Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Totally Secure Non-Quantum Communications?

ScuttleMonkey posted more than 8 years ago | from the i-wouldn't-use-the-word-totally-yet dept.

Encryption 235

An anonymous reader writes "TEES is reporting that Dr Laszlo Kish, an associate professor at Texas A&M, has proposed a 'classical, not quantum, encryption scheme that relies on classical physical properties -- current and voltage. He said his scheme is absolutely secure, fast, robust, inexpensive and maintenance-free and relies on simultaneous encrypting of information by both the sender and the receiver.' The scheme uses properties similar to Johnson noise along with Kirchoff's Law to provide what he hopes to be an easier method of secure communications. Arxiv also has the full text [PDF Warning] of the paper."

cancel ×

235 comments

Sorry! There are no comments related to the filter you selected.

Classical Mind (-1)

Anonymous Coward | more than 8 years ago | (#14229124)

Pshh... He just failed calculus 201

Re:Classical Mind (0)

Anonymous Coward | more than 8 years ago | (#14229456)

He said his scheme is absolutely secure

And his penis is absolutely the biggest.

Padlock by Via? (0)

viewtouch (1479) | more than 8 years ago | (#14229127)

Isn't this already implemented in Via's Padlock method for the Via CPU's?

Re:Padlock by Via? (1)

osu-neko (2604) | more than 8 years ago | (#14229201)

No.

Re:Padlock by Via? (1)

TubeSteak (669689) | more than 8 years ago | (#14229210)

These tools are a hardware implementation of the latest encryption algorithms that the U.S. Government and many other governments around the world use to secure their information and communications.

A hardware implementation means that the all the hard work to make information safe is done by circuitry inside the computer, rather than by using the operating system, memory and software resources.

...


To aid the level and sophistication of the encryption techniques used in VIA PadLock, a twin engine random number generator is also included. This uses the world's best techniques to create these unpredictable numbers at speeds of up to twenty million (20,000,000) random numbers per second, and uses the theories of quantum physics to create unpredictable random numbers



Hardware based encryption with really really large keyspaces is the way to go.

Implementing it in hardware removes encoding/decoding speed as an issue and 2k or 4k bit key lengths make it impractical to attack, unless you find a major weakness in the algorithm.

Re:Padlock by Via? (1)

joto (134244) | more than 8 years ago | (#14229306)

Are you on crack? The article discusses an analog encryption scheme for transfer of information along physical lines. On the other hand, VIA Padlock is a hardware implementation of a random number generator and some encryption algorithms.

Apart from having used the word "encryption" in the description of both of them, they have about as much to do with each other as a shoe and a condom (both are pieces of "clothing").

Re:Padlock by Via? (1)

zwad (937823) | more than 8 years ago | (#14229555)

actually if you had read his article, you would realize it is a digital sceme. however from my glance, it seems his scheme is flawed because he seems to assume that the voltage and current in the circuit travels instantenously, when in fact of course its limited by the speed of light.

A lesson for venture capital (4, Funny)

Dster76 (877693) | more than 8 years ago | (#14229128)

From TFA:

Kish said that the dogma so far has been that only quantum communication can be absolutely secure and that about $1 billion is spent annually on quantum communication research.

I guess the quantum bubble is about to burst.

Re:A lesson for venture capital (3, Informative)

ettlz (639203) | more than 8 years ago | (#14229173)

As I understand it, quantum cryptography is only used as a method of key distribution, which then put into a "normal" cryptosystem like AES. The supposed advantage over asymmetric public-key distribution is that it can't be broken by a quantum computer. However, it is still vulnerable to man-in-the-middle attacks, and encryption is worthless without authentication — so why consider quantum cryptography in the first place?

Re:A lesson for venture capital (3, Informative)

Dster76 (877693) | more than 8 years ago | (#14229189)

From http://en.wikipedia.org/wiki/Quantum_cryptography [wikipedia.org]

In Quantum Cryptography, traditional man-in-the-middle attacks are impossible due to Heisenberg's uncertainty principle. If Mallory attempts to intercept the stream of photons, he will inevitably alter them if he uses an incorrect detector. He cannot re-emit the photons to Bob correctly, which will introduce unacceptable levels of error into the communication.

If Alice and Bob are using an entangled photon system, then it is virtually impossible to hijack these, because creating three entangled photons would decrease the strength of each photon to such a degree that it would be easily detected. Mallory cannot use a man-in-the-middle attack, since he would have to measure an entangled photon and disrupt the other photon, then he would have to re-emit both photons. This is impossible to do, by the laws of quantum physics.

Other attacks are possible. Because a dedicated fiber optic line is required between the two points linked by quantum cryptography, a denial of service attack can be mounted by simply cutting the line or, perhaps more surreptitiously, by attempting to tap it. If the equipment used in quantum cryptography can be tampered with, it could be made to generate keys that were not secure using a random number generator attack.

Re:A lesson for venture capital (1)

ettlz (639203) | more than 8 years ago | (#14229213)

It works if Mallory pretends to be Bob to Alice, and Alice to Bob. He can simply decrypt and re-encrypt, forwarding the packets between them. Both parties need to be sure of who is on the other end of the line, and in a practical system it may not be possible to check many kilometres of fibre for tampering.

Re:A lesson for venture capital (2, Insightful)

ZachPruckowski (918562) | more than 8 years ago | (#14229236)

Quantum Encryption is p2p. Which means when Bob and Alice trade IP addresses, Mallory would need to convince Bob that her IP is Alice, and Alice that her IP is Bob, which is tough. I mean, if you're trading sensitive info, you ought to be able to have each other's IPs.

Re:A lesson for venture capital (2, Funny)

ettlz (639203) | more than 8 years ago | (#14229283)

I mean, if you're trading sensitive info, you ought to be able to have each other's IPs.

If I were paranoid, think I'd rather exchange CDs at a nondescript restaurant in Prague!

Re:A lesson for venture capital (1)

Sarisar (842030) | more than 8 years ago | (#14229489)

Many years ago I was watching a program called Tomorrow's World (in the UK) where they show new technology (most of which failed to make it to market but that is another story) where they explained quantom cryptography, or rather _one_ way of doing it. I haven't read anywhere about a similar way of doing it so I will give details and then people can explain either how it would work or why I can't remember it right and it won't work.

