Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Los Alamos National Labs Has Working Hub-and-Spoke Quantum Network

Unknown Lamer posted about a year ago | from the only-criminals-use-quarks dept.

Communications 55

New submitter hutsell writes with this excerpt from MIT's Technology Review: "Richard Hughes and his associates at the Los Alamos National Laboratory in New Mexico announced today that they have been sending perfectly secure messages with their Quantum Internet that has been in operation for the last two and a half years." Original paper. Unlike current quantum networks that only allow point-to-point networking, the system at Los Alamos combines traditional and quantum links to route messages through a hub while retaining the security advantages of quantum networking.

cancel ×

55 comments

I propose the name "QuantumLink" (1)

Rob Cebollero (242701) | about a year ago | (#43648941)

Oh, wait

Re:I propose the name "QuantumLink" (0)

Anonymous Coward | about a year ago | (#43649029)

Der Her.

Apparently he wants to cash in on geek cred for knowing about the obscure C64 service.

Re:I propose the name "QuantumLink" (3, Funny)

fisted (2295862) | about a year ago | (#43649377)

Wow, Sir, you know about that obscure C64 service!
Here, have some geek cred!

Re:I propose the name "QuantumLink" (0)

Anonymous Coward | about a year ago | (#43649735)

Quantum Leap (through the hub).

Re:I propose the name "QuantumLink" (0)

Anonymous Coward | about a year ago | (#43650147)

...I wonder how to say it in Chinese, as I'm sure the plans for the network have already made it there, Los Alamos being so secure and all. No no- it just laptop full of porn! I innocent! I innocent!!!

Jesus knows. (-1)

Anonymous Coward | about a year ago | (#43648967)

Jesus can see what's inside your undies. Jesus has secured cameras installed in everyone's undies; invisible, immovable, battery-operated, wireless security cameras. Jesus can see everything that's inside your bare undies, and his cameras are panning towards your ass!

Was anyone else hoping.... (0)

Anonymous Coward | about a year ago | (#43648973)

they where watching cat-vids on you-tube via quantum-entanglement?

Re:Was anyone else hoping.... (3, Funny)

femtobyte (710429) | about a year ago | (#43649011)

Why do you think it took them two and a half years to report this? They had to make dead cat versions of every cat video on YouTube just so they could properly distribute them over the quantum network. That's a lot of dead cat videos. Your tax dollars at work.

Re:Was anyone else hoping.... (1)

q.kontinuum (676242) | about a year ago | (#43652077)

Obviously you have to employ lots of people in order to get all the cats eaten to avoid them going to waste.

advantages? (0)

Anonymous Coward | about a year ago | (#43648993)

For those of us who aren't quantum physics mega loser nerds, mind telling us at least -one- advantage in the summary? jeez.

Re:advantages? (1)

Anonymous Coward | about a year ago | (#43649017)

it neutralizes "man in the middle" attacks on the key exchange, because if anyone listened in on the key exchange, you would know and can discard the key an renegotiate. At least that's how I'm reading. (my quantum mechanics-fu *IS* a bit weak)

Re:advantages? (0)

The Pirou (1551493) | about a year ago | (#43649027)

One advantage is that someone that isn't a quantum physics mega loser nerds gets to update the Wikipedia entry on Quantum Networking, thus creating self gratification in contribution to something Quantum.

Re:advantages? (1)

BrokenHalo (565198) | about a year ago | (#43649035)

For those of us who aren't quantum physics mega loser nerds, mind telling us at least -one- advantage in the summary? jeez.

Err. OK. Quantum computers are incredibly secure because they are so small, no-one can find their ethernet ports. That do?

So... (4, Interesting)

fuzzyfuzzyfungus (1223518) | about a year ago | (#43649033)

Any word on what percentage of the quantum-encrypted traffic is flowing between classically-compromised systems?

Re:So... (2)

femtobyte (710429) | about a year ago | (#43649079)

Given that their posted paper was typed in Microsoft Word (with correspondingly *really terrible* typesetting), it looks like this branch of the labs is likely to be running 100% compromised systems.

