Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Schneier Calls Quantum Cryptography Impressive But Pointless

timothy posted about 6 years ago | from the science-fair-project dept.

Encryption 233

KindMind writes "Bruce Schneier writes in Wired that quantum cryptography, while an awesome technology, is actually pointless (that is, of no commercial value). His point is that the science of cryptography is not the weak point, but the other links in the chain (like people, etc.) are where it breaks down."

Sorry! There are no comments related to the filter you selected.

Of course he does (0, Insightful)

Anonymous Coward | about 6 years ago | (#25404851)

He's too old to become a player in it, and maybe not even smart enough. Time for retirement Bruce.

sure... (4, Insightful)

Lord Ender (156273) | about 6 years ago | (#25404885)

...but as soon as I release my algorithm which factors the products of large prime numbers in log(n) time, they will be begging for quantum crypto.

Re:sure... (1)

null etc. (524767) | about 6 years ago | (#25404985)

Sure, where n equals infinity.

Re:sure... (5, Funny)

Prof.Phreak (584152) | about 6 years ago | (#25405027)

factors the products of large prime numbers in log(n) time

That's easy, just use sqrt(n) computers.

Re:sure... (1, Insightful)

A non-mouse Coward (1103675) | about 6 years ago | (#25405059)

I agree. If the quantum crypto community wants to use that quantum computing power to factor the large primes in RSA, then the quantum computing community could justify selling us their quantum crypto. Make a need, sell a solution.

In reality, it's always going to be the "endpoints" that are the problem. We still cannot even know with 99.999% certainty that a transaction to a remote application came from a specific user. We use bloated software with tens of millions of lines of code. Even the best error rates per thousand lines of code suggests a nearly uncountable number of bugs in any common OS (FOSS included), any of which could open up a channel for an adversary to do anything with data that you could do ... but without your knowledge.

Researchers should leave the crypto alone and catch up the end points first. Once we have formally (mathematically) provably secure code running on our machines (on the same level that we can prove that the proverbial "Eve" can't brute force Alice's and Bob's eternal public key crypto), then we can revert to crypto research.

Re:sure... (3, Interesting)

moderatorrater (1095745) | about 6 years ago | (#25405573)

Quantum crypto does just that, if I remember correctly. Because of the nature of quantum mechanics, you can't intercept the message without simultaneously changing it. Having changed it, you're unable to hide your eavesdropping. The mathematics and science of cryptography is always the strongest thing about security, it's just those darned humans continually screwing things up.

Re:sure... (4, Insightful)

cowscows (103644) | about 6 years ago | (#25405967)

Yeah, but in any commercially useful application of the technology, you're going to have computers at each end dealing with the data once it's decrypted.

That's Schneier's whole point really. The weak link isn't actually sending encrypted data, it's dealing with the data at either end of chain. For the data to be useful, it has to be decrypted at some point in time, and the listener's computer has to know how to do the decryption. An attacker isn't going to attack the encrypted data stream. They're going to attack either the source or the listener, and either get the stored decrypted data, or get the stored encrypted data and the necessary info to decrypt it.

If your total communications network consists only of a encrypted communications line, plus a computer on each end, and both of those computers have no other connection to any other sort of network, and also have foolproof physical security, then maybe the encryption line might become the weakest point. But in the real world, computers are generally interconnected with many others, allowing lots of directions to attack from.

Unless someone comes up with some amazing breakthrough that makes factoring very large numbers trivial, there aren't really any practical cases where the encrypted data stream is the likely target of an attack.

Re:sure... (4, Insightful)

h4rm0ny (722443) | about 6 years ago | (#25406255)


Taking care of the human and physical security is my business. It's the encryption technology that I can't control / verify. So give me encryption that I can trust and I'll be able to assess my security based on the things that I can control / verify myself. Schneier has no business telling me "your set up is flawed so there's no point in giving you secure encryption." It's for me to judge and all I want is to ensure that no weak links come in from outside my control, i.e. a flawed algorithm or technology.

Re:sure... (1)

BuckaBooBob (635108) | about 6 years ago | (#25406279)

So why Bother encrypting at all.. If endpoints are so insecure...

But you atleast know Big brother didn't snoop in on your network in the middle with a warrentless search.

Its all about raising the barrier of entry..

Re:sure... (5, Funny)

Lachryma (949694) | about 6 years ago | (#25405821)

Give me any large prime, and I will factor it for you instantly!

