Code for Unbreakable Quantum Encryption 210
An anonymous reader writes "ITO is running a story on NIST's latest quantum encryption key generation. From the article: 'Raw code for "unbreakable" quantum encryption has been generated at record speed over optical fiber at NIST. The work is a step toward using conventional high-speed networks such as broadband Internet and local-area networks to transmit ultra-secure video for applications such as surveillance.'"
Great, no more supervision (Score:4, Funny)
Re:Great, no more supervision (Score:2, Funny)
Re:Great, no more supervision (Score:2)
Hold on just a sec... (Score:5, Funny)
Let's see what DVD Jon has to say about this first...
Re:Hold on just a sec... (Score:2, Interesting)
Re:Hold on just a sec... (Score:3, Interesting)
Re:Hold on just a sec... (Score:3, Informative)
You use the quantum technique to transmit the key and are sure no one intercepted it. You then use that key which no one else knows as a one time pad to encrypt your data. One time pads are mathematically proven to be unbreakable.
Re:Hold on just a sec... (Score:2)
unless it's really really dark, you usually spot the interceptor too
anyways, as far as i have cared to read, this thing just depends on the fact that there is a direct physical link between the machines
(afaihctr - what an acronym !!!)
there are quite many computer crimes today done with "physical access" to the machine instead of the nasty n
Re:Hold on just a sec... (Score:2)
Sure they can. You can be sure that no one intercepted it from the quantum channel, but that still leaves holes. I could be standing right behind you, all sneaky-like, and write the key and messages down as you view them. Or I could be standing right behind the sender, watching him write the key and messages with his non-quantum keyboard.
Using this fancy quantum technique makes capturing the key harder, but in no way
Yeah that's what they say (Score:2)
And you have no idea about cryptography ;-)
The whole point of using "quantum mechanics" is just to deliver the cryptographic key in a way that CANNOT be eavesdropped successfully without violating the whole Law of Physic (think equivalent of "This message will self-destruct after reading in 3... 2... 1... Pschiiit!")
As always said, a whole system is just as secure as the weakest link in the chain.
If they're using their "New Uber-Secure(r) Quantum(tm) Link" to transmi
Almost... (Score:2)
The keys are calculated. Not stolen.
- As far as I've heard [wikipedia.org] a few of the first de-css-ing software used cracked keys to decrypt content. They depend on managing to get some keys to work. And were also legally challenged.
- libdvdcss [wikipedia.org] depends on calculating alone by itself some possible keys. It doesn't matter if the companies using CSS do keep safely their key.
In one case protecting the key is important. Quantum cryptography helps.
In
Re:Hold on just a sec... (Score:3, Insightful)
But seriously, what would stop someone intercepting the key, then resending it? If the original transmitter can send the key, and the receiver can receive it, why can't a repeater-station type device in the middle read the key, then send out a new duplicate?
Re:Hold on just a sec... (Score:1, Insightful)
Re:Hold on just a sec... (Score:2, Informative)
Google for one time encryption pads to get a better idea of how they work.
Re:Hold on just a sec... (Score:2)
It isn't just that you can detect it. It's that the very act of intercepting it corrupts it for the intended receiver. If the interceptor has it, the intneded receiver has noise, not the intended message.
The other half of quantum encryption systems is that you can send info in such a way that you have to have ANOTHER key stream (using some ordinary cryptosystem) to
Re:Hold on just a sec... (Score:2)
Do we know there is no possible MITM compromise for this though? (Honest question; I stopped being current with crypto in about 1989.) If there's not, my naive assumption would be that we now have a great channel for key exchange, and this would solve a lot of the key exchange and management problems i
Re:Hold on just a sec... (Score:2)
The MITM must have inserted himself in ALL your communications, so he can fool you and your partner by looking like you to your partner, your partner to you. Side-channel a polarization schedule that he can't rewrite and you detect him.
In particular, without having the key schedule in advance he can't cut the fiber and retransmit while making a c
Heisenberg's Uncertainty Principle? (Score:2)
Re:Hold on just a sec... (Score:2)
You can also switch with an optic switch (which forwards the actual photons using moving mirrors, switch index-of-refraction light piping, or the like). You can't let the signal go to a box that converts it to electronic signals, routes the packets, and retconverts them to photons.