Re:So... (3, Insightful)

fuzzyfuzzyfungus (1223518) | about a year ago | (#43649147)

I was semi-joking; but it is actually a serious question. (To the best of my understanding) a quantum-encrypted network provides rock-solid assurance that nobody is physically tapping your lines. Depending on your site, your level of paranoia, and your value as a target, this may be a worthwhile investment compared to classically-encrypted tunnels, or guys with guns keeping people away from your fiber. However, it has no effect whatsoever on the (easier and more common) purely electronic attacks on vulnerable systems. A quantum-encrypted network will just as happily protect packets being sent back home by a keyloggger as it will anything else, and it has no particular ability to detect the evil bit.

This doesn't make it useless; but it's really quite a different animal from classical encryption, or from good system security, and the present state of average system security is so dreadful that it rather overshadows physically tapping lines. If you can get a zero-day for $50k, it starts to become difficult to justify even sending a legitimate contractor out to dig up and splice a bunch of fiber, much less some l33t covert ops fiber modding operation.

Re:So... (2)

TubeSteak (669689) | about a year ago | (#43649209)

They have not implemented a quantum-encrypted network as you are thinking of it.
The quantum channel is used to pass one-time encryption pads.
Then the OTPs are used to encrypt network data.

Quantum computing isn't nearly fast enough to push real world amounts of data.
But it doesn't really need to, if we can use it to generate bullet proof encryption.

Re:So... (1)

wonkey_monkey (2592601) | about a year ago | (#43651343)

I thought an OTP had to be at least as long as the data to guarantee security - in which case, why not just transmit the data quantum-, uh, -ly?

Re:So... (1)

Anonymous Coward | about a year ago | (#43654503)

My understanding is that a quantum tunnel is tamper evident, not tamper proof. Thus if you send data, and that data is intercepted, you have still lost the data, you just know that it was intercepted.

If you send a OTP and that OTP is intercepted, you have lost some random bits; generate some new ones and resend. Any OTP that gets through without being compromised is then safe to use to encrypt your data with a simple bit-wise XOR algorithm, which can be decrypted at the other end the same way.

Re:So... (1)

femtobyte (710429) | about a year ago | (#43649327)

Yep, if the nodes at the end are compromised, no amount of quantum kerfluffery will prevent you from being screwed. The specific application described in the paper referenced in the summary is secure communication between industrial controllers in critical infrastructure. One would hope this was an area where infrastructure builders would be better at security than "hey, let's make all our nuclear power plant controllers visible on the general internet, with default passwords, running an outdated version of the software riddled with exploitable holes" --- ideally, such devices would already be on a very restricted network, with minimal and tightly controlled links to the outside world, and abundant physical security at the endpoints. Of course, in the real world, a lot of critical industrial control computers actually are *incredibly stupidly exposed to the general internet with trivial or no security precautions* --- obviously, this is most important to fix first. But, once you do have a not completely stupidly vulnerable system , it might be useful to also fend off more advanced attackers who might actually splice into fiber links (even though the fact that today, with all the exposed vulnerabilities, factories aren't already blowing up left and right, indicates that even poor security is good enough against the general lack of attackers).

Re:So... (3, Informative)

WaffleMonster (969671) | about a year ago | (#43650221)

I was semi-joking; but it is actually a serious question. (To the best of my understanding) a quantum-encrypted network provides rock-solid assurance that nobody is physically tapping your lines.

All quantum crypto gives you is one time pad material that cannot be derived from previous communications.

For example say you are able to record all classical communication between parties. If at some point in the future you are able to somehow compromise the initial encryption key you would be able to go back and decrypt any communications using this key and rotated keys based on the initial key or descendants of said keys if communicated within intercepted channel after the fact.

With quantum crypto there is no longer a physical linkage possible because pad data is guaranteed to be knowable to exactly two parties.