They had a laser beam (presumably polarised?), which they split into two beams and sent that to the recipient who combined the two beams and got the message. They claimed that if someone where to interrupt the beams because of quantum flux and all that (actually they explained it as me wearing a sombrero and me not wearing a sombrero instead of 1 / 0 but anyway) it would force the beam to give either 1 or 0 but as a random and not the actual value.

Now all the stuff I've read on Wiki has it being a single beam - does splitting the beam cause some weird quantum thing that means you can't intercept or was it just as much vapourware as the rest of the 'unbreakable' encryption schemes? I know this probably wouldn't help over the internet but the military could use it for excryption? Anyway I would like to hear someone who actually knows about this stuff to explain it to me as I've always wondered about it - this was oh... probably 15 years ago that it came out on TV!

I should point out I'm not really that up on the whole quantum entaglement stuff so please use smaller words when explaining ;)

Thanks :)

Re:A lesson for venture capital (2, Informative)

gweihir (88907) | more than 8 years ago | (#14229708)

Quantum Encryption is p2p.

Yes, but without overlay network. Quantum cryptography works only for directly connected hosts, so it is basically useless except in some very special scenarios. I think the only reason quantum crypto (and that should be properly 'quantum modulation' or the like) as well as quantum computation is so popular today is because it captivates peoples imagination. Since quantum crypto is really just key excahnge, you could allways replace it with pre-comottated random keys in the neighbouring hosts with a tiny fraction of the cost. And you can also use permanent links and do key-refresh often, making the existing solution again as secure with a tiny fraction of the cost. Personally I feel that even its value as a curiosity has worn off. And the underlying physical principles are not validated enough to support even half the claime people make about quantum technology.

Re:A lesson for venture capital (2, Insightful)

gweihir (88907) | more than 8 years ago | (#14229659)

...so why consider quantum cryptography in the first place?

It is like speech recognition, VR, kitchen helper robots, ....

It does not make a lot of sense technologically, but you can get grant money for it easily, because it matches what nonexperts think computing should be able to do for them. Stupid, but very human.

Re:A lesson for venture capital (5, Funny)

LoveShack (190582) | more than 8 years ago | (#14229218)

I guess the quantum bubble is about to burst.

Well, it both is and isn't.

Re:A lesson for venture capital (1)

Colin Cordner (920954) | more than 8 years ago | (#14229774)

I guess the quantum bubble is about to burst.

Well, it both is and isn't.

There are actually at least an infinite number of universes in which it already has. Conversely, there are another infinite number in which it never will. 'Makes venture-capital decisions more interesting, I bet.

slashdot comments: (-1, Troll)

Anonymous Coward | more than 8 years ago | (#14229132)

-nothing is totally secure!!

-quantum computing will break all cryptography!!

-I am a faggot!!!!

Interesting.... (4, Funny)

DigitalReality (903767) | more than 8 years ago | (#14229137)

I'm shocked.

Re:Interesting.... (1)

SilverspurG (844751) | more than 8 years ago | (#14229187)

Aren't we all?

Re:Interesting.... (4, Funny)

ichigo 2.0 (900288) | more than 8 years ago | (#14229246)

Currently it would seem there is some resistance to your pun.

Re:Interesting.... (2, Funny)

poopdeville (841677) | more than 8 years ago | (#14229406)

LOL Watt?

Re:Interesting.... (2, Funny)

Hokkage (933594) | more than 8 years ago | (#14229472)

I don't have the capacity.

Re:Interesting.... (2, Funny)

Kuciwalker (891651) | more than 8 years ago | (#14229683)

Proof by induction?

Credibility (3, Insightful)

A beautiful mind (821714) | more than 8 years ago | (#14229139)

"James Bond may use the fanciest, most expensive and high-tech devices to thwart would-be eavesdroppers, but in a pinch, the super-spy can use one Texas A&M engineer's simple, low-cost scheme to keep data secure from the bad guys."

This is the first sentence from the article. I'm sorry, but I cannot take anything in that article seriously. On another note the guy has an interestingly hungarian sounding name.

Re:Credibility (1)

AtomicBomb (173897) | more than 8 years ago | (#14229412)

ummmmm.... "James Bond may use the fanciest, most expensive and high-tech devices to thwart would-be eavesdroppers"

Are you talking about pistol? I know it is probably the most effective technology against the weakest link in any security applications. Not sure about whether the Texas A&M guy can come up with something simpler :)

Re:Credibility (1)

LnxAddct (679316) | more than 8 years ago | (#14229431)

I would prefer more scientists start writing that way. You have to do something to keep people interested or grab their attention, otherwise lay people will never read this kind of stuff. By opening up with a sentence that says this is why you might be interested in reading the rest of this, I could give that paper to someone completely unaware of the field and they'd still probably be willing to give it a go. Now of course we'd run into other problems once the reader wasn't sure what quantum encryption is, but thats beside the point. This article didn't really go into details and equations, just a general overview, in which case trying to keep it interesting is fine. In a worst case scenario, writing papers like that will get more of the general public interested in science.
Regards,
Steve

Re:Credibility (0, Flamebait)

Jackmn (895532) | more than 8 years ago | (#14229524)

Scientific papers or articles are there to provide information in a concise and accurate manner.

Scientists are not entertainers. If some laymen are too thick to derive intellectual pleasure from reading papers, then let them wallow in their ignorance.

Re:Credibility (2, Insightful)

slashdotmsiriv (922939) | more than 8 years ago | (#14229437)

Read the academic paper (letter) not the announcement on A&M's site. The announcement is most likely not written by the good professor himself. The paper on the other hand, although it is a first draft and in the form of letter appears well written and substantiated. And a professor of EE in Texas A&M is a good enough title to provide credibility, I mean come on dude, we read hundreds of bogus articles on slashdot posted by ignorant journalists or wannabe patent owners and you raise an issue of credibility regarding a professor in one of the top 50 schools in the US?

Re:Credibility (1)

leonmergen (807379) | more than 8 years ago | (#14229471)

Then why don't you read the paper [opensubscriber.com] , referred to from the article?

