Video Australian Company Claims Laser-Based Quantum Crypto is "Unbreakable" (Video) 84
Here's another statement taken from the company's website: "QuintessenceLabs is the first in the world to exploit a new generation of quantum cryptographic technology which enables unbreakable, secure storage and communication of sensitive information through the generation of an ultra-secure cryptographic key." Unbreakable? That's a strong boast. Is it true? And even if it's only partly true, your upper management may call on you to explain (and possibly implement) laser-based quantum security, so you need to know what it is and how it works -- and whether it's something your company (or your client companies) need.
John Leiseboer:QuintessenceLabs is a cybersecurity defense company. We basically build products that help you generate keys, manage keys and do that effectively with a security policy so that the users of those keys know how to use the keys to meet the requirements of your workenvironment. Quantum Random Number Generator is actually something we are very proud of. We started like back in 2008, as a spinoff out of a research group at a university where work was being done in the experimental field of quantum physics, related to quantum key distribution.
As part of that technology development, we had to develop a whole bunch of components, including what we call the quantum random number generator. One of the interesting things about quantum key distribution, is that you need to have a very very high speed source of true random numbers. And in developing that particular technology, the QRNG spun out of that, and we found that there are applications for that in the commercial world as well as in various military and defense applications as well. So let’s take a walk around the booth.
What we are looking at right here is the concept or the demonstration of a concept of the extraction of entity from a quantum vacuum state. So the system here is displaying a laser that is called a coherent laser. In fact, it is a very finely tuned laser. As it is finely tuned, it also acts as a carrier of quantum information. The quantum information that is in fact encoded in this laser is a vacuum state. Random numbers in other words.That’s because in the quantum world a vacuum actually does have energy—the spontaneous creation and destructive energy. The way we can actually measure that you require an apparatus like this. So we a laser, a beam splitter, which is splitting the laser beam into two equal components and then we subtract those. In the classical world, what that would end up being is a vacuum—nothing. But in the quantum world, because it is a quantum state that we are actually carrying on the laser and splitting, we end up with the quantum vacuum energy.
We measure that by subtracting the laser from itself and then amplifying and filtering that signal, converting it to a digital signal, and converting that again into the actual random numbers that ultimately end up as key material. Obviously this is just a concept. It is really meant to just show and explain what the basic source of entropy is. That’s the splitting of that laser to bring the quantum back in. What we’ve actually implemented is obviously a little bit more sophisticated and a bit more practical. Over here, we have a rackmount chassis and towards the rear of the chassis you will notice that there is a card which has on it an aluminum box with the label which says QuintessenceLabs. That box has within it the optic components, so in there, we do have a laser, we have all the beam splitting components, the photo detectors which convert the light signal into an electrical current. And we have the subtraction circuitry that subtracts those two beams that I was talking about earlier.From the particular box, that very high frequency RF signal is then taken to some analog processing where we amplify it, we filter it, we frequency shift it. So it basically allows to get it into the digital domain. So once we’ve done all that preprocessing, we then pass the signal to an analog to digital converter and from there, we then go to a very high speed field programmable gate array which has internal circuitry just used to condition that random signal to produce the random numbers with a uniformdistribution.
There are all sorts of applications for random numbers. I mean, the most well-known use for random numbers is to seed a key generator. And keys are obviously required in cryptography.Whether that be symmetric keys or asymmetric keys you have to start with some truly random source somewhere. So that’s one application—a very common application. Other applications most communications protocols, secure communications protocols also require some element of randomness within them. You think of that SSL/TLS the transport layer security protocol. Every time you need to have a session with that, you have to generate a symmetric key, you would also probably often use a block cipher that requires an initialization vector.Usually that’s done with a random number. But if you are using an algorithm like DSA digital signature algorithm, part of that algorithm is the requirement to have a nonce, a random number that got itself repeated is actually a very good source of a nonce.So there are many different areas in the security field where you find a good need for random.
In addition to that, there are non-security related areas, simulation is a classic example. So the best most realistic simulations you need to as closely as possible simulate real world events. Most real world events have some element of random to them. Think about a tree. Think about a tree in a forest. Think about the leaves on that tree. Each individual leaf has some element of random movement. A high speed good quality random allows you to build simulators of for example, leaves on trees, which will be used in larger simulations yet again to give very realistic applications.And I guess the final there is, all sorts of modeling applications, scientific modeling, mathematical modeling, modeling of weather, and all those sort of applications large quantities of good quality random numbers are essential.