Re:Hold on just a sec... (Score:2)
Re:Hold on just a sec... (Score:2)
If you use one-time pads, and you use them only one time, then they are unbreakable. One-time pads that were used more than once caused the NSA to be able to decrypt a number of Soviet messages at critical times during the Cold War.
Not arguing with you -- just being pedantic on a point that some people miss.
Quantum Encryption != Quantum Computing (Score:5, Informative)
Buzzwords and Challenges. (Score:2, Insightful)
Re:Buzzwords and Challenges. (Score:2, Insightful)
Re:Buzzwords and Challenges. (Score:2)
This is, of course, saying nothing for that marvel called "social engineering"...
Re:Buzzwords and Challenges. (Score:2)
Re: (Score:2, Interesting)
Re:Note "unbreakable" is in quotes in the article (Score:2)
BTW this is bullshit. What they discovered is that if they set up a computation system that is driven by the quantum physics of a photon, they can block that photon before it enters into the computation, and the computation runs anyways. This is due to the quatum elements of the photon entering the system despite the physical photon being blocked. So it still runs, just its not obvious how.. Anyone who h
Re:Note "unbreakable" is in quotes in the article (Score:5, Informative)
This system exploits quantum mechanics to detect if someone is interecepting and retransmitting the signal. That's why it's called Quantum KEY Distribution [wikipedia.org]. There's nothing "quantum" about the encryption itself. It is also of limited use since it requires an unbroken fiber-optic connection between the two devices.
Re:Buzzwords and Challenges. (Score:2, Informative)
This is no logic which can be broken by brute force of amazing insight.
This is the basic law of physics at work i.e. the quantum state of a pair have information which stays the same even if they are far apart. (I think they are using this one here).
One changes, the other knows. So somebody peeks to it, they guy knows it has been peeked into.
So, looks like this is it.
Quantum Snake Oil (Score:2)
No, it is not. A cryptosystem is only as strong as its weakest link. In Quantum Cryptography the weakest link is not the actual encryption but the authentication of both parties. If Eve pretends to be Bob to Alice and vice versa, Quantum Cryptography can be broken faster than the Caesar code this Italian mafioso was using.
Re:Quantum Snake Oil (Score:2)
"The work is a step toward using conventional high-speed networks such as broadband Internet and local-area networks to transmit ultra-secure video for applications such as surveillance."
Re:Buzzwords and Challenges. (Score:4, Informative)
Well a one time pad [wikipedia.org] is considered unbreakable if employed correctly.
However, if you reuse the same pad over again and over again it tends to be easier to break. Maybe that is why they call it a one time pad though...
If employed correctly... (Score:2)
OTP is unbreakable through direct cryptanalysis.
OTP is NOT unbreakable if the "opposition" gets the a hold of the pad somehow.
So, employed correctly implies that 1) you only use the pad once, 2) the pad is distributed to both A and B in secrecy, the the opposition (C) getting it, and 3) that pad is truly random. (IOW, it can't be some obvious pattern).
Those three conditions are a heck of a lot harder to implement than you might think because at some point, the key (the pad) mu
Re:If employed correctly... (Score:2)
Well even the most complicated security schemes can be thrawted by social engineering. What if the recipient with the one time pad is a double agent and willfully hands over the data he decrypts?
This is of course a matter of trust and not a matter of encryption strength.
The question in this case would be "Do you trust the recipient?" rather than "Do you trust the encryption stregnth?"
breakable, even if employed correctly... (Score:2)
For example, if an eavesdropper is expecting a "yes" or "no" communication and captures a 2 character message: not so secure anymore, eh?
In the end, everything has a breaking point. The point of using encryption is to make disco
Re:breakable, even if employed correctly... (Score:2)
Re:breakable, even if employed correctly... (Score:2)
Message length can expose message content. OTP (when used by itself) has this one flaw which means that extra measures (such as using fixed length messages) are needed to combat this weakness. But, by utilizing these extra measures, the system then becomes "more than OTP".