Who is they? (4, Insightful)

Chuck Chunder (21021) | about 6 years ago | (#25405977)

Quantum encryption seems to fill a very particular niche (point to point communications) and doesn't seem to apply well to common encryption use cases (SSL , email encryption etc).

If public key encryption is broken, quantum encryption isn't going to be a good replacement for it for most things.

A billion photons... (5, Funny)

alexborges (313924) | about 6 years ago | (#25404919)

Are now running for their jobs.

Thanks bruce.

Re:A billion photons... (5, Funny)

The Moof (859402) | about 6 years ago | (#25405317)

No need to worry, I'll just observe them and put them out of their misery.

Re:A billion photons... (1)

Korveck (1145695) | about 6 years ago | (#25405401)

But you will end up certainly killing half of them.

Re:A billion photons... (0)

Anonymous Coward | about 6 years ago | (#25405635)

............that was the joke

Re:A billion photons... (0)

Anonymous Coward | about 6 years ago | (#25405921)

Quantum Humour is alive and well!

Re:A billion photons... (1)

Hoi Polloi (522990) | about 6 years ago | (#25406125)

Nah, you'll just make them collapse.

ummmm (5, Funny)

EncryptedSoldier (1278816) | about 6 years ago | (#25405003)

meow

Re:ummmm (0)

Anonymous Coward | about 6 years ago | (#25405141)

If only I had mod points. That should probably be the only post/response that slashdot displays for this story.

What a pussy. (4, Funny)

Anonymous Coward | about 6 years ago | (#25405377)

What a pussy.

Re:ummmm (2, Insightful)

florescent_beige (608235) | about 6 years ago | (#25405563)

Er...

"Bruce Schneier knows the state of Schroedinger's cat?"

Re:ummmm (0)

mattj452 (838570) | about 6 years ago | (#25405859)

No, but Chuck Norris does...

Re:ummmm (1, Funny)

Anonymous Coward | about 6 years ago | (#25406329)

Yes, he does. He also doesn't.

Hard to argue with the general point. (4, Interesting)

fuzzyfuzzyfungus (1223518) | about 6 years ago | (#25405007)

It is pretty hard to argue that point as long as the world of security is a mass of users who leave passwords on sticky notes under the keyboard(Ultimate Hiding Spot!), accounts whose passwords can be reset with a mother's maiden name, and banks less interested in customer security than WoW is.

My (admittedly layman's) understanding is that, barring dramatic advances in factorization algorithms, or extraordinary advances in the computers running them, classical asymmetric key cryptography is more than adequate(plus the convenient advantages of working over data links that aren't spiffy optical fiber).

Re:Hard to argue with the general point. (4, Insightful)

Rogerborg (306625) | about 6 years ago | (#25405121)

Yes, I was thinking of putting a lock on my front door, but then I thought "Fuggit, I'll just forget to lock it sooner or later, so why waste the money?"

Re:Hard to argue with the general point. (4, Insightful)

gnick (1211984) | about 6 years ago | (#25405233)

I think your analogy is a little bit off. You've got a front door with a standard lock, a dead-bolt, two chains, and a huge rock sitting behind it for security. Now you're faced with a decision whether or not to upgrade your dead-bolt to a super-duper-heavy-duty-dead-bolt. But, since your wife leaves the garage door wide open 4 days a week and no amount of persuasion will convince her to stop, the decision not to upgrade seems like a no-brainer.

Re:Hard to argue with the general point. (2, Funny)

darkvizier (703808) | about 6 years ago | (#25405541)

use rock on wife
> wife is dead
Lock door.
> you hear a grue scratching outside

Re:Hard to argue with the general point. (1)

mweather (1089505) | about 6 years ago | (#25405291)

Locking your door doesn't help unless you have unbreakable windows.

Re:Hard to argue with the general point. (1)

HTH NE1 (675604) | about 6 years ago | (#25405411)

Locking your door doesn't help unless you have unbreakable windows.

Unbreakable windows don't help unless you have car-resistant walls.

Re:Hard to argue with the general point. (2, Funny)

colesw (951825) | about 6 years ago | (#25405557)

Car-resistant walls won't help unless you have a plane proof roof.

Re:Hard to argue with the general point. (4, Funny)

CrashPoint (564165) | about 6 years ago | (#25405591)

And what good is that plane-proof roof going to be when the Mole People come tunneling up through your foundation?

