Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Quasars Used for Encryption

samzenpus posted more than 8 years ago | from the grain-of-salt dept.

53

space_mongoose writes "According to this NewScientistTech story, intergalactic radio signals from quasars could emerge as an exotic but effective new tool for securing terrestrial communications against eavesdropping"

cancel ×

53 comments

Sorry! There are no comments related to the filter you selected.

Woohoo (0, Funny)

Anonymous Coward | more than 8 years ago | (#15022851)

Now when I'm having a private conversation with some aliens I'll know that Bush isn't listening... woopeedoo

As one of the inventors of Encryption ... (1)

schoolsucks (570755) | more than 8 years ago | (#15022896)

This make me real happy. While I am not currently involved with encryption, I am focusing more on open source projects, reading this made my day.

Re:As one of the inventors of Encryption ... (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15024448)

Obligatory:

" Intergalactic, Planetary...
Planetary, Intergalactic " -- The Beastie Boys

Hmm (1)

DreadPiratePizz (803402) | more than 8 years ago | (#15022936)

Quasars occur when galaxies collide (or at least that's the theory). Quasars we see now are billions of years old. Now, galaxies aren't really as close together anymore, so new quasars are extremely rare. Might not be many in the distant future with which to encrypt signals.

Anybody think this seem odd? An early April fools perhaps?

Re:Hmm (1)

kerrle (810808) | more than 8 years ago | (#15022993)

Actually, the most recent theory I've read is that Quasars are simply galaxies where the central black hole is actively consuming gas and other material at the center of the galaxy, creating a hot, energetic mass around the black hole..

They only appear as quasars to us when the galaxy is pointing in the right direction.

Re:Hmm (0)

Anonymous Coward | more than 8 years ago | (#15025896)

The direction thing is from Hypernova... the nova the creates the initial black hole in the heart of galaxies. The north and south pole eject a beam of Gama rays for a few seconds... split seconds? They are the short gamma ray bursts.

Re:Hmm (1)

omnilynx (961400) | more than 8 years ago | (#15023357)

I'm fairly sure quasars are thought of as single rotating galaxies (or rather, galaxy-sized black holes) that send a beam from their poles (they blink because the beam is precessing past us). However, regardless of what they are, the "distant future" of a quasar would be on the scale of millions or billions of years; not likely to interfere with current technology.

Re:Hmm (3, Informative)

thePig (964303) | more than 8 years ago | (#15023465)

For one thing they are just using the data to create random numbers .. i.e. all.

Logic being that, any random number we create is *not* random. i.e all.
And most (all??) encryption (RSA onwards) is based on random numbers.

Even if there is only one quasar the freq of the signal at any time would be very random indeed. Even if it is as created using known scientific functions, chaos theory predict that we wont be able to regenerate the same any time soon.

For that matter, they could even use any of the natural process to generate random numbers -
Amp of any specfic freq from our dear sun, to , say the power of wind blowing outside itself, would make a good random number

They just chose an exotic one. i.e. all

Re:Hmm (0)

Anonymous Coward | more than 8 years ago | (#15024606)

What's this "i.e. all" about?

Re:Hmm (1)

NitsujTPU (19263) | more than 8 years ago | (#15025251)

I don't know, but I find it,i.e.all to be quite intriguing.

Re:Hmm (1)

jamesh (87723) | more than 8 years ago | (#15024839)

An encrypted transmission path between two parties relies on the same random data being available to both parties at the same time, which means it is either precomputed and both parties have a copy with them, or (in this case) it is a stream of data that both parties have access to in real time.

Not sure how well it would work if both parties were on opposite sides of the world though...

Re:Hmm (2, Informative)

dmatos (232892) | more than 8 years ago | (#15025419)

From the article:

Umeno believes astronomical cryptography could appeal to anyone who requires high-security communications. He adds that the method does not require a large radio antenna or that the communicating parties be located in the same hemisphere, as radio signals can be broadcast over the internet at high speed.

