Quantum Cryptography Conquers Noise Problem 79
ananyo writes "Quantum-encryption systems that encode signals into a series of single photons have so far been unable to piggyback on existing telecommunications lines because they don't stand out from the millions of others in an optical fiber. But now, physicists using a technique for detecting dim light signals have transmitted a quantum key along 90 kilometers of noisy optical fiber. The feat could see quantum cryptography finally enter the mainstream. The researchers developed a detector that picks out photons only if they strike it at a precise instant, calculated on the basis of when the encoded photons were sent. The team's 'self-differentiating' detector activates for 100 picoseconds, every nanosecond. The weak charge triggered by a photon strike in this short interval would not normally stand out, but the detector measures the difference between the signal recorded during one operational cycle and the signal from the preceding cycle — when no matching photon was likely to be detected. This cancels out the background hum. Using this device, the team has transmitted a quantum key along a 90-kilometer fiber, which also carried noisy data at 1 billion bits per second in both directions — a rate typical of a telecommunications fiber."
Great news! (Score:3)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
From The Fucking Article:
You cannot measure a quantum system without noticeably disrupting it. That means that two people can encode an encryption key — for bank transfers, for instance — into a series of photons and share it, safe in the knowledge that any eavesdropper will trip the system’s alarms.
Please help this simpleton ... (Score:2)
I gotta admit that I'm not familiar with photonic quantum cryptography.
As far as I know, photonics means light, and light does reflect - and could even possibly be diverted (from one beam and splits it into two)
Can the MIM (man in the middle) spit a beam into two, letting the "original" beam to travel to whoever the recipient while working on the "branch"?
Would that approach cause a "noticeable disruption"?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Seriously, I have no idea of the actual application of this technology.
Unbreakable copy protection, DRM.
Re: (Score:1)
Re: (Score:2)
There are none. Unless you want something far, far worse than existing technology in terms of capabilities, cost and reliability. I do not think this stuff will ever become mature, but if it does, expect it to take > 100 years from now. This is just scientists lying in order to get funding, there are no in any way relevant breakthroughs and there have been none since this started. And the physics used is also shaky, unlike moder cryptography which relies on mathematics that is solid.
Re: (Score:1)
moder cryptography which relies on mathematics that is solid.
And except for the use of one time pads, modern cryptography methods can not be proven to be secure in the sense that there are not proofs of the nonexistence of fast cracking algorithms. They are all pretty much based on the idea that it should be hard to determine keys, etc. based on spending several years trying to come up with a way to break it, but don't exclude the possibility of someone developing a new attack down the line in any way.
If implemented correctly, quantum encryption would only be brok
Re: (Score:2)
Ok, admitted, even the DLP has not proven to be hard except under unrealistic assumptions.
Block ciphers are also a risk, but then when you do quantum-key-exchange, the next thing you do is communicated protected by a block-cipher with the exchanged key, so that is irrelevant. Because quantum-key-exchange is very, very slow, there is really no way around that. So you have to use classical crypto anyways and quantum key-exchange is just one more component that can fail.
There is also the problem, that classica
Re: (Score:3)
Re:20/20 transmission (Score:5, Insightful)
Re: (Score:1)
Re: (Score:2)
Why would the handshake need to be encrypted?
Re: (Score:1)
Why would the handshake need to be encrypted?
You need to securely communicate the handshake, because otherwise the eavesdropper can intercept that message, and increase the transit time to a point long enough that they then will be able to perform a man in the middle attack on the following quantum key distribution packets.
Re: (Score:2)
Re: (Score:2)
If you're going to have to be together in person anyway, why not just generate/swap keys then..?
Re: (Score:2)
Hacking fun (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
. hackers will be 'hacking' light by bending it use natural magenetic forces
Natural or unnatural in origin, magnetic fields don't bend light by themselves (some materials will affect light in ways that can be changed by a magnetic field... but in that case you could just use regular optics if you just want to bend). There is an exception due to QED... but requires magnetic fields orders of magnitudes higher than anything on Earth, only works on gamma rays because it gets weaker for longer wavelengths, and scatters instead of bends.
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Not Typical Telecom (Score:2, Informative)
"transmitted a quantum key along a 90-kilometer fiber, which also carried noisy data at 1 billion bits per second in both directions — a rate typical of a telecommunications fiber."
Telecommunications fiber with a 90km (~50mi.) length would be considered backbone. Typically two fibers are used to send signal in both directions. Single fiber applications require different frequencies of light to both TX & RX. This single fiber application is only used in metro FTTX/GPON situations - never in back
Re: (Score:2)
This is still a leap over the previous possibility, on the "expensive 'dark fibers'"...I think that was tfa's point. And the emphasis might have been the rate, not the specific setup. I don't think they are claiming the prototype is market ready...
Not news for political science majors. (Score:1)
Why is this shit on my slashdot?
Also notice, 13 comments while the other political junk averages >100.
How to use quantum key exchange? (Score:2)
Re: (Score:2)
Not quite. But basically, you can only do optical switched circuits (no packed networks), and you cannot do amplification. Switched circuits are a failed technology, just look at ATM. And you still need a second network for the actual data transfer.