There probably are a hell lot of people like me out there; I personally have a lot of difficulties reading pure-technical texts... my mind gets distracted and I don't remember the things I read. When a text is written a bit more lively way, it helps me stay focussed on the article and everyone's happy...

Too much hype (3, Insightful)

KiloByte (825081) | more than 8 years ago | (#14229140)

his scheme is absolutely secure, fast, robust, inexpensive and maintenance-free

Haven't we heard this before?
Generally, if something sounds too good to be true, it usually is neither good nor true.

OUTGOING (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14229145)

HELLO WORLD
20413 20413
HELLO WORLD
06475 06475 03023 03023 06208 06208 46034 46034 96327 96327
40778 40778 22786 22786 89333 89333 04646 04646 16388 16388
85614 85614 99906 99906 18722 18722 20668 20668 11636 11636
45541 45541 49397 49397 54912 54912 66720 66720 38128 38128
54357 54357 32041 32041 91771 91771 12328 12328 58412 58412
78926 78926 78759 78759 86665 86665 34506 34506 37714 37714
27181 27181 39795 39795 64301 64301 75426 75426 06850 06850
81791 81791 31116 31116 41104 41104 74482 74482 52690 52690
88904 88904 87117 87117 64524 64524 89047 89047 43339 43339
15225 15225 71754 71754 38511 38511 20323 20323 19275 19275
07433 07433 24408 24408 74719 74719 89717 89717 74434 74434
28558 28558 82823 82823 42673 42673 31029 31029 03594 03594
14733 14733 70081 70081 94393 94393 35329 35329 63061 63061
68888 68888 73430 73430 31972 31972 23295 23295 54092 54092
77448 77448 15756 15756 99916 99916 29522 29522 77476 77476
67435 67435 04678 04678 41432 41432 21581 21581 26731 26731
45748 45748 04277 04277 59696 59696 29181 29181 91911 91911
72987 72987 34517 34517 17833 17833 50214 50214 08214 08214
80632 80632 10553 10553 69211 69211 04253 04253 24392 24392
70131 70131 71607 71607 86709 86709 04841 04841 23724 23724
33578 33578 41121 41121 63330 63330 65875 65875 32570 32570
07718 07718 59961 59961 15380 15380 26111 26111 09580 09580
99774 99774 38996 38996 39072 39072 87323 87323 12899 12899
52180 52180 30825 30825 60365 60365 33127 33127 77951 77951
89181 89181 66066 66066 70918 70918 90079 90079 79454 79454
28623 28623 07345 07345 26744 26744 64484 64484 76003 76003
23109 23109 62022 62022 38930 38930 95619 95619 45207 45207
31110 31110 91793 91793 73886 73886 73982 73982 31326 31326
20132 20132 44573 44573 32039 32039 69541 69541 96703 96703
84650 84650 48035 48035 76888 76888 04678 04678 94840 94840
38888 38888 86132 86132 76264 76264 71755 71755 76692 76692
16911 16911 41980 41980 39905 39905 13445 13445 62490 62490
02266 02266 97047 97047 51261 51261 76434 76434 36993 36993
76146 76146 96491 96491 71152 71152 74611 74611 02461 02461
95233 95233 20445 20445 09146 09146 68849 68849 78732 78732
99166 99166 37819 37819 42945 42945 58339 58339 56104 56104
31245 31245 44847 44847 69385 69385 09730 09730 27770 27770
61479 61479 81242 81242 25823 25823 86172 86172 74398 74398
23652 23652 42489 42489 86959 86959 51968 51968 68888 68888
90692 90692
K-BYE

Nationality (0, Offtopic)

karlsruhe (937807) | more than 8 years ago | (#14229146)

Based his name he is hunagrian or has hungarian ancestors, like von Neumann or Ede Teller

Re:Nationality (2)

yakbarber (926457) | more than 8 years ago | (#14229231)

This page http://www.ece.tamu.edu/People/bios/bkish.html [tamu.edu] says he is Hungarian. (Or at least got his degree and doctorate in Hungary. Whith this name it makes him more than likely a fellow hungarian.)

Implementation (5, Insightful)

GigsVT (208848) | more than 8 years ago | (#14229147)

This sounds very good in theory, but it may be difficult to implement securely.

For example, he claims an eavesdropper could inject current to measure voltage drops, but would be discovered on the first attempt. If the eavesdropped can send a pulse of current that is so small as to not be registered on the endpoint equipment (which say samples the line at 1X sampling rate), but the attacker is injecting and sampling at a rate 100X faster, the attacker's pulse will be so far above the nyquist bandwidth of the endpoints that they will never see it.

I admit I only read the abstract, he may address this later on in the paper.

Voltage drop? (1)

TubeSteak (669689) | more than 8 years ago | (#14229177)

I'm not sure if this is at all relevant, but Lineman's phones (imagine your old school corded phone, but instead of the cord it has two alligator clips) has a 9v battery inside it so that when they clip onto the line from the phone box, there's no voltage drop.

Re:Voltage drop? (2, Insightful)

GigsVT (208848) | more than 8 years ago | (#14229188)

In this case you'd want to measure the voltage drop properties of the line to figure out what resistances were on either end.

Re:Voltage drop? (2, Informative)

johnny cashed (590023) | more than 8 years ago | (#14229517)

as an owner of 2 butt sets (lineman's phones) I can say that this isn't always true. My old western electric rotary one is batteryless. It is still handy for just that reason (and yes, I can still dial out with it on POTS service). My newer Chesilvale needs a 9v battery to work, but it also has a speakerphone in it and more features. I don't believe the battery is there to prevent detection (eliminating voltage drops).

The is more to a butt set than it being a corded phone with alligator clips. It has an audio transformer in it which permits one to hear what is on the line without going "off hook". It allows one to monitor the line without being audibly noticed (there might still be a voltage drop).

Re:Implementation (2, Insightful)

SagSaw (219314) | more than 8 years ago | (#14229202)

...but the attacker is injecting and sampling at a rate 100X faster, the attacker's pulse will be so far above the nyquist bandwidth of the endpoints that they will never see it.