Basically, he just wants to use the quasars as a source of true randomness, instead of /dev/random, which, although influenced by random events, is largely computed using pseudo-random processes. The data stream from each quasar would be broadcast from a single collection point for all to use, but this to me brings up trust issues. Would you trust that single point of contact? Additionally, with enough horsepower, someone could simply record the bytestream coming from the quasar, and perform an off-line brute-force attack on any encrypted data with relative ease.

Re:Hmm (1)

LiquidCoooled (634315) | more than 8 years ago | (#15030915)

He would make more money building and selling little black boxes of randomness.
Their signals can be sent across the internet in the same way.

There are no lack of random signals available at all points in life, however communicating that randomness is the problem.

I've always thought a brilliant random key would be taking a snapshot of a range of websites at a preselected time, that way 2 individuals anywhere could have their keys.
For instance, use the article headers from slashdot.org and bbc.co.uk at 11pm GMT every thursday (arranged years ago before the friend moved abroad) allows for a randomly changing (apart from slash dupes) key which anyone would have trouble decyphering.

so... (2, Interesting)

gcnaddict (841664) | more than 8 years ago | (#15022955)

We use really fast neutron stars which generate radio waves in order to encrypt our content?

So if someone has a list of all quasars and their radio frequencies, can't they brute force the message and break it in, what, 20 seconds?

Re:so... (2, Informative)

Anonymous Coward | more than 8 years ago | (#15023028)

The idea is that its impossible to record all of the transmissions of a quasar to retroactively decrypt a previously seen message (because the quasar is emitting 10^9 or 10^12 random bits/sec)

Re:so... (1, Informative)

Frozen Void (831218) | more than 8 years ago | (#15023042)

RTFAA they use them to extract random data(noise).Good for one-time pads.

Re:so... (0, Redundant)

mboverload (657893) | more than 8 years ago | (#15023096)

This is such a stupid idea I can't even begin to express my shock.

Yeah, lets get our onetime pad data from a source that anyone can record! I mean...jesus christ.

can't btute force - intractable amount of data (4, Informative)

lordcorusa (591938) | more than 8 years ago | (#15023226)

All one time pads are recorded from random data. You record a long stream of truly random input, then make two copies of the recording. Tne sender gets one copy, the receiver gets the other. Starting at the beginning of the pad, the sender uses each bit of the pad exactly once, then discards it. When the sender runs out of bits, he can not send any more data. The receiver decrypts decrypts likewise, discarding each pad bit after it has been used once. As long as the sender and receiver start with the same pads and don't skip or reuse any bits, they stay in syncronization.

Many perfectly good one time pads are drawn off of data "that anyone can record." For example, many pads are created from atmospheric noise. Anyone can record the same data, but unless you know exactly where and when the recording was done, it is computationally infeasible to record all possibilities, let alone brute force them.

There are many, many quasars that we record in the sky. All of them give off constant streams of random data. So it would be computationally intractable to record all possibilities or brute force a particulr message, because the attacker would have to know exactly which quasar was recorded, and exactly which instant the recording began. He would also have to know exactly which bit of the pad the sender was on when the sender started sending the message that he intercepted. All theoretically possible, but computationally intractable.

Re:can't btute force - intractable amount of data (2, Insightful)

Baki (72515) | more than 8 years ago | (#15024426)

the length of the "one time pad" is large, but the number of them available? I mean the number of quasars that are good enough receivable to use for this purpose. I have no idea, but I doubt if its more than 2^32. In that case, brute force would be quite easy: just try each of the available quasar signals.:

Record the signal of each of them at time T, also record the encrypted message at time T, and try them all out in a fast computer. Then you'll know which one you need to use for the rest of the encypted source.

The number of real "one time pads" is much larger, given a decent random generator. But indeed their length is shorter, which is also good since using a one time pad for a very long time is not good if the one time pad somehow leaks.

Re:can't btute force - intractable amount of data (4, Informative)

Raphael (18701) | more than 8 years ago | (#15024859)

The length of the "one time pad" is large, but the number of them available? I mean the number of quasars that are good enough receivable to use for this purpose. I have no idea, but I doubt if its more than 2^32. In that case, brute force would be quite easy: just try each of the available quasar signals.:
Record the signal of each of them at time T, also record the encrypted message at time T, and try them all out in a fast computer.
[...]

