Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Science

Quantum Cryptography Systems Commercially Launched 181

prostoalex writes "NY-based MagiQ has now started commercial shipments of its quantum cryptography systems, which it claims is the first commercially available device of its type. Apparently, 'Quantum cryptography goes a step further than electronic cryptography through its employment of a stream of photons, the quantum properties of which determine the key. The fun part is that if an intruder observes or intercepts the transmission, those properties get changed'." We've previously run stories on advances in quantum cryptography.
This discussion has been archived. No new comments can be posted.

Quantum Cryptography Systems Commercially Launched

Comments Filter:
  • Who uses this? (Score:2, Insightful)

    This is one of those really cool things that doesn't really have a market ready for it.
    • Terrorists (Score:2, Insightful)

      by hajejan ( 549838 )
      I know. You didn't want to hear that. But criminals, terrorists and other government agencies are the first to use this type of technology.

      Kind of like the whole quantum computing thing. We sit around on projects like distributed.net trying to crack a 64 bit key. Nobody knows if the CIA has a quantum computer already, and nobody knows if they are having a laugh at our efforts, while they are able to crack any key in a matter of hours / days.

      In other words: Quantum cryptography, which by the very nature of
      • Criminals & Terrorists? If only we were so lucky! Heh... I imagine that this technology requires dedicated fiber, so you can only communicate from point A to point B. Remember that we were trying to track Osama Bin Laden by his cell phone. If he had to go to a specific, fixed location every time he wanted to make a phone call, we'd have got him by now.

        -a
  • by DKConstant ( 307421 ) on Thursday November 06, 2003 @04:24AM (#7405260)
    I tried to read the article, but I couldn't find the bloody thing! I'm used to that though, but the part that boggles me is, "Was this the standard Slashdot Effect or was it Heisenberg's Uncertainty Principle?"

    More worrying: Are they somehow related?

    I'll leave that one to deeper minds.
    • by KDan ( 90353 ) on Thursday November 06, 2003 @05:26AM (#7405456) Homepage
      And the unbelievably fuzzy sense of humour of slashdot moderators strikes again. It's weird how all you need to post to get modded +5 funny is something that *looks* like a joke. It doesn't actually have to be a joke or be funny in any way, so long as it has the right general shape or form and the appropriate keywords, it will be modded +5 funny.

      I actually tested this at one point. Here [slashdot.org]'s the post I made. Thoroughly unfunny, no matter how twisted your sense of humour, but kind of looks like a joke. And of course it got modded +5 funny. Do slashdot mods mod it up out of fear for their own intelligence? Thinking maybe they're just not getting the joke but it's actually really funny because it looks like a joke?

      Who knows. I'd be interested in finding out. Any thoughts anyone?

      Daniel
      • by KDan ( 90353 ) on Thursday November 06, 2003 @05:56AM (#7405538) Homepage
        Bah, who's the evil mod with a twisted sense of humour who modded my post +1 funny? Come out and fight fair!! :-P

        Daniel
      • The problem is that slashdot's moderation system encourages a result that looks like "the moderators as a whole thought that this was /really/ funny" when the cause is just "five different people saw this and gave it a funny moderation".

        Thus the key to high karma: post replies that are likely to get some positive moderation (any at all) to articles that are posted early. Getting modded up rarely has anything to do with quality - it's all about getting in front of the moderators, which is all about appeari
        • what would be nice, is if slash had the ability to store two comment view preferences: one for when you are not moderating and one for when you are. That way it could automatically switch to nested, newest first when modding.
  • The cat (Score:4, Informative)

    by acehole ( 174372 ) on Thursday November 06, 2003 @04:27AM (#7405267) Homepage
    For those in the audience that dont get the 'I-lost-my-cat-dept' it's in reference to Schrodinger's cat, a quantum theory of superposition. You can find what it's about here. [techtarget.com]

  • Ok, I've read the article, but there is one thing I would like to know.

    How can you have quantam cryptography without a quantam processor... or... how does it work?

    • Quantam cryptography is based on the transmission of the encrypted information, not on the actual encryption of it
      • Re:How (Score:2, Informative)

        by OP_Boot ( 714046 )
        Nonsense. QC doesn't care in the least how the encrypted information is transmitted. Nor does it even care too much about how it is encrypted. If you look at the company's website it clearly shows diagrams with the data going along one path, and the (quantum) key going along a dedicated path. It's all about the transmission of the KEY. The key is transmitted in such a form (individual polarised photons) that it is impossible to intercept the key without changing it.
    • From Wikipedia [wikipedia.org].