Keep in mind that the energy from the attacker's pulse doesn't just go *poof* and disappear. It will be aliased to frequencies within the bandwidth of the endpoint(s) and might still be detected.

How this works and why it will fail (3, Interesting)

goombah99 (560566) | more than 8 years ago | (#14229819)

I'll confess my understanding of this is sketchy at this point. But as I read it the concept is this one has a wire connecting two resistors. The Johnson noise in the wire is determined jointly by the resistors. Both sides, sender and receiver are changing the resistance values simultaneously with the sender putting in the message and the receiver putting in random crap which gets added to the signal. A person monitoring the voltage in the middle can't tell what fraction of the noise came from which side. Therefore the message can't be extracted. Clever. Oddly it's a lot like the bell's theorem experiment in QM where both sides are changing their filters.

What seems to be the flaw in this is that he assumes that the attacker must inject current unidirectionally to determine which resistance is at which end. Perhaps another means exists, courtesy of the speed of light.

Namely if you monitor the voltage at two points along the wire then you can distinguish between a wave proapgating from left to right and right to left. So you can now determine what fraction of the noise is coming from the left and what is coming from the right. Even if the noise level made his hard to do, there's also the moment of the resistor switch to capture. Each time the resistor is changed, even if it were perfectly synchronous, the left side's noise will reach the left tap sooner he the right tap.

This last effect could possibly be masked by injecting large amounts of noise into the system during the switch. (but of course this would also mask any current injection by the attacker as well). But the former effect of the noise signals propagation might still be detectable.

Outdated and irrelevant (1, Insightful)

dada21 (163177) | more than 8 years ago | (#14229154)

Is this guy serious? Connecting random resistors across their line of communications?

Communications is getting compressed, gated and even frequency trapped in order to reduce bandwidth over the global network. Analog is dying (if it isn't dead yet). How will returning to an analog-based "encryption" system work in the digital future?

I don't see any truly safe encryption scheme. I was thinking of some a few months ago (such as having the encoding system changing how many bits and what resolution it uses in a preplanned structure that only the recipient decoding system knows). Bits are bits, and if you can vary what the bits mean and in what order they are created, it is very hard to decode those bits.

I don't think encryption is really important any more. All a government or corporate enemy needs to do is bug your office and your car and the encryption scheme falls apart. The black market government (mob, mafia, yakuza whatever) already has their perfect encryption schemes in place: say nothing, write nothing down and never tell anyone what you are doing. It works. When was the last time you heard of a mob or mafia arrest in your home town (yes, the black market exists there, too).

Government wiretapping isn't being used against the great crime squads. These systems are in place more to make citizens feel safe from terrorists, but all they really is in increase the budget of the agency trying to use the systems. In 10 years, wiretapping will be useless as information will have 500 different paths to take and no one will be able to trace them all. Imagine if you could take your voice, broadcast in your room random bits of your voice to confuse bugs and analog taps, and then chop up the real voice into 5 different streams of varying bits and frequency resolution to be sent via 5 different paths (phone line modem, DSL, cable modem, WiFi to a network 150 feet away and another path hidden in an AIM chat of noise). There is no way "they" can stop the flow of information.

The article really makes little sense to me as it seems to go backwards. It would have been great in the 80s.

Re:Outdated and irrelevant (5, Insightful)

osu-neko (2604) | more than 8 years ago | (#14229232)

Eh? Much like quantum communication systems, this is aimed at providing secure point-to-point communications. Almost everything you said above is utterly irrelevant to the question at hand. It doesn't solve any of the problems you bring up because it isn't meant to. Moving to hydrogen powered cars doesn't solve problems of secure Internet communcations, either. That doesn't make them a step backwards...

Re:Outdated and irrelevant (1)

trewornan (608722) | more than 8 years ago | (#14229262)

There is no way "they" can stop the flow of information

"They can't stop the signal, Mal!" - Joss Whedon must be part geek.

Re:Outdated and irrelevant (0)

Anonymous Coward | more than 8 years ago | (#14229345)

I'm sorry, but you are a fucking idiot.. do you have any idea what quantum communications are even used for? you are fucking outdated and irrelevant

Re:Outdated and irrelevant (0)

Anonymous Coward | more than 8 years ago | (#14229375)

I agree that encryption isn't worth sh*t. A soldering iron in someone's arse is by far the best decryption device that no one managed to beat yeat.

Re:Outdated and irrelevant (2, Insightful)

bpd1069 (57573) | more than 8 years ago | (#14229552)

How will returning to an analog-based "encryption" system work in the digital future?

It won't obviously, but we are talking about a future with quantum based encryption, no time for dogma in science...

An alternate path to that future has been proposed. To dismiss it off-hand is what kept people in the Dark Ages.

Re:Outdated and irrelevant (1)

conteXXt (249905) | more than 8 years ago | (#14229579)

besides

"resistance" is futile"

Ok shoot me now

How sensationalist ... absolutely secure, haha! (2, Insightful)

Rodness (168429) | more than 8 years ago | (#14229158)

This article (uses the words 'proposed' and 'absolutely secure' in the same paragraph. You can't trust such a claim about a proposed system until it's been implemented, distributed, deployed, and pounded on for years by cryptanalysists.

Oh, the sensationalism!

Re:How sensationalist ... absolutely secure, haha! (2, Insightful)

osu-neko (2604) | more than 8 years ago | (#14229190)

How would cryptanalysists be helpful here? You did read the article, right? About a way of making it impossible to tap communications without it being detectable immediately at the endpoints? Since the topic of the article has nothing do with encryption, I fail to see how having crypanalysists "pound" on it for years will help expose any problems...

Pinch of NaCl (1, Insightful)

Chaffar (670874) | more than 8 years ago | (#14229183)

*Disclaimer* I have no expertise whatsoever in the field but I'm very skeptical of what is being claimed.

The only way an eavesdropper can determine which resistance is being used at which end is to inject current into the communication channel and measure the voltage and current changes in different directions. Doing this, though, exposes the eavesdropper, who is discovered with the very first bit of information extracted.

But what if the eavesdropper was present from the very beginning, how will they be able to differentiate a "clear" network from a tapped one?