Well, you have a big problem with your time T. How do you know it? If you do not know the source (which quasar is used), it is also unlikely that you know the exact time T used for the start of the random stream. It is unlikely that you know it with a better precision than a few seconds. If the two parties do not exchange messages frequently or do not re-negociate the start of the random stream frequently, then you may not even know T with a precision of a day.

The NewScientistTech article does not give details about the amount of data available from the quasars, but other articles mention that quasars are typically observed in relatively high frequencies (20-40 GHz). Even if the signal strength is sampled with a low resolution and only a few truly random bits are extracted from the stream, you would still have a stream of bits that is in the Gbps range. This is a reasonably large amount of random data.

So even if the number of usable quasars is rather low (say, a few thousands: 2^10 instead of 2^32 as you mentioned), you would need a lot of antennas and petabytes of storage to record all these random streams. You would have to store something in the order of 2^40 bits per second for several seconds or even days (the uncertainty on T). This is not impossible if you have a large budget, but this is difficult and expensive.

It could even be much worse than 2^40: a recent catalogue of quasars from March 2006 [obs-hp.fr] mentions 85221 of them, with new findings doubling this number every second year: 48921 in 2003 [obs-hp.fr] , 23760 in 2001 [obs-hp.fr] , etc. Let's say that 2^15 of them are usable (and that you have 2^15 antennas at your disposal). If the signal strength is sampled with a medium resolution of 8 bits at a frequency of 30GHz and your uncertainty interval on T is about one hour, you would need to store 2^15 * 2^3 * 2^35 * 2^12 = 2^65 bits of data before starting your brute force attack. Good luck!

Once you have all this data, you still have to do the brute force attack. You wrote "just try each of the available quasar signals." This is correct but you ignore the fact that the random stream is unlikely to be used as is. It will probably be used to seed a stream cypher. In the simplest case, the random stream would be hashed a couple of times before being xor'ed with the data. You will need a huge amount of computing power to perform all these operations and try each of the available signals at each possible time offset.

Note: it is unlikely that both parties can get the signal and be synchronized with a nanosecond or picosecond resolution. So they would probably negociate a time window (say, with a resolution of one second or so) and some kind of unique marker within that time window in order to know exactly when to start. If you are the attacker and you cannot know which source is used, you probably do not know the time window nor the marker. But even in the unlikely case that you would have a way to obtain one or both of these, you would still have the problem of storing the huge amount of data from all quasars until you know which part of it should be analyzed.

So although a brute force attack based on recording all qasars is not impossible, it is not really easy. And anyway, my first reaction when I started reading this story was exactly like the comment made by Markus Kuhn at the end of the article: radio signals can be parasited and it may be possible for an attacker to take control over that random stream (which would not be random anymore). So instead of attempting a brute force attack, I would try to hijack some other parts of the system.

Re:can't btute force - intractable amount of data (1)

after fallout (732762) | more than 8 years ago | (#15031127)

30 Ghz = 30 billion times per second, 8 bits each time = 240*10^9 bps
240,000,000,000 bps * 3600 = 864,000,000,000,000 bits of data
That is over 2^49 possible starting points for one antenna, given an hour of uncertainty

With 2^15 antennas you now have 2^64 possible starting points.

This still doesn't take into account that if 2 people are sampling the same random data at the same frequency they need to pick the data at exactly the same time. One person's 30 Ghz sample could be offset from another person's 30 Ghz sample. For example if person A captured at 12:00 and 500 picoseconds and person B began sampling at 12:00 and 750 picoseconds, the analog signal they are sampling from could have changed in those 250 picoseconds time.

More likely the 2 parties will decide on several things: the quasar, the starting point, and the frequency; they would then need to agree on an algorithm to ensure they are recording the same data (at some high probability, because it is possible they record the same numbers for some period of time and then (because they were not on the same stream) suddenly begin recording different numbers).