      It is possible to send light that is in a superposition of states down a fiber optic cable. Placing a wiretap in the middle of the cable which intercepts and retransmits the transmission will collapse the wavefunction (in the Copenhagen interpretation, "perform an observation") and cause the light to fall into one state or another.
  • by Anonymous Coward on Thursday November 06, 2003 @04:28AM (#7405273)
    Startup MagiQ Technologies Inc. yesterday announced it's shipping what appears to be the first security system based on quantum cryptography (see MagiQ Ships Quantum Crypto ).

    Quantum cryptography goes a step further than electronic cryptography through its employment of a stream of photons, the quantum properties of which determine the key. The fun part is that if an intruder observes or intercepts the transmission, those properties get changed -- an unavoidable principle of quantum mechanics -- meaning the sender and receiver can tell if anyone is eavesdropping. Perhaps more important, the key can't be copied or faked (see Optical Science Gets Spookier and Quantum Cipher Sent by Fiber ).

    It's a potential breaththrough, though working with photons has never been easy, and, as the optical networking bubble has shown, it can be an expensive way to build technology.

    MagiQ's Navajo system, a box made to fit in a standard telecom rack, was unveiled in February and began beta trials in March (see MagiQ Demos Quantum Cryptography ).

    MagiQ says Navajo performs the usual triple-DES and AES encryption standards. What's special is the transmission of the key, a string of random bits used to decipher messages. Computers normally use a random number for the key, producing encryption schemes that could be broken if enough computing power were made available.

    "There's a big vulnerability people see, because optical fiber is very easy to tap," says Bob Gelfond, MagiQ CEO, citing one carrier that was finding taps in its Manhattan office "several times a week."

    Using a quantum crypto scheme can defend against such taps. In addition to the obvious government and military customers, quantum cryptography is finding interest in the financial sector, for protecting backups or real-time traffic. Another target market would be any industry needing to protect intellectual property -- not just high-tech firms, but businesses such as automotive firms or tire manufacturers, Gelfond says.

    But the real market may be the carriers themselves, he notes, simply because they're looking for revenue sources. Quantum cryptography could become a premium service for them. With that in mind, MagiQ is aiming for a price -- around $50,000 to $100,000, depending on features -- that's comparable to other add-ons such as VPN boxes.

    Several other companies are working on quantum cryptography, but few appear to be interested in selling a complete system. Swiss firm ID Quantique is trying to commercialize quantum cryptography but so far offers only components such as a photon detector. ID Quantique recently partnered with other Swiss firms to expand its work into a quantum cryptography infrastructure (see Partners Promote Quantum Cryptography ).

    Elsewhere, large companies, including IBM Corp. (NYSE: IBM - message board), Mitsubishi Electric Corp., NEC Corp. (Nasdaq: NIPNY - message board; Tokyo: 6701), and Toshiba Corp. (Tokyo: 6502 - message board), are investigating the area more as a research project, with promising results but no products planned for the near future. "The big guys doing the research are not coming out with anything for a least a couple of years, as far as we know," Geldfond says. (See NEC Transmits Quanta , Japanese Claim Transmission Record , and Mitsubishi Creates Quantum Crypto .)

    So, while MagiQ isn't alone in pursuing quantum cryptography, the company's taken a different approach. "Where we started to break new ground was in putting the engineers into the mix, guys who had substantial experience -- Sycamore guys, Tektronix guys," Gelfond says.

    MagiQ employs 22, with offices based in New York. Founded in 1999, the company has been powered by roughly $6.9 million in angel funding (see Quantum Crypto Company Launches ).

    In addition to Navajo, MagiQ is offering a box that only generates the quantum keys, intended as a tool for research outfits and universities.

    -- Craig Matsumoto, Senior Editor, Light Reading
  • Ummm... (Score:5, Insightful)

    by chill ( 34294 ) on Thursday November 06, 2003 @04:30AM (#7405280) Journal
    The setup consists of two rackmount units connected by both optical and Ethernet cables.

    So... do the boxes have to be close enough to run the optical cables directly? Can the signal be regenerated or amplified without disturbing the photons? (I doubt it.) How about sending the photon stream through a DWDM switch? (Again, I doubt it.)

    If the pair of boxes has to be in the same building, that isn't going to be a big seller. Bob would just walk down and HAND Alice the data.