My response was to the claim that OTP is unbreakab
Quantum cryptography (Score:2)
Re:One time pads are... (Score:3, Insightful)
Re:One time pads are... (Score:2)
There are certainly side attacks on the system as a whole; there have got to be places at either end of the quantum link where the keystr
Re:One time pads are... (Score:2)
This isn't true. It's immune to *eavesdropping* attacks but what is usually called a MITM attack (also known as a "bucket brigade") is perfectly possible, at least in a naive implmentation.
There's nothing that quantum cryptography brings to the table that would make it any harder to, before communication commenses, cut the line and insert essentially a repeater.
Think about classic crypto. Say Alice is trying to talk to Bob and doing D
Slight change (Score:2)
Wikipedia lists [wikipedia.org] eavesdropping as a possible MITM attack, but also says "MITM is typically used to refer to active manipulation of the messages, rather than passively eavesdropping."
Both Network Security by Kaufman, Perlman, and Speciner, and Computer Secuity: Art and Science
Not really. (Score:5, Informative)
The one big vulnerability with OTPs is that you've now got to send the key securely. Since it is equal in size to the message and is only valid for one message, it is equally hard to send the key securely as it is to send the message securely. Because the pad is pure randomness, it is possible (using existing methods) to send the pad by public key encryption, as it is non-trivial for someone intercepting the message to know how to decrypt it, as it's hard to know when you've broken the encryption. One piece of randomness looks much like another.
Generally, though, people take shortcuts. Instead of using a full-sized one-time pad, a much smaller, repeatedly-used pad is used instead, with some form of pseudo-random mangling to churn things up so that it acts in a very similar manner to a one-time pad. This is generally how stream ciphers work.
Quantum Cryptography - if used sensibly - would involve transmitting a gigantic OTP. Far bigger than the one you need. You then drop all of the bytes that are intercepted. The only bytes used in the pad are the ones the intercepting person does NOT have, so you know the pad is free of holes.
A "better" solution would be to not transmit the key at all, but somehow exploit photon teleportation to deliver the key in a secure manner. However, if you could do that, you wouldn't need encryption in the first place.
Re:Not really. (Score:2)
No photon has ever been teleported. Ever.
The only "thing" "teleported" is the quantum state, whose slippery ontological status makes it a bad candidate for thingness, and therefore an unlikely object of teleportation, which in normal usage refers to moving things, like Captain Kirk, and not non-things, like quantum state vectors.
Re:Not really. (Score:2)
You don't have to send the key securely, just tamper-proof. i.e. Your diplomatic pouch is sent handcuffed to the wrist of a trusted courier who does not have a key to the briefcase it's in. If your courier is intercepted, your opponent doesn't get anything, since it's just a random key, and you invalidate that one and send another. Only after your personel on the other side verify that they have recieved the pads untamp
Re:Not really. (Score:2)
This is correct. So long as there are two independent quantum connections, a fully classical intermediary is permitted.
Because human beings are notoriously classical systems, the quantum nature of the state transmission only buys you proof against eavesdroppers, not men in the middle who are prepared to completely replicate the transmission and recieving appa
Depends. (Score:2)
Another option is to package the values up into blocks and use a crypto
Re:Not really. (Score:2)
Re:Buzzwords and Challenges. (Score:2)
People need to stop telling people what to do/think/say
In other words... (Score:2)
You know, saying that it's impossible to make something unbreakable, is just going to challenge someone to do it.
Re:Buzzwords and Challenges. (Score:2)
Nope. A one time pad generated from a truly random source, transmitted over a secure quantum encryption channel, is absolutely unbreakable. There are the usual human weak spots, like a moron leaving the pad lying around after the fact, but from a physical
Re:Buzzwords and Challenges. (Score:2)
It doesn't hold in non-Euclidean geometry.
Re:Buzzwords and Challenges. (Score:2)
Damn more DRM (Score:2, Interesting)
Roti (Score:5, Funny)
This message encrypted with rotsqrt(-1).
Re:Roti (Score:2)
Is the outlawing and not outlawing the trigger for that? Is it like if the cat isn't in the box, we can tell if it's dead or alive so there are no wave functions to worry about?
Since it's not yet outlawed, do we neither have nor not have it -- or do we definitely not have or not lack it? Or is the condition of us having and lacking it even depend on the outlawing?