Supposing the eavesdropper could get the starting timeframe down to an hour, know the quasar, and the frequency of the transmittion, they would need to gather the possible pads from the quasar at a very high frequency (many multiples above the frequency of the transmittion) and then downsample it to the frequency of the transmittion and check if it gives a valid message. On a 30 Ghz transmittion a 4800 Ghz sampling from the quasar may be required to ensure close enough values that an error correction will be able to discover the plaintext.

Needless to say, a quasar would certainly provide enough random data to be used as a very secure encryption mechanism. The reason this hasn't been done already is precisely the comment about radio signals at the end of the article. If 2 parties were communicating via this encryption and another wanted to listen in (and had the capabilities of launching hundreds of satellites) it would be fairly simple to bombard the communications facilities of the 2 parties with a radio signal that appears random enough, but the eavesdropping persons would know the signal is not random and could create it to decrypt any message. I could just imagine sending the first couple billion digits of pi over and over again at 120 Ghz would be enough to make it look random for a while (while still making it easy enough to crack).

If this person has managed how to get around that problem, then we may have a good new encryption.

Re:can't btute force - intractable amount of data (1)

shadowbearer (554144) | more than 8 years ago | (#15031490)


  Wow. Thanks for the explanation.

  That there is a damned brilliant idea. I wonder if there are any easier to observe atronomical sources that would be just as good? Neutron stars, perhaps? (strip out the pulses and use the noise and pulse variations?)

SB

Re:can't btute force - intractable amount of data (0)

Anonymous Coward | more than 8 years ago | (#15032363)

Hmmm... Neutron stars are known to have pulses that are as precise as some of our best clocks. So I doubt that they could be used as a source of random noise. If you strip out the periodical signal and use what is left as noise, you may end up measuring the noise generated by your own measurment appartus rather than the one generated by the neutron star.

Re:can't btute force - intractable amount of data (1)

shadowbearer (554144) | more than 8 years ago | (#15039863)

Ouch. Good point. The reason I suggested neutron stars is that they are much easier to observe with a small aperture radio "scope", but you're right about the variations likely being inside the limits of the scope for a consistant neutron star.

  Perhaps radio-loud neutron star / binary systems? That fulfills the easy to observe requirement and the signal synch, I think.

SB

so how is this better... (2, Insightful)

mu22le (766735) | more than 8 years ago | (#15024707)

...than using the noise from your soundcard disconnected mic?
It is just as random and does not require a radiotelescope the size of a small house...

If I wanted gigabytes of random noise... (1)

meringuoid (568297) | more than 8 years ago | (#15025312)

... I'd point a Geiger counter at some uranium.

Radioactivity is about as random as you'll get in this universe, and it sure beats setting up a huge dish on the roof of the NSA building and pointing it at some quasar...

Re:If I wanted gigabytes of random noise... (1)

mu22le (766735) | more than 8 years ago | (#15025704)

Johnson-Nyquist noise [slashdot.org] is just as random as radioactivity, they are both of quantum origin.

Re:If I wanted gigabytes of random noise... (0)

Anonymous Coward | more than 8 years ago | (#15029615)

[slashdot.org] is just as random as radioactivity, they are both of quantum origin.

Heh.

Re:so how is this better... (2, Informative)

Raphael (18701) | more than 8 years ago | (#15025337)

using the noise from your soundcard disconnected mic? It is just as random and does not require a radiotelescope the size of a small house...

There are two problems:

  • It is not just as random. The electrical noise amplified by your soundcard may be influenced by what you are doing on your computer, for example.
  • It does not allow two parties located far away from each other to get the same signal at the same time (or almost the same time). The nice thing about quasars is that anyone on Earth or in space can record their signal. Your soundcard is tied to your machine and cannot be used by anyone else.

Having a source of noise such as a disconnected sound card or a CCD sensor in a black box can be useful in cryptography if you want to generate truly random bits. But this is not the only thing that this article is about: the signal from the quasars can be received by both parties, which provides a good one-time pad.

Re:so how is this better... (1)

mu22le (766735) | more than 8 years ago | (#15025726)

mhm (no, I did not read TFA), how is this more sure than a one time pad? You have to agree on the time window to use as pad, witch is conceptually identical to exchanging the pad itself.