Re:Hard to argue with the general point. (2, Funny)

Rogerborg (306625) | about 6 years ago | (#25405647)

And that is why we need Eddie Van Halen. [Air guitar]

Re:Hard to argue with the general point. (3, Funny)

bornwaysouth (1138751) | about 6 years ago | (#25405739)

No problem. I live in a total concrete and steel, all-walls, roof and floor, bunker.
Made by a big International company - bin Laden Group, based in Jidda.
Works perfectly.

To communicate with you, I am thumping on the walls.

If you are listening, could you please cut a hole in the wall.
An upgrade is necessary - I need air.
 

Re:Hard to argue with the general point. (-1, Redundant)

Anonymous Coward | about 6 years ago | (#25405301)

I've just used my mod points. Otherwise, I'd give you one. Posted anonymously because of stupid "mods" who mod comments like this as Redundant.

Re:Hard to argue with the general point. (5, Interesting)

CroDragn (866826) | about 6 years ago | (#25405309)

The problem is that in the next 10-20 years there will be a extrordinary advance in commercial computers. Quantum computers, which are fantastic at breaking present day encryption, have made some major advances in the lab recently, and it wouldn't surprise me to see them operating at the government/corporate level within 20 years or so. Once these are in place, normal security will be very weak and something such as quantum security schemes will be required for most applications. So yes, quantum security is useless now, but hopefully research into it will provide with a practial model about the same time quantum computers make it necessary.

Re:Hard to argue with the general point. (1)

farrellj (563) | about 6 years ago | (#25405587)

The problem is, no matter how good your security is, be it traditional or quantum, people are *always* the weakest link. It is always much easier to compromise a person than a machine. Talk to any of the great computer crackers and they will tell you that they got into more systems using "social engineering" than through their computer skills.

ttyl
          Farrell

Re:Hard to argue with the general point. (1)

Neoprofin (871029) | about 6 years ago | (#25405795)

So why give anyone to tools to secure things if some moron is going to give away their password? Is that really an argument?

Re:Hard to argue with the general point. (1)

farrellj (563) | about 6 years ago | (#25406347)

Unfortunately, that is true. Which is why Bruce is saying that Quantum Crypto is kind of useless. It's neat, but really geeky, but doesn't make it any more secure.

ttyl
          Farrell

Re:Hard to argue with the general point. (1)

Tofystedeth (1076755) | about 6 years ago | (#25405985)

Are you sure about all that? The best quantum computers I recall hearing about could play tic-tac-toe maybe. In his article even Schneier says they've factored 15.

Re:Hard to argue with the general point. (1, Informative)

Anonymous Coward | about 6 years ago | (#25406055)

If you read the article I think you missed the point. He specifically is only talking about quantum cryptography, not quantum computers. Even more specifically, quantum cryptography makes no change to the encryption, only the key exchange. So quantum computers will have the same impact on breaking the encryption whether or not the keys are exchanged with quantum cryptography. I think he's right: it is solving the wrong problem. Secure key exchange may improve some things, but it doesn't fundamentally improve the security. If quantum cryptography did something for the encryption -- now that would be something altogether different.

thoromyr

Re:Hard to argue with the general point. (1)

lgw (121541) | about 6 years ago | (#25406249)

Quantum computers aren't magic. They let you solve one category of previously hard problems. The NSA has been advising against using such problems as the basis for new cyrptosystems for years (stop using products of primes). All common symetric cyphers are safe, and there are good asymetric cyphers to choose from.

Quantum cryptography has little do to with quantum computing, and at this point seems to be an answer looking for a question.

Re:Hard to argue with the general point. (2, Insightful)

mapsjanhere (1130359) | about 6 years ago | (#25406385)

I don't know, I remember 20 years ago in grad school (damn I'm getting old) people were doing cutting edge research on non-linear optic materials, sure to be the next thing allowing truly optical computers. Worked nice in the lab, and I still haven't seen an optical transistor in any advanced computer I'd bought since. Quantum computing has to make the step from the lab to the usable machine before I start buying into it's amazing predicted powers.
Plus, their power is only predicted to be amazing against our current popular algorithms, if I have to bet of what's easier, coming up with a new algorithm that is not susceptible to quantum computing brute force attacks or making a quantum computer work, my bet is on the former.

Re:Hard to argue with the general point. (4, Insightful)

Tanktalus (794810) | about 6 years ago | (#25405539)

Which is worse: a password that you can remember, or changing passwords every 30/60/90 days to a new password such that you can never keep up, and thus need to write it down *somewhere*?

Sometimes, the very processes intended to make us more secure (by forcing a password change regularly) instead make the entire system less secure (because "I forgot my password" too many times and you'll end up out of a job, so better to write it down than to lose your job!).