As a rule of thumb anyone who claims to have found a way for "totally secure" anything is either a liar looking for cheap publicity/an ego trip/ pushing a terrorist agenda. And IMHO, I can foresee his "simple" solution using resistances being just as "simply" broken using a handheld calculator and a pair of rheostats (see disclaimer).

Re:Pinch of NaCl (1)

EPAstor (933084) | more than 8 years ago | (#14229323)

*Disclaimer* My expertise in the field of circuits is lacking - but I've studied it somewhat before.

There's something of a misunderstanding here - the author doesn't claim that the sides detect a change to find an eavesdropper, but that they find a *difference* in a measurement they make. This doesn't depend on the eavesdropper coming in in the middle.

Assuming that I'm understanding the paper correctly, the author claims that there's no way to distinguish which resistance is where when the resistors differ on the two sides without injecting some measureable current, which makes sense to me.
One of Kirchoff's loop rules for circuitry basically says that charge is conserved in a closed circuit (current in = current out of any point) - and this is true to any currently measureable degree, as far as I know. In the normal setup, therefore, the sender and receiver should agree on the current in the circuit.

The next step is slightly shaky in my understanding - but I'm not sure if that's me or the concept. The paper claims that if the eavesdropper introduces a measureable current, it must create a measureable difference between the measured current values at the sender and receiver.
Given this, if the sender and receiver consistently share the values they measure for the current at each step, over a public channel, they give away no information, but if there is an eavesdropper, they discover him/her immediately.

This seems to be a sensible idea, but I don't know enough to determine the truth of the step I mentioned above, so I can't tell if the proposed solution works.

Re:Pinch of NaCl (0)

Anonymous Coward | more than 8 years ago | (#14229495)

Hm, firstly, thank you for making this somewhat understandable, even though I don't really understand the absolutes involved, i.e. why the author feels sure that it will be "impossible" rather than "hard" to extract data from nonintrusive eavesdropping. He does take into account that there are bound to be patterns in the plaintext, right?

Furthermore, isn't there a fundamental problem with this approach in that he seems to assume that "measurability" is clearly and statically defined? If I implement this scheme with equipment that can detect a difference in current above Ea > 0, what's to stop the eavesdropper from using more accurate equipment which can detect a difference in current Eb, where Ea >> Eb > 0? If they did this, wouldn't they be able to intrusively eavesdrop stealthily by introducing a difference in current which was measurable to them, but not to me? I thought the reason we call the quantum solution "totally secure" was that, given our current understanding of the laws of physics, eavesdropping is impossible, not just "eavesdropping requires more accurate/more expensive equipment".

Re:Pinch of NaCl (2, Insightful)

Mr. Slippery (47854) | more than 8 years ago | (#14229580)

Given this, if the sender and receiver consistently share the values they measure for the current at each step, over a public channel, they give away no information, but if there is an eavesdropper, they discover him/her immediately.

Ah. So if the sender and receiver and receiver already have a reliable method of communication, they can use that to prevent eavesdropping on this new channel.

Now, how do they get this reliable method of communication to check current measurements with each other, that is secure against a man-in-the-middle attack?

Re:Pinch of NaCl (1)

EPAstor (933084) | more than 8 years ago | (#14229707)

I think the simplest solution is to have the receiver be the only one who transmits his/her current measurements back. Given this, the sender can still stop sending at any point where the measurement disagrees, and the eavesdropper can't tell what measurements TO send back to prevent detection.

In the paper, though, it appears that the author essentially relies on simultaneity as the test to prevent the man-in-the-middle problem, or he's simply being vague on the topic. This seems extremely weak and unreliable... but I think the solution I proposed above might fix this.

On the topic of current-injection, though, I think I understand now... the only way to differentiate between which resistor is on which side is to inject on one wire and detect on the other, which results in a different current measurement on both sides, and the sign of the change is reversed on one side. This idea makes quite a bit of sense...

Re:Pinch of NaCl (1)

antifoidulus (807088) | more than 8 years ago | (#14229335)

*Disclaimer* I have no expertise whatsoever in the field but I'm very skeptical of what is being claimed.

Since WHEN has that ever stopped anyone from posting on slashdot?

In related news, perpetual motion device perfected (1)

leereyno (32197) | more than 8 years ago | (#14229211)

There is no such thing as what this guy is claiming to have created. Every so often someone pulls something like this out of their arse and starts making all kinds of fantastic claims that are quickly accepted as true by the uninformed.

There is no such thing as a perpetual motion machine, an honest politician, or perfect encryption. All three exist in theory, but never in reality.

It may be that this new scheme does represent a method of encryptions that is on-par with the best existing methods, or perhaps even better. It could also be that it is a smoke and mirrors scheme. It might also be an honest attempt that suffers from a catastrophic flaw which renders it useless, or a minor flaw which undermines its usefulness.

Only time and independent review will determine which of these is the case.

Re:In related news, perpetual motion device perfec (2, Informative)

ScentCone (795499) | more than 8 years ago | (#14229294)

There is no such thing as a perpetual motion machine, an honest politician, or perfect encryption. All three exist in theory, but never in reality.

Well, let's see. The perpetual motion machine doesn't exist, in theory, because the laws of thermodynamics and whatnot essentially rule it out. Of course, it may exist in somebody's theory, but their theory would be at odds with actual, working theories that correspond with reality.

You're closer to the mark when it comes to the honest politicians. I think the measure there should be "honest enough," or at least "honest about his/her opinions/policies when it comes to what we're actually talking about." No one, ever, is 100% honest. Civilization couldn't exist without a certain amount of fluff, white lies ("really, honey, you look great in that dress," or "some day, New Orleans will be just like it was before the storm"), and safety-minded subterfuge.

Perfect encryption? Don't know enough about it. But I know we can do better in talking about it than to use slightly off-balance analogies from other disciplines. It's probably far more useful, anyway, to talk in terms of how imperfectly normal human users use even the "perfect" tools we have for other purposes. That's where stuff always breaks down: GIGO.