The only point is that the attacker need a telescope...

Re:so... (1)

mboverload (657893) | more than 8 years ago | (#15023118)

> RTFAA they use them to extract random data(noise).Good for one-time pads.

No, not good for "onetime pads". Since BOTH parties have to get the exact same signal, it can not include random noise. If it does not include random noise, then anyone can record the quasars and see what fits.

Even then, I'm sure using simple geometry and an ultra-precise laster rangefinder anyone could figure out where the dish is pointed.

Re:so... (4, Informative)

B3ryllium (571199) | more than 8 years ago | (#15023204)

The KGB used CBR (Cosmic Background Radiation) to produce reams and reams of codebooks/ciphers. They would create two copies, and dispatch one of the copies to the remote location for encryption, then keep one copy at Lubyanka Square.

Obviously, if one side of the cipher was intercepted, then the communication would be suspect - but for most communication, it was the most secure available to them. I don't see this quasar issue as being much different than that.

Now, if they were using quantum states to dynamically generate the ciphers in two seperate places at the same time, THAT would be something to behold.

Re:so... (1)

techno-vampire (666512) | more than 8 years ago | (#15024087)

Even then, I'm sure using simple geometry and an ultra-precise laster rangefinder anyone could figure out where the dish is pointed.

Which dish? It'd be easy to set up an array of dishes, each following a different quasar. Second, exactly when does the recording start? Third, unless you intercept every single communication, you're not going to be in sync with the incription.

Re:so... (1)

Beryllium Sphere(tm) (193358) | more than 8 years ago | (#15024275)

You're thinking of pulsars, I believe. Neutron stars that blip out a radio pulse with every rotation are pulsars.

Quasars are currently believed to be massive black holes at the center of young galaxies which accelerate the incoming matter swirling to its doom up to relativistic speeds. The result is a broadband and powerful noise source.

Pulsars for position-finding (1)

FleaPlus (6935) | more than 8 years ago | (#15023438)

This reminds me of a proposal I saw to use pulsars as a sort of "Interstellar GPS," making use of their signals to determine one's location. The description from Selenian Boondocks: [blogspot.com]

The other [Microcosm proposal] that appeared even more interesting to me was the idea (which I'll dub X-ray Pulsar Positioning System [smad.com] or XPPS for short) of using naturally occuring signals from X-ray Pulsars to provide positioning and attitude data anywhere in the solar system, not just inside the orbit of existing GPS satellites. If something like that works, it could make interplanetary navigation substantially easier, much as GPS has made terrestrial navigation so much easier. GPS is really convenient, and it would be nice to get even some of the benefits of it without having to pay the huge infrastructure costs of setting up systems like that around every interesting planet or moon that we want to settle in the future. All that said, this is just a Phase I SBIR, and it would be interesting to know more about how they were actually planning on doing this. Anyone have any thoughts?

Re:Pulsars for position-finding (0)

Anonymous Coward | more than 8 years ago | (#15024609)

Uhhh... This may be a trifle off topic. Pulsars (thought it was quasars? not the same thing) for a GPS-like function? There is at least one BIG difference between GPS and celestial random bit sources. That is that the bit stream received from GPS is completely predictable and the sequence recovered from these celestial sources is supposed to be completely unpredictable. The information gained from a GPS signal is not so much the message itself as it is the time when the message was received.

'sides, the main characteristic of pulsars is their regularity - indeed the outright coherence of their signal was initially thought to be evidence of an extraterrestrial technological civilization! I sure like to know how anyone expects to get a high bandwidth random sequence out of that!

Re:Pulsars for position-finding (1)

FleaPlus (6935) | more than 8 years ago | (#15024846)

Uhhh... This may be a trifle off topic. Pulsars (thought it was quasars? not the same thing) for a GPS-like function?

The similarity is that they're both unexpected applications for astrophysical phenomena.

That is that the bit stream received from GPS is completely predictable and the sequence recovered from these celestial sources is supposed to be completely unpredictable. The information gained from a GPS signal is not so much the message itself as it is the time when the message was received.