Sorry, just griping about new policies at $work.

Re:Hard to argue with the general point. (1)

fuzzyfuzzyfungus (1223518) | about 6 years ago | (#25405799)

This is particularly bad, and rather ironic, in cases where local attacks are by far the most likely and dangerous. For web-facing logins, exposed to the hostile internet; but used by more or less secure endpoints, hideously complex passwords written on sticky notes are actually a decent idea(not as good as keys; but still). For local network only logins in an environment swarming with potentially malicious actors, simplistic passwords that don't get written down are far better(odds that middle school student will use botnet to crack weak password? ~0%, odds that middle school student will read password off sticky note on teacher's monitor? ~100%).

Re:Hard to argue with the general point. (1)

Neoprofin (871029) | about 6 years ago | (#25405849)

Agreed.

My old password was alphanumeric, long, and unrelated to my work, personal life, hobbies or anything else that would go in a brute force dictionary.

Now that I have to change my password every month along with a handful of other requirements my passwords are just a vertical row of keys, once with the shift key once without. Anyone who saw me type it once would know it instantly. Good thing we're more secure.

Re:Hard to argue with the general point. (0)

Anonymous Coward | about 6 years ago | (#25406119)

We need quantum people, then.

While I appreciate the spirit of the article... (4, Insightful)

hajihill (755023) | about 6 years ago | (#25405015)

It has been and still is true that adept social engineering can break any security scheme, due to the vulnerability of the people involved. However, saying that it is pointless is about as valid as saying that the exploration of outer-space is pointless.

I don't think I need to explain that any further to this crowd.

Re:While I appreciate the spirit of the article... (4, Insightful)

db32 (862117) | about 6 years ago | (#25405115)

It is pointless. He is absolutely right and it isn't even remotely close to the space exploration issue. He didn't say the research was pointless, he said the practical application of the research is pointless. The crypto isn't the weak point, so making that point stronger is pointless.

You just spent a million dollars on your uber leet super crypto secure link to transmit your highly classified secret data to your home office. You also wrote the key down on a stickey note on the front of the device and left it posted on your monitor that faces a window. You might as well have used the cheapest encryption available because it isn't a math attack that is going to break it, its stupid user tricks.

Re:While I appreciate the spirit of the article... (1)

kestasjk (933987) | about 6 years ago | (#25405613)

Cathode ray tubes were pretty pointless too, the inventor said so himself..

Re:While I appreciate the spirit of the article... (0)

Anonymous Coward | about 6 years ago | (#25405655)

The reason that quantum cryptology is a valid avenue of research is that quantum computation may make factoring large primes a trivial problem and destroy the basis for current cryptography.

Re:While I appreciate the spirit of the article... (1)

setagllib (753300) | about 6 years ago | (#25405953)

All quantum crypto does is make it impossible to eavesdrop without being detected. It does not secure the data itself. You still use symmetric ciphers to protect the data, and those are theoretically demolished by quantum computing too.

Basically if we ever get practical quantum computing, ANY "search for solution in large space" problem is deflated, and we may as well give up on crypto entirely.

Re:While I appreciate the spirit of the article... (1)

bugnuts (94678) | about 6 years ago | (#25405767)

In a very rare disagreement, I'm certain Bruce is wrong.

Either he is wrong, or he's arbitrarily drawing a cutoff line for strong crypto, where it has already reached the maximum strength it ever needs to be.

The reasoning of why he's wrong (at least from the summary) is thus:
At some point in the past, crypto could be cracked.
At some point in the past, communication could be tapped.

It's well-known that communication is tapped. Even closed systems are tapped, and have been since electronic and radio communication was possible. Even fiber optics can be tapped.

Saying that quantum technology doesn't matter is equivalent to saying current technology cannot be cracked or effectively eavesdropped. But it can be, and has been, and what cannot be done today may very likely be possible someday. Eliptic curve algorithms aren't proven, but are the basis of the current crop... it's possible an algorithm can be found to crack them quickly.

So, using induction to previous technologies, the same argument applies. At some point in the far past, we're left with the caesar cipher and it's clear that is insufficient and the argument that new technology doesn't matter is false. At some point recently, we have DES, and again we see that technology is important.

So, somewhere either Bruce is drawing a line and saying "it's good enough now", or he's as wrong as saying "tapping communication is never the weakest link." He's claiming that the chance of social engineering, attacking a user interface or RNG, etc, is much greater than the chance of cracking the crypto.