Re:In related news, perpetual motion device perfec (1)

Superfarstucker (621775) | more than 8 years ago | (#14229649)

I thought the carnot heat engine was a perpetual motion machine. Input = output. A perfectly reversible thermodynamic system. Perpetual motion by my book... The theorem doesn't claim to correspond to reality but it certainly has a limited use in understanding it
<BR><BR>
  http://en.wikipedia.org/wiki/Carnot_heat_engine

Re:In related news, perpetual motion device perfec (1)

ScentCone (795499) | more than 8 years ago | (#14229750)

thought the carnot heat engine was a perpetual motion machine. Input = output

Nope! Read the article you linked to. Carnot's theorm indicates that no engine operating between to heat resevoirs can be more efficient than his... but that doesn't mean there's no loss in the system. On the face of it, such a thing would require no gravity present, no friction in the system, literally perfect heat trapping, etc. The theories are that those things are impossible, and so with the Carnot engine, we're talking about degrees of efficiency, not perfection in efficiency. No free lunch!

quantum recording (1)

digitaldc (879047) | more than 8 years ago | (#14229222)

"The only way an eavesdropper can determine which resistance is being used at which end is to inject current into the communication channel and measure the voltage and current changes in different directions."

How about recording the signal after it has been transmitted through some output at the other end? This bugging would not interfere with the signal being transmitted but would still record the information for transmittal later? If you are transmitting the information through a computer, I think someone will figure out how to get it.

Re:quantum recording (1)

promatrax161 (913597) | more than 8 years ago | (#14229252)

How about recording the signal after it has been transmitted through some output at the other end? This bugging would not interfere with the signal being transmitted but would still record the information for transmittal later? If you are transmitting the information through a computer, I think someone will figure out how to get it.

In the preprint he says that the encryption can be broken only if the eavesdropper injects a small current into the communications channel and measures cross-correlations between various quantities, thereby determining which resistor is at which end of a communication channel (that is where the security of the method lies, in the inability of the eavesdropper to determin it without interfering). Recording a signal after transmitting it does not help you to determine which resistor is at which end.

Very interesting but what about tolerance? (2, Informative)

Anonymous Coward | more than 8 years ago | (#14229224)

What happens if a thermal fluctuation in the wire causes the loss? How can we tell this from an eavesdropper? To make this work surely the tolerances of all components need to be 0%. Nobody has ever made a 0% tolerance resistor, its a purely theoretical component. Which makes me wonder if this has actually been tested in the lab. Perhaps I'm missing something?

Why must non-cryptographers be so dumb? (3, Insightful)

khaydarian (848707) | more than 8 years ago | (#14229229)

There's so much wrong with this, I don't know where to start.

First, Cryptography is hard. Even professional cryptographers with decades of experience still get it wrong -- often. Considering as this guy has essentially no previous experience (he's an EE professor), it's already near certain that he's dead wrong.

Second, he doesn't provide "absolutely secure" communications. He provides non-interceptable communications. He's totally ignoring authentication, non-repudiation, man-in-the-middle attacks, and half a dozen other very important problems. (It's also not a cipher, but we'll ignore that slip.)

He also assumes (from the abstract) that an eavesdropper can only eavesdrop by injecting current into the wire, which is blatantly false. One could easily tap the magnetic field generated by current in the wire, without drawing very much power from the wire at all.

And to top it all off, he's depending on the precise values of voltage and current, which means this is an analog system. Analog systems are notoriously difficult to build precisely -- which is why we're using digital everywhere.

This is such bad research that I can't wait until Bruce Schneier [schneier.com] get ahold of this.

Re:Why must non-cryptographers be so dumb? (2, Interesting)

osu-neko (2604) | more than 8 years ago | (#14229276)

First, Cryptography is hard.

It is. On the other hand, since crytography has nothing to do with the problem he's working on, this is an irrelevant observation.

He's totally ignoring authentication, non-repudiation, man-in-the-middle attacks, and half a dozen other very important problems.

Yup. He's also ignoring global warming, terrorism in Israel, and numerous other very real problems that are nevertheless irrelevant to the problem at hand. You appear to have misunderstood what problem he's attempting to solve, since none of this has anything to do with the specific problem he's attempting to solve.

(It's also not a cipher, but we'll ignore that slip.)

It's not meant to be. It's meant to secure communications by ensuring an attacker never hears more than one bit of it. It doesn't take a Ph.D. in cryptography to know that if an attacker can only retrieve one bit, they can't decrypt your message from it.

I'll ignore the rest of your comments, since I'm not an electrical engineer, but they don't sound particularly clueful either...

Re:Why must non-cryptographers be so dumb? (1)

promatrax161 (913597) | more than 8 years ago | (#14229289)

He also assumes (from the abstract) that an eavesdropper can only eavesdrop by injecting current into the wire, which is blatantly false. One could easily tap the magnetic field generated by current in the wire, without drawing very much power from the wire at all.

Not so sure about that. In the paper he needs to inject a stohastic current in order to be able to compute TWO cross-correlations. If you passively measure the magnetic field, how do you extract the information bit without inducing the current change in the wires?

Re:Why must non-cryptographers be so dumb? (2, Interesting)

Rich0 (548339) | more than 8 years ago | (#14229537)

How precise does this system have to be in order to detect the current loss due to an inductive tap? That has to be REALLY low. You'd probably get errors due to random EM all the time if you're depending on your signal quality being that perfect.

Re:Why must non-cryptographers be so dumb? (1)

zwad (937823) | more than 8 years ago | (#14229636)

if you read his article, its revealed that the scheme is DIGITAL not analog.

I dunno--why are you? (2, Insightful)

penguin-collective (932038) | more than 8 years ago | (#14229687)

First, Cryptography is hard. Even professional cryptographers with decades of experience still get it wrong -- often. Considering as this guy has essentially no previous experience (he's an EE professor), it's already near certain that he's dead wrong.

He is doing cryptography in the quantum cryptography sense--a secure, non-interceptable channel--not in the algorithmic cryptography sense. He is well-qualified to talk about the kinds of systems he is talking about.

Second, he doesn't provide "absolutely secure" communications. He provides non-interceptable communications. He's totally ignoring authentication, non-repudiation, man-in-the-middle attacks, and half a dozen other very important problems. (It's also not a cipher, but we'll ignore that slip.)