There is still very much a real classical problem in that you need to establish a trust relationship between yourself and your communication partner to have any assurance as to which party you are actually OTPing in quantum world...This is always done using an initial classical key to protect against Active MITM of the quantum channel.

While I appreciate the value in this scheme in the real world I do wonder what the actual benefit is for things like electric grid control cited in their paper where forward secrecy has very little value to begin with.

While it is true that a compromised key could not in theory be used for long....if you already had the ability to compromise current key you could then also perform an undetectable active MITM against the quantum communication channel and from then on be privy to all new OTP/key refreshes.

Any of us can exchange data over the Internet with the same level of assurances as the best fancy quantum gear...All you need to do is exchange OTP data offline (SD card filled with a few GB of random garbage) and you are set for a very long time of guaranteed intercept free communication. Years worth of voice chatter..lifetimes worth of text messages or short control messages all for small fractiones of pennies on the dollar. Sure it does not scale but no trust relationships ever really meaningfully do.

As with the quantum gear your vulnerability is and always shall be compromise of that which hold trust/keys.

Re:So... (0)

Anonymous Coward | about a year ago | (#43655997)

Actually there are good ways to do authentication and prohibit MITM. Also the benefit for the electric grid is that the computational power required to authenticate and encrypt the data is low so you get low latency when sending very time critical messages.

Re:So... (1)

maxwell demon (590494) | about a year ago | (#43650921)

Classical encryption of the link also doesn't help with compromised systems. Your SSL connection to your bank may be perfectly fine and secure, if your computer is compromised, it won't help you.

Re:So... (1)

fast turtle (1118037) | about a year ago | (#43649245)

but which universe was compromised?

Re:So... (1)

femtobyte (710429) | about a year ago | (#43649349)

the horrible evil twin one, where national security quantum communications researchers use *Microsoft Word* to prepare documents. Unfortunately, I seem to have woken up on the side of the bed that collapsed the universe's wavefunction into that state this morning.

Re:So... (1)

Anonymous Coward | about a year ago | (#43649677)

the horrible evil twin one, where national security quantum communications researchers use *Microsoft Word* to prepare documents. Unfortunately, I seem to have woken up on the side of the bed that collapsed the universe's wavefunction into that state this morning.

No, there's nothing wrong. I checked my ST:TOS DVDs and there's only ONE episode where Spock appears clean-shaven.

Re:So... (0)

Anonymous Coward | about a year ago | (#43649509)

Holy crap you are right - these people don't use latex.

Should I take as lessening their credibility? Or should it make me more open minded so that I think "Now, just because someone writes something in Word doesn't mean that they are a bad person"?

Such a confusing world we live in.

Re:So... (1)

femtobyte (710429) | about a year ago | (#43649599)

Crimes against typography are no laughing matter. Do you know how many orphans and widows [wikipedia.org] are made by bad layout engines?

Re:So... (0)

Anonymous Coward | about a year ago | (#43649737)

There's no justification for cases of bad typography, that unending font of rivers of tears.

Re:So... (0)

Anonymous Coward | about a year ago | (#43649159)

I'd ask the bot owners, I don't think anyone at Los Alamos is likely to know for sure.

Re:So... (2)

fuzzyfuzzyfungus (1223518) | about a year ago | (#43649175)

I'd ask the bot owners, I don't think anyone at Los Alamos is likely to know for sure.

I would; but my Mandarin is totally dreadful.

Re:So... (0)

Anonymous Coward | about a year ago | (#43649379)

100% and 0% - at the same time.

no RFC yet? (0)

Anonymous Coward | about a year ago | (#43649103)

How am I supposed to implement this without an RFC? Do we get quantum packet addresses, time-to-live values, quality-of-service values, window sizes, port numbers...?

Re:no RFC yet? (0)

Anonymous Coward | about a year ago | (#43649409)

no. too secure.

Network Name (0)

Anonymous Coward | about a year ago | (#43649419)

I propose that we name the quantum computing network SKYNET, because I foresee no bad consequences from this.