But the only people that will implement quantum crypto key transfer are not just technophiles like he claims. Governments are the most likely source for now, for the incredibly high-security remote sites. And the security of governments is designed to eliminate or mitigate the weak points that Bruce is depending on to support his claim.

The crypto technology must advance, because the capability to crack existing tech is always advancing. The technology was the weakest link (enigma, DES, etc) and will be again in the future. And it takes time to get new tech to be usable. It's been decades since entangled photons were sent to different places, but we're just getting the key distribution now.

Thus, I respectfully cannot agree with Bruce on this one. (Disrespectfully, I think he's out of his frikkin gourd.)

Re:While I appreciate the spirit of the article... (0)

Anonymous Coward | about 6 years ago | (#25406017)

At some point in the past, crypto could be cracked.
At some point in the past, communication could be tapped.

Do you mean in the future?

Re:While I appreciate the spirit of the article... (0)

Anonymous Coward | about 6 years ago | (#25406201)

Wasn't the point of quantum crypto that it's not just practically impossible to crack but theoretically impossible to crack?

If this is the holy grail of crypto that it's been described as, then it will never be the weakest link. Whether you feel justified spending the big bucks to upgrade to a quantum crypto setup will hinge on whether your users are secure enough not to currently (and for all future time) be the weak link.

Upgrade your crypto all you want, your legitimate (but sometimes dishonest) users will always have the ability to defeat you whether they mean to or not.

Re:While I appreciate the spirit of the article... (1)

phantomcircuit (938963) | about 6 years ago | (#25405771)

The point of QuantumCrypto is to save our collective asses when Quantum computers capable of factoring very large numbers very quickly become a reality.

Until Quantum computers start to appear at your local NSA branch Quantum Crypto is pointless, but we should always be a step ahead shouldn't we?

Re:While I appreciate the spirit of the article... (1)

physicsphairy (720718) | about 6 years ago | (#25405803)

Your point is taken, but sometimes it is still significant to ensure that it is the stupid user trick that breaks your system.

Don't you think the CIA, for example, would like to be extra special certain whether the reason the Russians are breaking all their codes is because they have inserted operatives in high-places, or because they have broken large-prime algorithms?

There is also the problem that, yes, the user is the weakest link, but it is not uniformly so. Tricking one guy will get you one encryption key. And then you'll have to do the same work to get the next one. BUT, if you figured out how to break any key, then you compromise the entire world, not just that one company.

And do you think all the banks, investment agencies, governments, ISPS, could deploy a new system overnight?

Until you can *prove* that there is no low order algorithm for factoring prime numbers, it might not be a bad idea to invest a little in quantum cryptography.

Re:While I appreciate the spirit of the article... (4, Informative)

tyler.lee (1319843) | about 6 years ago | (#25405235)

Social Engineering is definitely the weakest link! I can't remember where I found the article, but it was about a team of guys (tiger team) who STRICTLY used social engineering to obtain confidential information from companies. Including employee records with SSN's, with a 100% success rate. They have never walked out of a building without getting what they came in for...and this is all done from walking around inside the building.

Re:While I appreciate the spirit of the article... (1)

pslam (97660) | about 6 years ago | (#25405329)

This is why he says "in practice" and "commercial".

It's great research, but it's pretty silly to buy it.

Re:While I appreciate the spirit of the article... (1)

Yvanhoe (564877) | about 6 years ago | (#25405371)

Please do. From what I understand, quantum cryptography only prevents eavesdropping by taking a part of the signal. Nothing seems to forbid a man in the middle attack (take all the signal and reproduce it), or eavesdropping at a router location. Am I mis-leaded ?

Re:While I appreciate the spirit of the article... (1)

ShadowRangerRIT (1301549) | about 6 years ago | (#25405793)

You're a bit off. It's possible if there is no shared initial secret, but each session can establish an initial secret for the next session, so you only need to exchange a single secret up front, and once it is used, your new secrets distribute themselves as part of your communications. Take a look at Quantum crypto attacks [wikipedia.org] for a more in-depth exploration.

Re:While I appreciate the spirit of the article... (1)

Yvanhoe (564877) | about 6 years ago | (#25406179)

And, precisely, how is this different from regular, eavesdropable optical communication ? If there is a shared secret at the beginning of any communication, you have a secure channel, even if there is a man in the middle.

Re:While I appreciate the spirit of the article... (2, Informative)

bugnuts (94678) | about 6 years ago | (#25405853)

From what I understand, quantum cryptography only prevents eavesdropping by taking a part of the signal. Nothing seems to forbid a man in the middle attack (take all the signal and reproduce it), or eavesdropping at a router location. Am I mis-leaded ?

