hell don't.

The system we have now is just as non-transparent as all the good voting systems. The only real difference is that you are familiar and comfortable with one and not the other. That will change in time. Once various clever crypto systems become more familiar people won't need to look inside an

Re:

[Fred_A]

Crypto and now Quantum Crypto--theve voting machine folks just never get. Too wrapped in the forest of their own cleverness to see the trees. All these assertions of provable voting miss the entire point of transparency. Voters need to be able to see how it all works.

Ah but you can't look at it. That's the point of quantum crypto.

But how does it work ?
It's quantum.
Can I look ?
Not it would break it.

Schrodinger's President

[BradleyUffner]

How did the scientists get around the fact that they don't know who won until after the person takes office?

Re:

[Jarjarthejedi]

They put him in a box with a large radiation emitter. The same thing's being considered over here I hear :P.

What's that? We were only supposed to leave him in there a short time? Oh...new election!

Quantum Voting by Stalin

[Gothmolly]

"He who casts the votes decides nothing, he who counts the votes decides everything.... or not."

Re:

[Plutonite]

Gets a bit more complicated when it's a "they" who count the vote not a single "he". And unless you live in a totalitarian society like, say, the one Stalin had oppressed/dream-talked into submission to his every command, there should not be an easy way to convince all the people who should be involved in the voting procedure to do something illegal. That is why people on slashdot want less machinery/electronics and more people/paper involved - it is hard to pull off a conspiracy with thousands of people.

An

I vote for Shroedingger!

[Tablizer]

If you don't like the election results, then just never observe the candidate, meaning they don't actually exist.

Re:

[Anonymous Coward]

Vote for Schrödinger!
A cat in every box!

Oblig.

[Romicron]

In Soviet Russia, votes observe YOU!

Repeat after me...

[fluffy99]

Quantum cryptography is not encryption. A method of secure key exchange perhaps, but it's not encryption.

Re:

[blueg3]

Actually, it's a very fast method of detecting an intercepted communication. As such, it's usually grouped with encryption mechanisms. There's absolutely no way of intercepting the data that's not very rapidly detectable, so you can limit the loss of information before terminating the communication. If the information you're transmitting is such that a handful of bits is useless, it's an excellent security system.

This is not, however, the first time it's been used.

Cerberis?

[ZMerLynn]

According to id Quantique's CEO Gregoire Ribordy, the firm's Cerberis product ...

Cerberis? That name sounds awfully familiar. [mit.edu]

I wonder if

[Vadim Makarov]

it is exactly the same quantum cryptosystem that has recently been broken (by an attack exploiting a component imperfection) [arxiv.org]?

In fact, I would love to see a statement from id Quantique that this security issue discovered in their equipment has been addressed. There hasn't been such a statement, to my knowledge.

Re:

[blueg3]

That wouldn't make sense. This applies to a specific system and not to the general concept. The point of the paper isn't that there's a particular outstanding security problem (there is, but it only applies to the one device studied), but that just because quantum cryptography is theoretically perfect doesn't mean that device implementations are necessarily perfect.

Re:

[Vadim Makarov]

You are correct. However the paper has studied exactly the same device implementation that is currently being used to secure the Swiss elections. It doesn't say so in the abstract, but in the body of the paper the lab version of the id Quantique cryptosystem is listed. It is likely their full-link version uses exactly the same quantum hardware as in the lab version, plus the classical VPN equipment.

Re:

[Anonymous Coward]

Two points about the "breaking" of idQuantique's system:

1. The system that was broken was slightly modified to make the attack feasible with current technology (the laser was replaced). The attack would still be possible with the unmodified version, but would require better eavesdropping technology.

2. It was only broken in the "information theoretic" sense. That is, the number of "really secret" bits is slightly less than the actual length of the output "secret key". It is still not possible to read any sin

Mod the parent up.

[Vadim Makarov]

It's the only response in the entire discussion from someone who has a clue :)

"Quantum" whatever.

[RightSaidFred99]

It's a bunch of god damn gobbledy gook. They think if they call it "quantum" something it sounds high tech and futuristic. This technology isn't quantum anything, any more than any process that uses light or electricity is "quantum" something.

It's a bunch of shit, and it will never come to anything. Repeat after me: Quantum (x) is, for any value of x, just nerd porn and will never provide super-fast or super-secure _anything_ in the real workd.

Re:

[SEMW]

This technology isn't quantum anything, any more than any process that uses light or electricity is "quantum" something.

Whilst that is indeed often the case (see also: audophiles; new age health), in this particular instance you're wrong. See http://en.wikipedia.org/wiki/Quantum_cryptography [wikipedia.org].

oh no

[mrjb]

<sawfish>That will take at least half an hour to break! </sawfish> *sigh* How I wish I had never seen that movie.

Quantum cryptography and internet voting

[Zorglub1234]

This is mainly an advertising stunt. The State of Geneva has been promoting an evoting (internet) system for the past 6 years. They complain that citizens are not interested in the voting process, but every time computer scientists (mainly free software advocates) have indicated that they had doubts about the system (but noone except the State has access to the system), the criticisms were treated with disdain (to say the least !). Some background information about the system is at http://www.geneve.ch/evot [geneve.ch]

Swiss and Finns

[KimmoV]

What have they ever done for Internet?? First WWW and now this with Swiss...Finns with their pesky IRC and the linux. Who do they think they are!?

Swiss, Finns, overlords...need I say more?

How do they prevent voter fraud in

[Iowan41]

the other universes?

Cool! A Minnie Driver/Anne Hathaway love scene.

[Impy the Impiuos Imp]

> marking the first time this type of advanced encryption will be used for
> election protection purposes. "We would like to provide optimal security
> conditions for the work of counting the ballots..."

Frank: Pssst! Got our moles in position?

Joe: Yep.

Election Official: Let the undefeatable election system counting commence!

Re:

[fkamogee]

Replying to your sig. Two spaces after a period went out of style well before the interwebs went mainstream. It usually looks silly when using a variable-width font.

Re:

[shaiful]

how if we let to many noobs or stupid people vote?? they're goin to mess it up...dun u think so...