SPOF (1)

manu0601 (2221348) | about a year ago | (#43649757)

I just red TFA, it seems there is a big scalability problem, as the network uses a central hub, and each node must have a direct optic fiber connection to the hub. The central hub security is critical, so we have a huge Single Point Of Failure.

Re:SPOF (1)

femtobyte (710429) | about a year ago | (#43649803)

In TFA, the intended application for this particular topology is big industrial/infrastructure control systems --- where you typically already have a central hub (which needs to be properly secured) with fiber links to many controllers. The technology works over typical existing fiber, and requires only relatively inexpensive transmitters at the end nodes (with one more expensive receiving photon detector at the central hub). No reason you couldn't use the same principles with redundant fiber connections to multiple central hubs. But, if laying fiber is itself too much of an obstacle, then you're probably out of luck for "quantum" solutions.

Evanescent wave (1)

manu0601 (2221348) | about a year ago | (#43649855)

All this stuff assume optical link cannot be taped. When I studied fibers at university, I recall being told about evanescent wave. Is it possible to infer some information from it without being detected? If not, how is it prevented?

Re:Evanescent wave (4, Informative)

femtobyte (710429) | about a year ago | (#43649909)

No, it doesn't assume the optical link can't be tapped. In fact, the quantum encoding is specifically a defense against the optical link being tapped. The data is sent one photon at a time. If a tapper captures the photon (even by leakage from evanescent waves), they destroy the information --- and are neither able to know for themselves, or reliably re-send to the receiver, the bit that was sent. If the tapper doesn't capture the photon, they they haven't tapped the line. At the receiving end, getting too high a dropped bit rate (or scrambled nonsense bits) lets you know the line is compromised, while the attacker still doesn't get any useful information.

Re:Evanescent wave (2)

Meneth (872868) | about a year ago | (#43650887)

This only holds true for single-link connections. When we introduce a hub, it has to be trusted. From TFA:

So as long as the hub is secure, then the network should also be secure.

This destroys the protection from wiretapping that quantum crypto promised.

Re:Evanescent wave (1)

maxwell demon (590494) | about a year ago | (#43650937)

This actually surprises me, because using entanglement swapping I think it should be possible to make a protocol so that even a compromised hub could not compromise the security, thanks to monogamy of entanglement.

Re:Evanescent wave (2)

Rich0 (548339) | about a year ago | (#43652691)

Well, I see two potential problems with transmitting quantum crypto through hubs without trusting them:

1. The signal loss problem. The longer the continuous link without retransmission, the more data loss and the lower effective transmission rate. What you refer to might help with that if it allows signals to be boosted without destroying/recreating the photons.

2. The routing problem. Each packet has to get to the right destination, but if every photon on the line is a quantum encryption bit then you can't read them to determine their destination without disrupting the link. I see two potential solutions here:

2.1. One is to use channels (like the old POTS approach) - you have 10 data lines and a control line to the hub, and you ring up the hub and ask for one of them to be connected to some remote destination. Then the entire network creates a single dedicated channel where photons can traverse untouched.

2.2. The more optimal approach would be packet switching, but you'd need to have packets that include both unencrypted headers (at least a destination field) and encrypted payload, and the timing/etc would have to be such that the switch can pick out only the photons it should intercept and let the rest pass through. For that matter it would require some kind of tap that lets selected photons pass through completely untouched and perfectly captures others, and that this could be switched between both modes VERY quickly.

If you can trust the hubs then you only have point-to-point links and you don't have to mess with any of this stuff. This does rely on owning all the hubs and securing them. For a big company that isn't a problem, but for a consumer you're not going to be able to own all the hubs between yourself and your bank.

Re:Evanescent wave (1)

maxwell demon (590494) | about a year ago | (#43656585)

1. The signal loss problem. The longer the continuous link without retransmission, the more data loss and the lower effective transmission rate. What you refer to might help with that if it allows signals to be boosted without destroying/recreating the photons.