You're mis-leaded. Or misled, rather.

This is quantum key distribution, which uses entangled photons to send keys. It is not vulnerable to m-i-m attacks because a m-i-m cannot reproduce an entangled photon. Even observing it breaks it... so you can't even monitor communications.

Re:While I appreciate the spirit of the article... (1)

Yvanhoe (564877) | about 6 years ago | (#25406251)

Well... break it, observe it, emit the same. No ?

Re:While I appreciate the spirit of the article... (1)

MrKipling (134790) | about 6 years ago | (#25406187)

The No cloning theorem [wikipedia.org] shows that it is impossible to make a perfect copy of a quantum state, so the eavesdropper if successful will disrupt the receiver's information, giving away his presence.

Re:While I appreciate the spirit of the article... (2, Funny)

HTH NE1 (675604) | about 6 years ago | (#25405525)

It has been and still is true that adept social engineering can break any security scheme, due to the vulnerability of the people involved.

And unfortunately, if you take the people out of the loop, you're letting WOPR become Skynet.

Re:While I appreciate the spirit of the article... (1)

HTH NE1 (675604) | about 6 years ago | (#25405555)

And unfortunately, if you take the people out of the loop, you're letting WOPR become Skynet.

Then again, "unfortunately" depends on yourwelcome datacompperspective.

Re:While I appreciate the spirit of the article... (0)

Anonymous Coward | about 6 years ago | (#25406035)

Helo Slashbot I am Nigerian prince desperately in need of money!@! Please provide me your bank account full number adn SWIFT information please asap

You will receive refund in full after i rescue my family stranded in very secure location.

I know what to do (2, Funny)

kcbanner (929309) | about 6 years ago | (#25405021)

Someone encrypt his hard drive with quantum encryption...see how pointless it is then!

Re:I know what to do (1, Funny)

Anonymous Coward | about 6 years ago | (#25405163)

"So, are my files destroyed?"

"I'm sorry sir, we won't know until we look."

"Well, isn't that obvious? What am I paying you people for? Next thing you'll tell me a cat ate my data."

"Actually, sir, it *is* possible that a c--"

"You're fired."

Yes, it is pointless. I see what you mean.

Re:I know what to do (5, Funny)

KDR_11k (778916) | about 6 years ago | (#25405321)

This is Bruce Schneier we're talking about. Bruce Schneier can decrypt quantum encryption by giving it a stern look.

Re:I know what to do (0)

Anonymous Coward | about 6 years ago | (#25405381)

Stern look? He just has to intend to form the intention to give a stern look!

Learned from Chuck? (1)

teko_teko (653164) | about 6 years ago | (#25406129)

I didn't know Bruce Schneier is Chuck Noris' student.

Re:I know what to do (0)

Anonymous Coward | about 6 years ago | (#25406161)

He encrypts his hard drive by passing it through ROT13 twice...and still, nobody has been able to break the cipher to this day.

Obligatory (-1, Offtopic)

Anonymous Coward | about 6 years ago | (#25405097)

In Soviet Amerika, quantum cryptography encrypt YOU!

Cordially,
K. Trout

oh boy (0)

Anonymous Coward | about 6 years ago | (#25405199)

sure he says that now, but wait until he's stuck in 1965 with only Al telling him what Ziggy says. How will he get back to his own time if his messages are all unencrypted?

Quantum computing breaks normal encryption? (1)

nategoose (1004564) | about 6 years ago | (#25405261)

I think I remember reading that one of the hard to compute problems that quantum computing would make short work of was breaking standard cryptography. If I in fact did read that, and if it was true, then quantum cryptography might still have points.

Solving the wrong problem (5, Interesting)

Checkered Daemon (20214) | about 6 years ago | (#25405263)

Encryption is easy. Authentication is hard. Quantum cryptography is a solution of the wrong problem.

Hmm. Sounds Familiar (2)

StickyWidget (741415) | about 6 years ago | (#25405269)

That's what they said about public key cryptography in the beginning too. And it defined an entire industry. ~Sticky

Re:Hmm. Sounds Familiar (1)

Daffy Duck (17350) | about 6 years ago | (#25405699)

Enlighten us... who said public key cryptography was pointless in the beginning?

ObCasinoRoyale [imdb.com]

What Schneier is trying to say: (5, Funny)

paniq (833972) | about 6 years ago | (#25405273)

Quantum cryptography may appear like serious matter on close inspection, but when you look away, it's just a wave.