'sides, the main characteristic of pulsars is their regularity - indeed the outright coherence of their signal was initially thought to be evidence of an extraterrestrial technological civilization!


Right. Which is why one might want to use pulsars (not quasars) as timing signals for GPS-like position-finding.

Doh! (1)

sonicattack (554038) | more than 8 years ago | (#15024790)

Depending on foreign stellar radio sources would be a bad idea in the event of an intergalactic war against the Frzznots, as they will immediately toggle the "private" switch on their XPS system, which they installed there in the first place.

Don't blame me.

uh (4, Insightful)

sentientbrendan (316150) | more than 8 years ago | (#15023675)

There doesn't seem to be anything special about a quasar here... essentially all they are saying is that large amounts of random data can be used for quick and easy one time pad encryption, which to my knowledge is unbreakable, although I am not particularly well versed in cryptography...

For those that don't know, the idea behind a one time pad is that your key is random, and the same size as the data being sent. For example, if binary data is sent, simple xor encryption can be used as follows

unencrypted data: 10110000
pad data : 10111001

xor the pad against the key and you get

encrypted data : 00001001

xor the same pad against the *encrypted* key again to get

original data : 10110001
tada

One time pads have two major problems
1. Both parties need the key.
2. The key is large, thus cumbersome to carry around and likely to be discovered.

Problem 2 can be solved, while losing some randomness, by using a popular book as the pad. Then you could just head down to the library and check out catcher in the rye, or whatever book you agreed upon beforehand, and begin decoding.

I suppose that this could be used in conjunction with public key cryptography, so that public key cryptography is used to encrypt the coordinates of the quasar you want to use... but I really don't see why you need the quasar at all. Also, aren't there only 12,000 of them visible? If this technology became widespread and quasars were persistently used as sources of random data... someone with enough resources could just monitor them all and decrypt any data transmitted by checking it against all the data received from pulsars at that time.

One time pads (4, Informative)

Beryllium Sphere(tm) (193358) | more than 8 years ago | (#15024356)

They are indeed unbreakable, with a theoretical proof of unbreakability -- in the land of spherical horses [inflection-point.com] , where you're allowed to make huge assumptions.

One underappreciated assumption about one-time-pads is that the recipient will (and can!) destroy the keying material after use so thoroughly that the adversary can't reconstruct it. There are several other issues, of which key distribution is one of the easiest. Just put a 500GB external drive in the diplomatic bag once and you've covered communications for a long time.

Here's the problem. The only things secret here are which quasar (13, 14 bits of uncertainty), when the sampling started (?? There won't be very many possible seconds that the adversary has to scan but sampling could start on a fraction of a second), and the sampling algorithm (but you have to assume in crypto that the adversary knows your algorithms). It's going to be easier to brute-force than a 6-word Diceware [diceware.com] passphrase unless atmospheric effects somehow make the quasar signal look different everywhere on earth.

Re:One time pads (2, Funny)

jamesh (87723) | more than 8 years ago | (#15024829)

Additionally, there may be filtering of the signal to select various frequency ranges, which would change the random sequence it produced (although may not matter if you could capture the whole signal anyway, but you'd need to know it to actually do the decryption)

Anyway, once i've figured out all the parameters, all I need to do is send a box away from the origin of the quasar faster than the speed of light, so that it can effectively go back in time relative to the signal and capture it.

I believe that this will be the big outcome of faster than light travel - breaking quasar keyed encryption.

(kidding of course :)

Re:uh (1)

Ckwop (707653) | more than 8 years ago | (#15024819)

which to my knowledge is unbreakable, although I am not particularly well versed in cryptography

That's right, it is unbreakable - provided you never use the same key twice. And here's why:

Any message is a series of bits which can be represented as a number. Any key of the same length is a series of bits that can be represented as a number. Therefore, we can define the following function that operates on the entire message at once:

CipherText = PlainText XOR Key

The first thing to notice about this construction is that for a fixed plain-text every given key maps to exactly one cipher-text and for any given cipher-text there is exactly one key. In fact, it doesn't matter which parameter you fix be it plain-text, key or the ciphertext. There will always be a one-to-one mapping between the two values you didn't fix.