That makes this thing completely useless in practice, except for dedicated, short links. But for them you can use pre-shared key to get the same level of security, or even higher, as this quantum stuff has already been broken numerous times. And 1:1 link can be p
Re: (Score:1)
The problem with so-called quantum crypto -- and I applaud slashdot calling it out, there is no crypto involved -- is it's not even a new deal for telecommunications, because we already have a demonstrably secure method: crypto.
So it's all about laziness, the unwillingness to engage in the practice of secret key management. If your target market is comprised of folks who are unable or unwilling to manage their own security and want some black box to do it for them... well are we not approaching Dilbert-esqu
Re: (Score:2)
Sometimes you'll want to generate a new secret key, and not have the opportunity to physically travel to the same location as the other party. If you've already got an uninterrupted optical fiber and the QKD equipment you can generate new secret keys on demand. It's not likely to be practical for general use anytime soon
Why is it called quantum "cryptography"? (Score:3)
Shouldn't it be more like, quantum tamper detection? It's just using one-time pad in such a way that the pad's transmission getting intercepted will trigger the tamper detection mechanism.
Re: (Score:3, Insightful)
Pure marketing BS. It is "quantum modulation", no cryptography involved at all. At it is completely irrelevant anyways. The people doing this have to outright lie to get continued funding.
Variation on time division multiplexing (Score:3)
Still completely irrelevant (Score:4, Insightful)
There are numerous problems:
1. You need _optical_ switches, i.e. switched circuits. That approach failed a long time ago. Anybody remember ATM?
2. 90km is nothing. Amplification is impossible, so unless they reach 10'000km, this is completely irrelevant.
3. Nobody needs it. Cryptography does fine. (No, this is at best "quantum modulation", no crypto involved.) If you are paranoid, use OTPs. They are far, far cheaper, far, far more reliable and completely compatible with existing networks.
4. Remember, this is only key exchange, not actual data transmission. As such it is pretty useless, as you still need to rely on cryptography for the message transfer.
5. The security guarantees are far, far weaker than people are made to believe. Just look at the history of successful compromises.
6. Not even the physics may work out. Quantum theory is a _theory_, not established fact.
Another worthless stunt.
Re: (Score:2)
3. Just make the keys longer or use ElGamal. Crypto _is_ fine. And you are mixing apples and oranges. For block-ciphers, quantum computing (if it ever works for any meaningful input sizes, which is doubtful), gives you a square root. That means AES-256 goes down to AES-128 which is still secure. Not a problem at all.
6. Wrong. It is not established fact for the precision and completeness needed for crypto use. Some tiny errors and variations are all it takes to completely break the key-exchange use, but leav
Re: (Score:3)
Re: (Score:2)
It is not that simple. Some tiny variations could leave quantum theory intact, but completely break "quantum modulation". This is crypto. Some information leakage can easily invalidate it, even if it only happens under exotic conditions. In that case, everything works for most of the world, but an attacker can create said exotic conditions.
I do indeed know what "theory" means here, namely well established model (not an exact description of reality) which still has flaws and inaccuracies. For the use in key-
Re: (Score:2)
1) You cannot have hops. For this to be secure it has to be done end-to-end, there is no other way. The exact same photon sent by the sender _must_ reach the reciever for any of the security properties to hold.
2) 90km is worthless. You _cannot_ regenerate quantum signals. If you could, they would be completely insecure.
3) It is not even somewhat secure at this time and several implementation have already been broken.
4) If you need to rely in conventional crypto anyways, do the key exchange with that, and ha
Comment removed (Score:4)
Re: (Score:2)
I am a scientist. I know that. The problem is that even a well-established physical "theory" is only a model and can have tiny errors and inaccuracies. For use in key-exchange, these can easily be disastrous, while leaving most/all other uses intact. Also, for the case of quantum theory, the model is not complete. Simply following the press is already enough to see that. Maybe we will have a GUT one day and it will be accurate. That we do not indicates that even quantum theory is flawed, possibly only in su
Re: (Score:2)
Not well enough for cryptographic use. For most uses, if it holds up in 1000 (or 1'000'000) experiments and fails in one ("measurement error"?) it is fine. For crypto, you need far better accuracy.
Re: (Score:2)
Indeed. And this type of tiny inaccuracies can (and has in the past) completely break any cryptographic use.
basic question (Score:2)
But what attack does QC prevent? (Score:1)
I still don't understand the benefit of Quantum Cryptography - it only prevents eavesdropping on the wire, right? It doesn't prevent a man-in-the-middle (where someone would receive the signal, read it, and retransmit it along the wire)?
Assuming your machine is clean from infection, the big eavesdropping concerns today come from man-in-the-middle attacks: rerouted lan traffic (such as compromised clients running an ARP spoof), and intermediary nodes between endpoints (eg. your ISP, and the Internet backbo
Re: (Score:2)
Specifically, it is a key-distribution scheme that can't be attacked by a MITM attack, assuming the equipment behaves in an ideal manner. Most of the breaks of QKD systems have come from the fact that equipment does not behave in an ideal manner.