One thing I didn’t mention is the gaming industry.Of course they like to bias their random in certain ways. One of the best ways to bias your random is have a very good filtering function that’s treated with true random, then apply whatever manipulations you require, to make sure the output matches what you wanted it. But you start with a biased source, a bias of even more, you are not going to necessarily get the bias you want. But true random in, bias it the way you wish, and the gaming industry can make as much as they like out of it. We actually started our R&D up around in 2008, and this is 2014, so I guess the rough guess there is approximately six years. On that way, we’ve developed many different products that have been spinoffs of the basic technology. The actual effort gone of this particular development is probably closer to that two to two and a half years’ duration involving a team of peak load of about seven to eight individual engineers.
So...? (Score:5, Funny)
Laser-Based Quantum Crypto is "Unbreakable"
Sharks: 1
NSA: 0
Re: (Score:3)
Well, "quantum crypto" should really be called "quantum key distribution". It's the key distribution part that's "unbreakable" - the rest is just AES or whatever. However, key management is the interesting part of cryptography for attackers: it's easier to somehow find the key than to attack the math.
And the quantum aspect doesn't actually prevent an attacker from snooping during key distribution, but it does provably let you discover that snooping has happened, and act accordingly, which is a valuable th
Re: (Score:2)
End-to-end quantum cryptography allows you to know whether your communication has been intercepted. It IS theoretically immune to MITM. Simple quantum key generation or exchange however, may not be.
Re:So...? (Score:4, Interesting)
but it does provably let you discover that snooping has happened
Not it doesn't. Alice can't differentiate between Bob reading the message and an attacker performing a MITM attack
.This depends on your definition of "quantum crypto".
End-to-end quantum cryptography allows you to know whether your communication has been intercepted. It IS theoretically immune to MITM. Simple quantum key generation or exchange however, may not be.
Right. Alice can differentiate between Bob reading the message and a Man in the Middle interception, because to intercept the message, the man in the middle has to read the quantum bit -- that is, in the photon case, measure the polarization-- and reading it destroys it. The Man in the Middle can't then send on a copy of the quantum bit, because of the quantum no-cloning theorem. She can send a photon polarized in a way identical to the way she read the photon-- but that only works if the receiver, Bob, happens to choose the same polarization to measure that the Man in the Middle chose to measure.
There is, however, a footnote to this. Eve actually can clone the photon (cloning photons is what a laser does). But she can't clone it perfectly-- or, more specifically, she can't be sure that the "cloned" photon is actually a copy of the original, or a spurious ("spontaneous emission") photon that happens to be in the same place. So, if she clones the photon, and measures one copy, and sends the other copy on, this shows up as noise in the signal-- exactly the same as stray light. So, Eve can read some of the message, if she's sufficiently clever, but how much is limited by how much noise the people communicating will accept in the signal without realizing that they are tapped.
Re: (Score:2)
"So, Eve can read some of the message, if she's sufficiently clever, but how much is limited by how much noise the people communicating will accept in the signal without realizing that they are tapped."
Right. So if you're using any kind of compression or other scheme that requires accurate reception of a whole packet to re-assemble it (via CRC as a check for example), you can render that partial interception non-useful to your MITM.
It's pretty much theoretical at this point, since we really don't have practical end-to-end quantum crypto yet. But it may not be too far off.
Re: (Score:1)
Why is the man in the middle a woman?
the man in the middle has to read the quantum bit .... . She can send a photon polarized in a way...
Giving the entities a gender and then mixing it up half way through only confuses people.
Re: (Score:2)
I can't tell if you're being sarcastic or not. The "eavesdropper" is classically named "Eve".
Yes, but the point was that 'Eve' is also known as 'the man in the middle'.
Maybe she had a sex change.
Re: (Score:2)
2: Use an encryption algorithm known only to the parties intending to communicate. Try not to use ROT13. It's trivial to shit out an algorithm that is so complex and bizarre no one will ever figure it out, but hard to make one that is also easy to use without leaving shit for your enemies to find.