This leads us straight to our first fact. If you have zero knowledge of the contents of the plain-text then it is impossible to work out the plain-text with the cipher-text alone. This is because if we try every single key then eventually we will step through every possible plain-text of that length. From compressed archives of your favourite porn star to the names of all the CIA secret agents. So given that every possible plain-text is a valid decryption, which plain-text is the correct one? Well every key is equally likely since it was selected at random from all keys of that length. There is no way to know.

It should now start to dawn on you that even with a known plain-text attack, the construction is still secure. Suppose you knew that the first words of my encrypted message were: "Make sure you are at the station with the drugs at " and you wanted to work out from the rest of the message. It's quite clear that the end of the message is a time, or perhaps even a word like "Dawn", "Dusk", "Midday" etc. You say, ah ha, we could step through each key that decrypts to a time or date and recover the correct decryption! Wrong! The problem is that there will be a key that decrypts to every possible date, time and word. The question is, how do you decide which is the correct one?

This is the crux of the proof of security. The key won't give you any information because each of the proposed keys decrypts to a valid plain-text, moreover, each key is equally likely to have been selected as the real encryption key. You're stumped! There's no way to work out the proper date time from the information available to the attacker.

What happens if you reuse the key? You get no security. The proof of security for the one-time-pad comes from the fact that the pad is selected at random. The chances of you picking two pads at random and getting exactly the same pad are so small that we would be safe to round it zero. You can break messages protected by reused pads with a pencil and paper.

Given the fact that, when used properly, one-time-pads are unbreakable why don't we see them in common useage? Well say you had a communications channel with your friend you want to share secret data with. In order to secure the conversation you need to give him a pad equal in length to the message. This requires a secure channel to exchange the key on which has the same capacity as the message itself. Given that, why not just exchange the actual message rather than the key? It doesn't make a lot of sense.

One-time-pads are useful where you want to time-shift your secure channel. Say I have a secure channel today (I'm meeting up with you in the pub and exchanging a CD) and it's gone tomorrow (I'm moving to the USA) - The one-time pad alllows me to take the secure channel I had yesterday to secure the channel I have today. This is why lots of spys used to use one-time-pads. For them, it makes sense.

Simon

Re:uh (1)

Dachannien (617929) | more than 8 years ago | (#15025107)

This is why lots of spys used to use one-time-pads.

Believe it or not, there are still quite a few espionage-related radio transmissions - numbers stations [wikipedia.org] - in use today, particularly by Israel (Mossad), the UK (MI6), Cuba, and others. The transmissions consist of lists of numbers being read aloud (the process is usually automated today rather than read by an actual person), and it is assumed that the lists are messages encoded through the use of one-time pads. While the stations still exist and still transmit, their schedules aren't nearly as regular as they were during the Cold War, and many of the messages are short and of the same length, most likely indicating that nothing's going on.

See also http://www.simonmason.karoo.net/page30.html [karoo.net] , which has recordings of such transmissions near the bottom of the rather poorly organized page.

Re:uh (2, Funny)

Threni (635302) | more than 8 years ago | (#15025081)

>unencrypted data: 10110000
>pad data : 10111001
>
>xor the pad against the key and you get
>
>encrypted data : 00001001
>
>xor the same pad against the *encrypted* key again to get
>
>original data : 10110001

The final step is to subtract 00000001 from the decrypted data...

Re:uh (1)

yarbo (626329) | more than 8 years ago | (#15028234)

books are terrible sources of random for a one time pad. All you have to do is drag around some common words like "the" and then you'll start to get the plaintext/ciphertext. IIRC, this approach is called crib dragging. With a little guesswork (which a professional is capable of), they can figure out the source book in no time.

Lava Lamps (2, Interesting)

spiralscratch (634649) | more than 8 years ago | (#15024348)

What, lava lamps [wired.com] aren't good enough anymore?