Re:What Schneier is trying to say: (2, Funny)

exley (221867) | about 6 years ago | (#25405839)

Are you certain about that?

Re:What Schneier is trying to say: (1)

paniq (833972) | about 6 years ago | (#25406281)

Actually: no. I do understand Schneier's position, but I have trouble measuring what he's getting at, and at which speed.

Allright, enough with the subatomic jokes.

Re:What Schneier is trying to say: (0)

Anonymous Coward | about 6 years ago | (#25406287)

Quantum cryptography may appear like serious matter on close inspection, but when you look away, it's just a wave.

You mean a wavicle?

Silly Noob, Physics aren't for kids!

one less cause of defect (1, Insightful)

Catil (1063380) | about 6 years ago | (#25405289)

I think that having one less cause of defect during a transmisson by completly ruling out that data could either be unknowingly viewed, intercepted or altered by a middleman is a value not to be underestimated. It is certainly not pointless.
As far as I know, Switzerland already successfully tested it during last year's elections by transfering voting data from a few selected stations to the voting headquarters. Given all the problems with voting machines, that's a quite obvious area of application. However any data might change after the votes, it was not during that transmisson.

Re:one less cause of defect (1)

HTH NE1 (675604) | about 6 years ago | (#25405607)

As far as I know, Switzerland already successfully tested it during last year's elections by transfering voting data from a few selected stations to the voting headquarters. Given all the problems with voting machines, that's a quite obvious area of application.

You can still transmit falsified data over a secure connection. In fact, it can be falsified at either end without breaking the security of the connection.

(Not that I'm suggesting there was any falsified data in Switzerland's elections.)

Re:one less cause of defect (1)

Catil (1063380) | about 6 years ago | (#25406359)

Of course, but not by a completely unrelated middle-man (later to be used as scape-goat if there is proof of manipulation. /tinfoil hat)
If security is otherwise strong and kept up, there would be a rather small list of suspects that had access to the voting machines and the data, all known by name, and at least one of them has to be involved.

Who are the users? (4, Interesting)

SirGarlon (845873) | about 6 years ago | (#25405305)

I have always thought of quantum cryptography more as something for CIA-to-Pentagon or Swiss-bank-to-Swiss-bank kinds of communication, not something for Aunt Tillie. I think the vulnerability of the system depends on who's using it.

Nope (1)

Joce640k (829181) | about 6 years ago | (#25405599)

CIA/Banks don't need public key cryptography (which is the only kind quantum computing could break, assuming they ever get it working).

If I was the CIA or a Swiss bank I'd be using 3DES - invented in the 70s and one of the most analyzed algorithms in all of history.

Like he says, the algorithm isn't the problem, it's the people who write choose crappy passwords. This is why the USA eventually dropped restrictions on crypto export - it's much easier to install a key logger or guess a password than to crack even a medium strength cipher.

Re:Nope (0)

Anonymous Coward | about 6 years ago | (#25405787)

Quantum crypto is NOT an ALGORITHM. RTMFA.

Re:Who are the users? (1)

vrdlbrnft (532454) | about 6 years ago | (#25406053)

The key points of the article is wrong. Technologies evolve and become cheaper to be used by masses. First it is used for early adaptors, in use cases where millions don't matter. In years it can be Aunt Tillie's(tm) fibre connection to the internet, because everybody hates those one-time-password-generators.

Re:Who are the users? (1)

Eberlin (570874) | about 6 years ago | (#25406215)

This is clearly not for Aunt Tillie, as you mentioned. Bob and Alice, on the other hand, may want to check their credit reports more frequently.

Quantum Key Exchange not Quantum Computing (0)

Anonymous Coward | about 6 years ago | (#25405365)

A lot of folks in this thread haven't read the article, and are confusing quantum key exchange (which is what Schneier is talking about) with quantum computing. This isn't about using Schor's algorithm to factor large primes in P, this is about sending keys via a channel which can, through quantum effects, validate whether or not an eavesdropper is present.

Re:Quantum Key Exchange not Quantum Computing (5, Informative)

SpicyLemon (803639) | about 6 years ago | (#25405687)

That's what I was thinking as I read a bunch of these posts. The only thing quantum computing and quantum encryption have in common is the word "quantum."

Quantum computers use the superposition of states to form qubits used to do computations using multiple numbers at the same time.