Do you have a reference for this? The prevailing wisdom suggests that it's quite difficult to create a secure encryption algorithm - so difficult that only a few algorithms are in widespread use. An algorithm that is complex and bizarre is also complex to prove that it's secure, and could have some fatal weakness that's unearthed that makes cracking it feasible.
Re: (Score:1)
2: Use an encryption algorithm known only to the parties intending to communicate. Try not to use ROT13. It's trivial to shit out an algorithm that is so complex and bizarre no one will ever figure it out, but hard to make one that is also easy to use without leaving shit for your enemies to find.
Do you have a reference for this? The prevailing wisdom suggests that it's quite difficult to create a secure encryption algorithm - so difficult that only a few algorithms are in widespread use. An algorithm that is complex and bizarre is also complex to prove that it's secure, and could have some fatal weakness that's unearthed that makes cracking it feasible.
Widespread use of such algorithms by militaries, spies, serial killers, etc. that are typically only cracked when enemies get their hands on encoding/decoding materials.
For example, using a reference text such as a book or newspaper, using daily events such as weather/temperature/baseball scores, etc. all as part of a convoluted transformation scheme.
For example: The Dodgers beat the Mariners 4 to 2 in their last game, the temperature in Timbucktoo was 62 degrees as reported in a specific newspaper, and yo
Re: (Score:2)
What you described is not an encryption algorithm. Its a key exchange protocol (or possibly a one time pad)
Re: (Score:3)
Not it doesn't. Alice can't differentiate between Bob reading the message and an attacker performing a MITM attack.
If that were all it did, it would still be valuable, as it's harder to hide a device that can do that than it is to hide a simple tap. But that's not true - that's the "quantum" part.
Alice sends Bob a photon polarized along a basis randomly chosen by Alice. Bob measures the polarization along a randomly chosen basis. If the bases were the same, one bit was successfully sent, if not it's noise (polarization as measured "up-down" gives no information at all about what you would have measured "left-right",
Re: (Score:2)
All sharks know is that Alice, Bob and Eve are delicious. [Chomp, chomp, chompity chomp.]
Re: (Score:2)
Re: (Score:2)
Try not to use ROT13.
Cool. I'll continue to use LOLcryption [master5o1.com].
Re: (Score:2)
That's hy we developed the Rot13 OTP. It's easy to use, and since it's a one time pad,it's absolutely secure.
Re: (Score:1)
Re: (Score:2)
Quantum crypto reminds me of holographic storage. Yes, it works, but there are not many efforts in the real world implementing it.
The quantum crypto link isn't really about sending data. It is mainly creating a key and sending it via a secure link (where both sides will either resend, or keep generating random bits until they have enough non-snooped key material.)
However, encrypted data just goes through normal lines. Normal data gets 256 bit AES. Really secure stuff can go via one time pads.
Of course t
Re: (Score:2, Funny)
But will it protect one's Bitcoins?
Re: (Score:2)
Re: (Score:2)
Do they know what Quantum means?
Does it matter? Verizon doesn't. (eg: "FiOS Quantum")
feh (Score:3)
"laser based" is irrelevant, except as a way to get the quantum effects.
And even if those effects are real, I'm guessing that 'quantum' is not able to provide stronger encryption, only to make it easier to *break* encryption.
Tell your boss to spend the money on a new yacht instead.
Re: (Score:2)
"Laser" is just the marketing hook buzzword. It could be replaced in this story with "Cosmic Ray", "Neutrino", etc. as people find ways to get the desired "quantum" properties.
Re: (Score:2)
Quantum is also a a marketing hook buzzword.
Re: (Score:3)
Tell you boss to hire a quantum encryption consultant.
Don't mention the consultant happens to be your friend. Charge 225 an hour, split the difference.
By yourself a yacht.
False sense of security... (Score:2)
I've not heard any explanation for how such systems prevent a man in the middle attack, I suspect the answer is simply that they don't. Of course, if you were to combine quantum cryptography with more pedestrian forms you might be able to make the claim, but if you're going to do that aren't there easier methods of unbreakable communication?
Re: (Score:1)
While there are other techniques that can be used to make 2-party-only communications, quantum secured methods have the advantage that there is no known way to recreate a photon with the same properties as the one you had to intercept to XOR against that bit that was sent in a clear channel (assuming you even know which property is being used to modify the data feed).