Good point. While entanglement swapping doesn't destroy and recreate the photons (no scheme doing that could transmit the entanglement needed to ensure secure encryption), it indeed depends on the detection of photons (those photons which are detected obviously are not part of the final entangled pair), and thus the finite detector efficiency would indeed cause an effective loss.

Re:Evanescent wave (1)

tgd (2822) | about a year ago | (#43651899)

This only holds true for single-link connections. When we introduce a hub, it has to be trusted. From TFA:

So as long as the hub is secure, then the network should also be secure.

This destroys the protection from wiretapping that quantum crypto promised.

Yes, by all means you're smarter than the people at Los Alamos who built it.

You should apply for a job!

Re:Evanescent wave (1)

Rich0 (548339) | about a year ago | (#43652511)

This destroys the protection from wiretapping that quantum crypto promised.

Quantum crypto always has had this limitation - it is a point-to-point system only. If you want multiple endpoints then you either need the 2^n connection growth or you need hubs that are trusted.

However, securing the hubs ON YOUR OWN NETWORK isn't that hard if you really care to do it. The problem is that you can't do it on somebody else's network, like the Internet, unless you trust everybody.

Re:Evanescent wave (1)

femtobyte (710429) | about a year ago | (#43655261)

If you want multiple endpoints then you either need the 2^n connection growth

I'll assume you meant to type n^2, unless you're a network hardware salesman looking to make a lot of extra sales :)

Re:Evanescent wave (1)

Shatrat (855151) | about a year ago | (#43654069)

You are overthinking it. If I wanted to tap someone's network, I'd find a splice case in the middle of nowhere and splice in a 90/10 splitter during some unrelated outage so it wouldn't be noticed. To the victim it would just look like a relatively poor splice on their OTDR readings.

Fail (0)

gweihir (88907) | about a year ago | (#43650043)

As soon as there is any conventional link involved, this fails completely. At best it can be called dishonest, but it seems to be more on the "stupid" class where those making the claims do not even understand the problem.

Re:Fail (0)

Anonymous Coward | about a year ago | (#43650127)

I've got a feeling the guys doing this probably know what they're doing. Not always the case, but it probably is.

Re:Fail (0)

Anonymous Coward | about a year ago | (#43655691)

thank you.

Re:Fail (1)

maxwell demon (590494) | about a year ago | (#43650969)

As long as the conventional links only pass encrypted data without owning the key, it is perfectly secure. Quantum encryption usually means non-locally creating a one-time pad using quantum mechanics, and using that to securely encrypt classical messages (it can be proven that OTP is perfectly secure, so any attack against the scheme has to be with the OTP generation part, which is completely quantum). Indeed, even in protocols where you don't explicitly apply an OTP (as in quantum teleportation) you could consider the process to do the OTP implicitly. The point is that the classical data you send is in any case completely uncorrelated with the message you send. The security would not be compromised even if you put the classical data onto a public message board.

Re:Fail (1)

gweihir (88907) | about a year ago | (#43654755)

You should read up on it. It uses conventional symmetric encryption, as a cryptographic key-exchange is not more risky than symmetric encryption. Nobody does one-time pads via quantum modulation. It would take forever.

Explanation (0)

SpectreBlofeld (886224) | about a year ago | (#43650191)

Can someone with the technical knowledge of this summarize in comprehensible terms how this works on a physical level? I *mostly* (okay, abstractly/partially) understand how it works on a theoretical level, but I have zero understanding of what's going on at the hardware level. What sort of hardware is in use here, and how does it work?

Too bad... (1)

lw7av (1734012) | about a year ago | (#43651491)

...it's not transfer of info over QT. Such an invention would create a truely decentralised internet; peers connected directly without corporates and gvt as go-betweens.

Security feeds are a traipse to access... (1)

gatkinso (15975) | about a year ago | (#43651825)

...and I wasn't the first one in. This one has tracks on it.

Life imitates art!

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...