Again, he isn't trying to do any of those things; he is proposing a way of creating a physically secure channel, in the same sense that quantum cryptography is.

And to top it all off, he's depending on the precise values of voltage and current,

Wrong again. He is proposing a system in which resistances are altered in steps. That's no different and no more analog than any other digital system.

This is such bad research that I can't wait until Bruce Schneier get ahold of this.

Unless Schneier is an expert on electronics, Schneier isn't qualified to say anything about this.

Yes, this guy's system probably doesn't work. But, really, your response is even dumber than his proposal.

Re:Why must non-cryptographers be so dumb? (1)

zopf (897522) | more than 8 years ago | (#14229796)

I thought the same thing about using an inductive loop to measure the current flowing... you have to remember that it will increase the inductance of the wire, therefore affecting the effective resistance and the RC constant of the wire... you would have to have an amazing amplifier and a damn good Faraday cage around your whole wiretap system to get any useful results without being detected.

Which bring me to my next point: if this system were to work, it seems as though the entire wire would have to be nearly inpenetrably shielded from outside EMF. Shielding works both ways, however, so an inductive measuring device would probably be useless anyway, as the signal would never leave the radius of the wire.

Someone explain please (2, Insightful)

karvind (833059) | more than 8 years ago | (#14229250)

IT seems to me that they are assuming perfect channels which don't introduce random noise ?

FTFA: The way the eavesdropper gets discovered is that both the sender and the receiver are continuously measuring the current and comparing the data," Kish said. "If the current values are different at the two sides, that means that the eavesdropper has broken the code of a single bit. Thus the communication has to be terminated immediately."

And it also assumes that measureing equipments themselves are caliberated and identical (correct me if I am wrong on this) ? Why would anyone base a reliable equipment on "noise" which is random...

So this is what I've been hearing on the CB (1, Funny)

Anonymous Coward | more than 8 years ago | (#14229261)

I think that secret agencies have been doing this for years. What else could be the purpose of all of the gibberish I've hear on the CB band? Random speach modulated by a variable resistor. It really fooled everybody.

Re:So this is what I've been hearing on the CB (1)

trewornan (608722) | more than 8 years ago | (#14229287)

You should try listening to some of the "Number Stations [spynumbers.com] ".

Re:So this is what I've been hearing on the CB (1)

FudRucker (866063) | more than 8 years ago | (#14229400)

CB radio is the trashiest part of the radio spectrum in the universe, there are radios with echo/reverb that sound wierd, and there is also single side band that will sound garbled while listened to from the AM side, plus people with absolutly no knowledge of radios & electronics opening their radio and trying to tweak a little more power out of it only to screw them up making the AM carrier dirty and over modulating the audio that end up sounding worse than if they left them alone, so on days where there is DX/skip conditions the CB part of the radio spectrum will be a complete and total mess that is almost guarenteed to give the listener a migrane headache... do yourself a favour, sell your CB radio to any truck driver you know, and buy a shortwave reciever with single side band (SSB) and listen to the HAMs chat you will find some interesting conversations and also learn some things too :)

"Security by Obscurity" (2, Insightful)

ratboy666 (104074) | more than 8 years ago | (#14229265)

Yes, again. The attacker doesn't know which resistor is at which end. And taps the middle.

Of course, the attacker may be the receiver, in which case she KNOWS the value at one end. And that is the trivial breaking case.

Ratboy.

Re:"Security by Obscurity" (1)

Cheapy (809643) | more than 8 years ago | (#14229337)

She?

Re:"Security by Obscurity" (1)

A beautiful mind (821714) | more than 8 years ago | (#14229351)

Alice.

Re:"Security by Obscurity" (1)

Sarisar (842030) | more than 8 years ago | (#14229509)

Alice? Alice? Who the f*ck is Alice?

(It's from a song before anyone says)

Re:"Security by Obscurity" (0)

Anonymous Coward | more than 8 years ago | (#14229497)

Yeah, what's up with all the "she" in the article?

PC run amock. How distracting.

Or maybe it's purposeful so you won't realize how little practical value the whole scheme has.

Re:"Security by Obscurity" (0)

Anonymous Coward | more than 8 years ago | (#14229554)

Er, newsflash: women make up about half the world's population. (Strictly speaking, more than half.)

If you find use of the feminine pronoun "distracting", please stick to reading publications from centuries before our own.

Re:"Security by Obscurity" (1)

kronocide (209440) | more than 8 years ago | (#14229435)

Using a secret key is not really "security by obscurity"...

1. Aggie, 2. Cold Fusion, 3.?????, 4. Quantum FOO! (0)

Anonymous Coward | more than 8 years ago | (#14229304)

sigh- Aggies are upto their trix again

Would this idea defeat the system? (1)

Absolut187 (816431) | more than 8 years ago | (#14229367)

Eavesdropper wraps a wire around the communication wire, to measure the signal by induction. Would this be detectable? Or would this allow undetectable interception?

Ok, so the reason that the eavesdropper cannot decipher the message is because she doesn't know whether the sender or the receiver is using the large resistor. How much computation does it take to just guess, both ways?
Calculate each bit both ways. Yes, this will result in thousands of possibilities for each small portion of the message, but it should be easy to have the computer scan through each possibility and throw out the gibberish..

Re:Would this idea defeat the system? (2, Insightful)

kronocide (209440) | more than 8 years ago | (#14229424)

If you are to guess a 50/50 state without any clues whatever, why listen in at all? You know it has to be a 1 or a 0, you don't need to actually be connected to the system for that. So just guess away. If it works, you have just cracked every conceivable system of encryption, and no tools or physical access to the message necessary!

As for "several thousand combinations"... After the first 32 bits of information you have 4,294,967,296 possibilities, so I hope you are a good guesser. :-)

Re:Would this idea defeat the system? (3, Insightful)

DrJimbo (594231) | more than 8 years ago | (#14229586)

Eavesdropper wraps a wire around the communication wire, to measure the signal by induction. Would this be detectable? Or would this allow undetectable interception?
Yes, that would be detectable. For the same reason that we need a lot of falling water to turn the generators in hydro power plants. The energy (signal) in your wrapped wire does not come for free. It reduces the energy in the communication wire and is thus detectable.