Overlords (1)

Elitist_Phoenix (808424) | more than 8 years ago | (#15024648)

Ladies and gentlemen, uh, we've just lost the picture, but what we've seen speaks for itself. The Corvair spacecraft has apparently been taken over- 'conquered' if you will- by a master race of giant space quasars. It's difficult to tell from this vantage point whether they will consume the captive Earthmen or merely enslave them. One thing is for certain: there is no stopping them; the quasars will soon be here. And I, for one, welcome our new electron overlords. I'd like to remind them as a trusted slashdot personality, I can be helpful in rounding up others to toil in their underground fiber optic cables.

Quantum entanglement? (2, Interesting)

CrosbieFitch (694308) | more than 8 years ago | (#15024977)

If Quasars are correlated photon emitters, then perhaps they can be used for encryption in the same way as quantum entanglement is used already?

All you have to do is ensure that both commnuicating parties sample ENOUGH of the particles arriving at earth, and presumably enough of them will be entangled such that any other observer would have a statistically observable effect on their communication, i.e. detectable as an interceptor.

OK, that's sounds hopeless.

How about if there was one day found to be a way of communicating via entanglement? Then perhaps quasars might well be great sources of entangled particles.

Remember, science is not advanced by claims of "Impossible!", but by "I wonder if..."

proof of alien life? (1)

PermanentMarker (916408) | more than 8 years ago | (#15025124)

So there is at least proof of alien life, look in the sky they abondoned their cryptograpic devices in space. (we call quasers)

But what if they didn't left them, they could decrypt everything we send. Since they hold the master scramble key.

ohno I smell an evil alien ufo story here..

Wow! (1)

Illbay (700081) | more than 8 years ago | (#15025129)

Talk about new uses for old equipment [wikipedia.org] .

Attacks on quasar encryption (1)

mysticgoat (582871) | more than 8 years ago | (#15026014)

If this were done (using quasar emissions as a random number source for encryption), what would prevent a third party from surreptitiously generating pseudonoise locally that would mask the quasar emissions? I.e.:

Assume a spy Alice and her controller Bob are both based in the city Xerces, and are using quasar emission encryption [QEE] (I'm copyrighting that acronym-- you have a non-exlcusive license to use it in any way you want). If Xercians broadcast an apparently random stream that drowned out the quasar emissions that Alice and Bob were using, they could break the QEE if they could also learn the method of synchronization that was being used. Even if they were unable to break the QEE, they could assure that QEE messages failed by broadcasting their own "noise" over just Bob's area or just Alice's area (so Alice and Bob would not be receiving the same QEE code).

I do think the idea of having a universally available true random number generator is fantastic! (That would be a QTRNG-- copyright by author, all rights hereby released under non-exclusive license to everybody.) Building a radio receiver tuned to a quasar wouldn't add much to the cost of a PC and having true randomness on tap on desktop machines would open up a lot of new possibilities for Monte Carlo simulations, games, etc. Coupled with access to a third party clock [time.gov] , it would be possible for multiple computers to be using the same random number stream, which could lead to some very interesting things. This is all very good, and I want to see it happen.

(BTW, these methods cannot be patented since as you read this, the above paragraph becomes prior art in the public domain.)

I think that QTRNG could lead to some really interesting applications where the security of the random number stream isn't a big concern, but I don't see how an effective QEE could be developed.

Main key not the stream, but the star? (1)

ehud42 (314607) | more than 8 years ago | (#15028272)

(Disclaimer: I have not rta)

Isn't a problem with one time pads transmitting the large keys without raising suspicion? A smaller key can be embedded / transmitted without being detected (I realize this is security through obscurity which the purists will tear apart - but I'm sure its used more often then we realize). The smaller key could simply be the quasar and time to start recording the one time pad. Then both parties each have the key that is ultimately used to encrypt the message.

Isn't this a little bit like the PGP algorithms which use strong, hard to do RSA keys to encrypt a simpler key used to encrypt the message?

Radio Signals from Space (1)

CoolHnd30 (89871) | more than 8 years ago | (#15029053)

intergalactic radio signals
What? We've actually discovered radio signals from space? ..and I thought my 50k seti@home packets had just been a waste of time....
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>