Quantum encrypting uses polarization of light and different alignments of filters to communicate a shared key used to encrypt data. If someone's listening in, they will disturb the polarization causing red flags to go up during the communication of the key. That tells you it's not safe to transmit the message. Furthermore, even if you did, it would just be garbled anyway.

The downside to quantum encryption is that you have to have an uninterrupted fiber optic line from one point to the other. If, at any point, that line has to go through a switch of some sort, you now have a weak point in the encryption where someone can be listening in without you knowing.

It's probably important, too, to point out that we have both quantum computers and quantum encryption. However, the current quantum computers don't have nearly enough qubits to be a threat to public key encryption and the single fiber optic line constraint of quantum encryption is holding it back.

Until quantum computers have thousands of qubits and are easily obtainable, we don't have much to worry about anyway.

Not news (2, Insightful)

dachshund (300733) | about 6 years ago | (#25405441)

Bruce has said this dozens of times before this, and he's right. Quantum Cryptography (or alternatively, Quantum Key Distribution) has no commercial application today, outside of (maybe) a few paranoid and high-security government applications. But the latter can hardly be much of a commercial application, since the existence of a large government market would send a strong signal that governments aren't confident in existing cryptographic algorithms. That would be a bad signal to send.

Furthermore, QKD networks have issues including side channel attacks, where the machinery for transmitting/receiving photons actually leaks information via EM emissions, measurable power consumption, or even sound. In fact, one of the big issues they've had in research networks is that historically the transmission machinery has been noisy as hell.

Sorry, Bruce, you're just plain simply WRONG... (1)

somethingwicked (260651) | about 6 years ago | (#25405487)

It is far from pointless.

Poor implementation of cryptography and who you trust with the keys being unreliable do not mean that making it stronger has no practical benefit.

*I* can control who I give the keys to. Just because most people/implementations do not does not mean there isn't a reason for better cryptography.

The problem is that cryptography is used for many things that either are not important enough to the person that has the keys for them to protect. If I have the keys, and the only keys to my secret $1,000,000,000 lottery ticket, I will pretect it fiercely. Give it to my secretary who has no interest or knowledge of what it protects and she will write the key on a note

Nope, he's right... (1)

Joce640k (829181) | about 6 years ago | (#25405707)

Even 3DES (or variations on it) is strong enough for all practical security problems.

AES was mainly developed because software DES is very inefficient, not because DES was broken*.

It's hard to see a practical benefit to developing new algorithms. Much better to devote the effort to analyzing the existing ones.

[*] Obviously plain 56-bit DES is quite weak these days but 3DES is still secure for the foreseeable future.

Stake out (1)

statemachine (840641) | about 6 years ago | (#25405761)

Bruce,

Whose attack are we defending from here? And who's being attacked? When you say there's no commercial value and only a few technophiles will use it, do you also include well-funded adversaries and governments in the commercial category -- or are they the technophiles?

I'm sure we all can think of many applications where it's a lot easier to attempt interception than go after the endpoints which would be heavily guarded and/or have highly trained personnel who would die rather than divulge information.

Obviously Quantum Cryptography isn't for individuals. I don't believe it was ever touted as such. But there are many technologies that are in use today that are very expensive and not meant for individuals. Probably the biggest example, literally, I can think of, is an aircraft carrier -- are you going to tell me it isn't worthy just because it's somewhat easier to sneak onto it a small boarding party than torpedo/bomb and sink without early detection?

I simply think you're mistaken in your dismissal. Although, I'm surprised you didn't think about the other scenarios besides a stake. Anyone using QC isn't going to use the equivalent of a stake for security. QC is more like an aircraft carrier and not a better deadbolt.

Economics is in Cracking Codes (1)

smist08 (1059006) | about 6 years ago | (#25405851)

I thought the point of quantum cryptography was to break codes. Ie it provides a good algorithm to factor large numbers into primes, thus allowing governments with large expensive quantum computers to crack various SSL or other encrypted traffic. So I guess the economic value is that it provides a market (namely spy agencies) for expensive quantum computers.

CIA announces the most secure network ever . . . (0)

PolygamousRanchKid (1290638) | about 6 years ago | (#25406009)

. . . "Using advanced quantum cryptography technologies, this system is unbreakable," announced the joint US and British officers in charge of the system, Aldrich Ames and OBE Kim Philby . . .

Sadly, the US Intelligence [sic] Services tend to rely too much on SIGINT instead of HUMINT.

Nuclear Subs (1)

lalena (1221394) | about 6 years ago | (#25406099)

What about the benefits of communicating under hundreds of feet of water without transmitting your location.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?