Another way to see it: if the signal in your induction pickup were truly undetectable then we could wrap billions of similar induction pickups around the communications wire and generate electricity "too cheap to meter".

A thing about security (1, Troll)

Midnight Thunder (17205) | more than 8 years ago | (#14229389)

The best security exists in a world where nobody understands how it works or knows it exists. Taking that into account tomorrow's secure technology is secure with the knowledge and tools we have today, but may not be so ten years after the secure technology is in the wild.

The best you can hope for is being a few steps ahead of the people who want to take advantage of your provide data. This is not to say that working on security improvements is worthless, rather that you will always have to work on better technology, since nothing will be forever secure. Though in the event of a knowledge void, say after a critical war, all secure data is lost to everyone, even to the owners. A physical door is the realm of the understandable, secure data is less so.

Re:A thing about security (1)

defishguy (649645) | more than 8 years ago | (#14229483)

The best security exists in a world where nobody understands how it works or knows it exists.

Every time I listen to my wife talk to one of her friends I'm reminded of just how true this is.

Re:A thing about security (1)

marcosdumay (620877) | more than 8 years ago | (#14229743)

Good luck trying to break one time pad. Even 300 years from now. You'll also need god luck while trying to break RSA with a big enogh key if we don't make a quantum computer. Oh, I almost forgot, good luck trying to break the current used symetric criptography systems, even 30 yeas from now.

The brest seurity is not the one done with the newest technology. The best security is the one with the toghest weak link. But if you are only taking the technology into account, the best security is the one done with the technology that best survived the people trying to break it. That last definition simply exclude any new stuf, at least until it becomes old.

Re:A thing about security (1)

gardyloo (512791) | more than 8 years ago | (#14229803)

The brest seurity is not the one done with the newest technology.

      Damned right. Those hook-and-eye bras have been around forever, and I'll be damned if I can break into those easily.

Basic fact (1)

dascandy (869781) | more than 8 years ago | (#14229446)

There are two basic facts underlying encryption:

- Anything you can do, an attacker can do as well.

So, ANY possible scheme that does not have centralized control will be flawed, since I can do anything you can and can thus claim I'm you. The only way to show you're not me is by showing something that differs you from me. By showing something that differs, you know that there are two people claiming to be X. Which is real?

The fact is so basic that there were even game shows about it. "Who in the three" was based on three people sitting next to eachother, one of which was person X with actual profession X, and the other two claimed to be (and could have a different profession or something). The point was, you could only try to figure out who was being dishonest by figuring out which one lied, through sweat, slight disruption in speech and so on. Computers don't hesitate.

So, any scheme will be flawed. It either requires an existing connection between sender and receiver (which is not safe, proof by inverse induction) or is susceptible to MITM. Since you have an inverted base case, your induction case is also inverted and thus true (since you can't get the first connection safe, you can't get any subsequent connection safe).

Guess what a key signing party is for?

Communications expert or not ...? (1)

rush3k (911291) | more than 8 years ago | (#14229467)

Dr. Kish is one of my professors and a renowned expert on noise. Its indeed possible that where complex cryptography have failed, a solution outside the "box" will indeed proffer a viable solution. afterall, there's always analog solution to every problem.

Re:Communications expert or not ...? (1)

frost22 (115958) | more than 8 years ago | (#14229617)

But apparently he has not read serious cryptography texts. This stuff he presents is seriously flawed and devoid of any practical applicability. Others have already pointed out many of the theoretical flaws, so I'll add a practical one: except for very special cases nobody uses copper wires any more for a phone call from source to destination. Copper only makes up what they traditionally call the "last mile", and that mile si rapidly shrinking these days.

Also there are numerous active network elements involved in any phonme call. Serious cryptography has to be end-to-end - which is impossible this way.

Re:Communications expert or not ...? (1)

gweihir (88907) | more than 8 years ago | (#14229755)

Well, you know, since ''quantum crypto'' is basically worthless for most real world (read multi-hop) communications, I don't mind him having a better way to do something useless....

"Absolutely secure" makes security folk laugh (1)

scovetta (632629) | more than 8 years ago | (#14229487)

He said his scheme is absolutely secure...

I just stop reading at this point. Perhaps saying that it is "thought to be secure at the current state of knowledge", but if there's one thing we should have learned already, it's that nothing is absolute.

Who has the best measurement equipment? (1)

Bromskloss (750445) | more than 8 years ago | (#14229541)

What if the evesdropper has a more sensitive measurement equipment, using currents so small, the others cant see them?

Technical discussion (2, Insightful)

acaspis (799831) | more than 8 years ago | (#14229606)

Suppose Eve inserts a resistor in the transmission line. Now she can measure two voltages instead of one, and I'm pretty sure the difference in standard deviation will reveal the choice of resistors at each end of the line.

If Eve fears that her resistor might be detected, she can use the intrinsic resistance of the wire instead. Unless we assume superconducting transmission lines...

Nice try, though. This is probably related to the issue of determining who is talking when eavesdropping on a two-wire telephone line.

AC

He Seems to forget about the speed of light??? (1)

zwad (937823) | more than 8 years ago | (#14229607)

It seems to me the basis of his encryption scheme is that the circuit with two resistors act together in the circuit, and there is no way to disentangle which resistor is which? but the circuit doesnt quite act as one unit? suppose the two resistors are very far apart, then all of a sudden both person A and person B change the risistor they are using? and your at some point of the wire close to A, eavesdropping on the line, then any change you will detect in the signal you will know will be due to A only, because the resistor at B cant change the current or the voltage in circuit instantenously, it takes a finite amount of time(determined by the speed of light) for the change in voltage due to resistor B, to effect the point your listening to at A.

Measure a noisy noise signal? (0)

Anonymous Coward | more than 8 years ago | (#14229639)

The problem is that the system is based on measuring the thermal noise of a resistor. In most cases there are other noise sources which are much stronger, including the noise of the measurement system. This will limit the data rate and range of the system. It's a lucky communications engineer who only has to worry about thermal noise from a resistor!

P.S. What about transmission line effects? Passive measurements at multiple points can determine the standing wave pattern and thus the direction of current flow.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?