You don't need to if you're truly a man in the middle, what you need is two setups just like the people you are eavesdropping on. During negotiation, you receive a photon from Alice, you send a different photon on to Bob. When information comes down, you decrypt it with the first photon, read what you want, then re-encrypt it with the second.
Re: (Score:1)
I've not heard any explanation for how such systems prevent a man in the middle attack, I suspect the answer is simply that they don't.
Quantum secured transmission prevents eavesdroppers. Well, that's not entirely true either, it makes a very unstable communication situation that will be obviously disrupted in the case of an eavesdropper. While there are other techniques that can be used to make 2-party-only communications, quantum secured methods have the advantage that there is no known way to recreate a photon with the same properties as the one you had to intercept to XOR against that bit that was sent in a clear channel (assuming you even know which property is being used to modify the data feed).
Any location that the signal is decoded is vulnerable. Always has been, always will be. In practice, quantum secured communications are the modern take on one-time-pad crypto. Send the key by one channel, the data by another, and put the bulk of your effort in making sure that one of those is safe so that the other side is useless even if intercepted.
Alice sure as hell knew how to create that photon, and Bob either:
A: Knew what to expect in the message (or meta data) in order to verify that photon was legit.
B: Didn't actually verify shit.
If an attacker can't generate a specific photon, they can generate any photon and generate the data the same way Alice did.
The only way to detect such an attack is to have a timing window so tight that the attacker can't do that. The internet being what it is, and even dedicated fiber links being what they are, this
Re: (Score:2)
In before... (Score:1)
stupid claim (Score:1, Troll)
Re: (Score:2)
"Unbreakable"? (Score:1)
Then for sure it will declared illegal for the general public.
for tl:dr (Score:2)
It's a one-time pad system. OTP systems are theoretically unbreakable. The weakness of OTP systems occurs during the exchange or transmission of the OTP to the recipient.
They claim that "Any attempt to intercept the exchange of the key causes detectable variations in the quantum states carrying the cryptographic key, alerting both sender and receiver to the attack and allowing them to take mitigating action."
It appears to me that the catch is that transmissions must remain on the fiber link of their equipme
Even if true, not really helpful (Score:2)
It should be possible in theory to create a quantum communication system that can't be tapped in any way. For it to be useful though, there is the issue of cost, reliability, error rate, bandwidth etc.
Even then if I had an absolutely perfect system - two boxes that magically communicate with each other, I still haven't solved the great majority of data loss issues. Most data loss is not from people breaking strong encryption, it is from weakness in the entire system - from data left for memory scrapers,
Re: (Score:1)
*NOTHING* is unbreakable (Score:2, Insightful)
There is no perfectly secure system - there is ALWAYS a way to break it. Even one-time pads, which are mathematically as perfect as the source of random numbers they use, are subject to MITM attacks and to trying to break the random key (the Soviets tried to do this - even atmospheric radio noise isn't completely, 100% unpredictable).
And that's ignoring the fact that what you want to protect is information - the channel it's transmitted on is not the only place it exists. Is it stored anywhere? Is the stora
Re: (Score:1)
Re:*NOTHING* is unbreakable (Score:5, Informative)
You cannot break the key in a properly implemented OTP. You have no way knowing which of the 8 zillion possible valid plaintexts was actually sent.
The weaknesses are only:
* If the OTP repeats-- that is, the key is not the same length as the message. For an unbreakable 2KB OTP message, you need a 16000bit key (2KB).
* If the OTP is generated deterministically-- it is not random.
* Key distribution is vulnerable. No matter what method you use, unless it is face to face, the OTP can be "broken" by intercepting the key.
* Key storage. If anyone captures your OTP booklet or file, you have no security whatsoever.
If you figure those out, its "perfectly" secure-- but as mentioned it basically requires face-to-face before hand OTP distribution and storing the OTP keys in a physical, airgapped vault.
Snake oil alert. Run away. (Score:2)
Looking at their web site, I notice a few things. Namely, if you want any specifics, you need to "Inquire" by providing contact information so that their horde of sales representatives can contact you with the information you desire. But for the bit of information you can get without giving them contact information, I quote the following little gem from their web site involving modes of operation.