It's all so
Re:Roti (Score:2)
Change to "near" Unbreakable. (Score:3, Insightful)
Re:Change to "near" Unbreakable. (Score:2)
I'm sorry, but you're actually literally wrong.
Quantum Encryption Is Unbreakable According To All Known Laws Of Quantum Physics Which Have Been Proven Accurate To One Part In Ten Billion And Have Not Been Disproven For Over A Hundred Years.
Ok?
Not breakable WITH CURRENT UNDERSTANDING... (Score:2)
To assume it's permanently unbreakable assumes that all theories stay prefectly intact, exactly as specified, for all time and that no one comes up with any edge cases that no one else had previously considered.
For a good 150 years, Newton's F = M x A where A=9.81m/s for the earth worked pretty well. Then an irksome German guy came along and came up with a more refined understanding. Newton's theory didn't stop being a pretty d
Re:Not breakable WITH CURRENT UNDERSTANDING... (Score:2)
Re:Not breakable WITH CURRENT UNDERSTANDING... (Score:2)
Re:Change to "near" Unbreakable. (Score:2)
Re:Change to "near" Unbreakable. (Score:4, Insightful)
Insider attacks (mole, rootkit, spy camera, etc) which occur AFTER reception and decryption do not count, because the encryption method has nothing to do with that.
Re:Change to "near" Unbreakable. (Score:5, Insightful)
Which is exactly why this is a solution looking for a problem. No one ever breaks modern crypto when it's used correctly. Attacking the periphery of the system is orders of magnitude easier. Your resources are much better spent guarding against insider attacks than buying the next useless whiz-bang crypto device.
Re:Change to "near" Unbreakable. (Score:2, Insightful)
It's not "souped-up OTP" it's just regular old OTP with a wrapper that prevents a man-in-the-middle attack. As stated in TFA:
This is just a system for transmitting an arbitrary-length
Change it back to "near" Unbreakable. (Score:2)
Re:Change to "near" Unbreakable. (Score:2)
Physics 101 (Score:3, Insightful)
Ok, maybe I missed something back when I took QM in college, but photons are the only particle of light, aren't they? They are not the only electromagentic particle, but are the only constituents of the light we see. Or has the universe become even stranger and no one told me?
"unbreakable"? (Score:3, Insightful)
Actual transmission? (Score:2)
So if your "secure" stream must be used to transmit a key the same size as the actual data (bit for bit) and, being effectively a one-time pad, you should never re-use the same key (makes storing the key ahead of time basically pointless) then why not just send t
Re:Actual transmission? (Score:2)
Re:Actual transmission? (Score:3, Insightful)
from the article (Score:2, Insightful)
What about the noise of some of the photons being lost (absorption)? The system has to be stable against it. Ergo, one can hide herself under the noise threshold.
PS. It has been 20 years since my quantum mechanics exams.
Why send the key? Why not send the video itself? (Score:2)
Why not just send the video itself over the quantum-secured channel?
In both cases, if someone was "detected" intercepting the key, you'd have to stop sending your information, so why not just send the information of the quantum channe
Re:Why send the key? Why not send the video itself (Score:2)
Unbreakable != Useful (Score:2, Interesting)
Re:Unbreakable != Useful (Score:3, Insightful)
The weakest link (Score:2)
How messed up our heads are... (Score:2, Insightful)
Surveillance, on us. Unbreakable, uncrackable without detection, so our paranoia-clamped citizenry can rest easy that our boss and our government can surveil anyone they like without fear of having some third party, such as a lawyer, see what they are watching.
Mind-boggling. A pro-authoritarian mindset slipped in so easily.
Re:I can't pretend to remotely understand, but... (Score:3, Funny)
Come on you Einsteinian caveman! Clearly the sending terminal is quantumly entangled with the receiving terminal, thus providing the key via spooky-action-at-a-distance(tm).
Re:I can't pretend to remotely understand, but... (Score:3, Informative)
Nice bit of text going over the key exchange. Dosn't even involve hurting cats.
Re:I can't pretend to remotely understand, but... (Score:2)
Re:I can't pretend to remotely understand, but... (Score:1)
Sorry, I'm sure it's really obvious, but I still don't see how this works.