Key Expansion
When very high rates of data encryption are necessary, key expansion can be used in which the QKD k
Old news (Score:4, Informative)
This is not a new technology [wikipedia.org], and have been under lab testing for a while now. The problem is that what's theoretically unbreakable isn't that secure in practice. Turns out it's quite hard to distinguish between eavesdropping and noise.
So it's a random number generator? (Score:2)
And, like any random source, you can use it for an unbreakable one time pad. That's cool.
So I guess the question is "are there problems with current hardware random number generators?", and probably "what are the failure states for this new method, how do they arise, and how hard are they to detect?"
Regardless of those answers, there's still going to be limited utility for something like this. I don't think a lot of gamers are worried about game randomness not being random enough (which is a ridiculous ap
Helps to know conventional crypto's weaknesses. (Score:2)
Well tested, familiar conventional crypto algorithms are very, very hard to break. With correctly generated keys of sufficient length, they are practically unbreakable for longer than most secrets need to be kept.
But that doesn't mean *systems* built around those algorithms are unbreakable. It's all that stuff around the strong cryptographic algorithms that introduces weakness.
So claims of "unbreakable" algorithms or system components don't get me excited. If you want to make me sit up and take notice, c
Re: (Score:2)
The mil networks used are telco quality, shared and owned/built by other countries.
Australia hopes to escape this hardware reality by using secure Australian quantum tech.
Any network and Australian only data is super safe... from Asia, faith based spies, Russians, GCHQ, NSA, EU...
Australia faces staff issues with many of its experts been very close to other countries - faith, generations of shared mi
Re: (Score:2)
Although the ties to other countries, the shared work, etc. also describes scholarly research and peer review -- the very things you need to put faith in some kind of cryptographic scheme.
If you have a problem that you don't know who to trust, a proprietary black box is no solution. Then you're trusting both the box and the person selling it to you.
It just might be secure. (Score:1)
If they could just do something about that NSA backdoor.
Wrong: Social Hacks Still Work (Score:2)
And so does reading passwords on tape stuck inside of drawers.
"Partly true"? What? (Score:4, Insightful)
Unbreakable? That's a strong boast. Is it true? And even if it's only partly true...
...then it's false.
http://al-nqaa.com (Score:1)
Commercial hype (Score:2)
The fact that they even claim it's unbreakable makes it obvious that the claim is just commercial hype.
Every new encryption technology is unbreakable at first. But with time, somebody always comes up with a way to defeat the system. Always.
Real researchers are always careful to qualify their claims. For example, they might say that "it is unbreakable by today's processors using known technologies."
bad idea (Score:2)
Don't tell a crowd of nerds that your new product is unbreakable, unless you actually want them to try very, very hard to break it. It's like waving a flag at a bull, you'd better have your pads laced up nice and snug, because you're goin' for a ride.
Nobody "needs" this (Score:2)
As with all such schemes, this only does the key exchange. You still have conventional crypto in use for the data transfer. And quantum crypto implementations have been broken before, so even if the quantum-mechanic assumptions hold up (and that is a big "if"), this is likely far from "unbreakable". It has a number of severe limitations though, like needing its own network (in addition) and inability to route or switch traffic.
Basically worthless.
BS (Score:2)
I call BS. All they are doing is generating noise from a laser. Anyone can do this with a laser and a detector diode. Splitting the beam and subtracting is nothing novel. I did this back in junor high in science class. (Back then a laser was a much bigger deal, but still.)
His discussion of the ADC is nice, but again, that's standard stuff. Same goes for his TLS talking points.
These guys are pumping out buzz words faster than their FPGA.
Does this solution cost more than two hard disks? (Score:2)
Wonder what the value prop for quantum approach v. a few TB hard disks where (:RDRAND:) is used to fill each with the same garbage installed at each peer. A modern HDD is more than enough for years of voice, email, and file transfers all without any fancy lasers, beam splitters or having to part with countless thousands of dollars.
While in anything resembling a real network with lots of communicating parties the required number of disks quickly become impractical are there any remaining differences worth c
Perhaps if you have 70 million peoples credit (Score:1)
ID Quantique? (Score:1)
How is this different from the commercial solution that ID Quantique offers now already for several years?
http://www.idquantique.com/ [idquantique.com]