If you're talking about sending an encrypted key, surely there must be some kind of shared, reproducable key in order for the original encrypted key to be decrypted? How is that shared key reproduced? Isn't that incompatible with the "quantum" element?
Re:I can't pretend to remotely understand, but... (Score:2)
Re:Principle of quantum cryptography is flawed (Score:5, Informative)
Eeeehh... Quantum entaglment encryption isn't that simple.
Here is a site by Colossalstorage that explains one of the patents involved in it:
http://colossalstorage.net/entangled.htm [colossalstorage.net]
To give a layman's translation... You take two photons and entagle them and then send them down two fiber optic line of the same length (say 4km) and then a device on each end determines which direction the spin is.
Since the spin is the same for the particles regardless of how far apart they are (no information being transfered faster than the speed of light) they have a reference of what the other party is seeing.
Now of course particle spin is random, but the key factor is knowing what the other party is seeing.
Now, you can use the spin as a one time pad and basically encrypt everything based off this... Or rather changes are you'll need another method of communication such as having the actual encrypted data on another fiber line and knowing the spin of the photon gives you the key to unencrypt it.
Now if someone spliced the fiber line, you instantly know it has been comprised because data no longer unencrypts because the particle spin changed on observation and chances are unless the eves dropper has the ability to observe particle spin he might not get much useful data either.
Re:Principle of quantum cryptography is flawed (Score:2)
Re:Principle of quantum cryptography is flawed (Score:2)
What tolerance is there for the diffence between the two lengths? What tolerance for the difference in material between the two cables (the photons have different speeds in different materials)?
Re:Principle of quantum cryptography is flawed (Score:2)
This won't work, because the system will first be tested by generating a key, transmitting that key over regular channels and comparing it with the source. Since you can't generate entangled photons of a particular polarization, just generate and measure, there's no way for you to fool th
Re:Principle of quantum cryptography is flawed (Score:2)
The way OTP is used in practice allows keys to be hijacked because you don't send the message until you have verified that the keys have been properly received.
Normally OTP keys are send in a diplomatic pouch handcuffed to the wrist of a trusted courier who does not have a key to the briefcase it's in. If your courier is intercepted, your opponent doesn't get anything, since i
Fiber optics is the answer. (Score:2)
Might as well be using line-of-sight and telescopes, as some (but not all) of the experiments did.
Re:Unbreakable ...Encryption MD5? (Score:2)
Re:Unbreakable ...Encryption MD5? (Score:2, Informative)
Now a hash is what would be called one-way encryption. That means from the 'encrypted data' there is _no way whatsoever_ to determine what the original data was. What is being discussed in this
The md5 hash is useful if you want to verify a passwo
Re:Unbreakable ...Encryption MD5? (Score:2)
Encryption implies the ability to "obscure" a message as well as the ability to "uncover" the message through some special method. MD5 is only a one-way algorithm, used to make a "fingerprint" of data for verification, but not for encrypting.
Re:Unbreakable ...Encryption MD5? (Score:2)
Re:Question (Score:2)
There are other forms of encryption -- conventional Diffie-Hellman public key stuff, for example -- which although I don't think anyone says it's unbreakable, are more appropriate
Re:What Is Quantum Encryption? (Score:2)
How is the Man-in-the-Middle attack doable? Practically, at least.
Double the size of the OTP transmitted. Keep in mind Bob doesn't have Alice's key - it's just that Bob has a key and Alice has a key and those two keys happen to mathematically be related.
So Alice can ask Bob to transmit up to half of her OTP (which is twice as long as they need). This can be
Re:Man-in-the-Middle (Score:2)
Yes, but there you'd have to assume that M is between A and B for literally all communications.
Including A driving over to B and getting some of the overlong OTP for verification (i.e. you transmit more than the OTP you're planning on using - you use the excess part for verification).
Once the first secure OTP is transmitted, that OTP can be used to key future c
Re:Man in the Middle (Score:3, Interesting)
Keep in mind that Eve's (let's call her Mallory, M) key must be different. A's key is random, and there's no way to forcably regenerate A's states given B's intended reception.
So instead of sending the OTP you want to use for the message, send more. Let's send three t