    Nice PR stunt, though.

    Oh, I really want to know what telco is finding multiple taps a week to their optical fibers. I really smell bullshit here.
    • It says here [magiqtech.com] that the maximum 2 of these can span is 120km. They also say a bit farther down that if you wanted it to go farther, you could daisy chain them together.
    • Yup, there would have to be a direct optical link. The ethernet could go through any ethernet though (internet for example).
      Of course you can get quite long optical cables without a repeater. So for example a few companies in a financial district could use this to safely link their systems. And linking two offices some 100 km apart isn't impossible either. Yes, it's ridiculously expensive, but the people that need this kind of security usually have money to burn anyway.
    • Not only a PR stunt. The basic idea is that it breaks the principle that any encryption system for transmitting data must be sufficiently powerful to ensure that the expected cost of breaking the encryption is greater than the value of the data being transmitted. Using quantum encryption for data transmission means that in principle, you can send data of an arbitrary value over the link, as there is no known theoretical way for any third party to listen in on the transmission - i.e., you don't have to worry
    • Can the signal be regenerated or amplified without disturbing the photons? (I doubt it.)

      From the description of the system it seems that they use superposition of polarization of photons. Any measurements across the path of the photons would destroy the superposition. Therefore, any amplifier that transforms optic data into electric data and back into optical would destroy the quantum state. However, purely optical polarization maintaining amplifiers exist [pritel.biz] and they might preserve the superposition.

    • Won't work... (Score:5, Informative)

      by dido ( 9125 ) <dido@NoSpAM.imperium.ph> on Thursday November 06, 2003 @05:32AM (#7405469)

      I don't think amplification is going to do you good. If this implements the first quantum key exchange protocol, designed by Gilles Brassard and others (notably this is the easiest one to implement using present-day technology so far), they actually work by transmitting single photons one at a time, with the transmitter whom we shall call Alice (the one generating the key to be used for your subsequent symmetric cryptography) controlling the polarization. The recipient of the photons (Bob) then measures the polarization, then depending on whether the answer was correct or not decide what the value of the key bits should be. Doesn't matter if Eve is able to eavesdrop on the classical channel where they're communicating about polarization methods, Brassard and his colleagues showed that she will not be able to gain any information about the key Bob is receiving from there. If Eve tries to tap into the photon stream she'll be noticed by Alice and Bob because of the way her measurements are affecting Bob's measurements... Anyone feel free to correct me on this, I don't have Brassard's paper with me on hand at the moment and can't find it on the web, so I've been just going by it from memory.

      (in case you haven't yet noticed, this quantum cryptographic protocol, like most the others I've come across, is a key exchange protocol that works as a replacement for Diffie-Hellman or something similar).

      The upshot is that the fiber cable here will be from the point of view of conventional fiber optic equipment a dark fiber. Light intensity is so low that only specialized equipment can detect it. Anything else inside the fiber, be it an amplifier or a DWDM switch, or whatever else, won't recognize the transmission and may do something totally unexpected that breaks the protocol. Bob could always be reading the wrong polarization, and hence Alice would have to keep discarding key bits. However, apparently there are excellent fiber cables that can go for several kilometers and still maintain the kind of integrity required for the protocol (IIRC, Brassard mentions somewhere that as early as 1996 someone actually built a real setup employing his protocol, over a 15km fiber optic cable).

      Other quantum key exchange protocols I've come across are noticeably similar, and suffer from the many of the same limitations.

      The only use that I can see for this is if you're someone with the resources to lay your own fiber around, say if you have a large complex covering several acres, and are more paranoid than the NSA. There is a market, I think, but that market looks more like the military and intelligence agencies of large industrialized nations. Building such an infrastructure could cost billions, even if you all you wanted to do was securely interconnect several dispersed branch offices in one large city...

      • Brassard's paper (Score:4, Informative)

        by dido ( 9125 ) <dido@NoSpAM.imperium.ph> on Thursday November 06, 2003 @05:47AM (#7405513)

        By the way, I've found a link to the paper I mention above. It's the paper by Charles Bennett, Francois Bessette, Gilles Brassard, Louis Salvail, and John Smolin, "Experimental Quantum Cryptography [nec.com]" (Citeseer link).

      • A few kilometers of dark fiber would be enough for some clients. There are pockets of industry in many cities: Financial districts, banking districts, etc. So this would be good for big brokerage houses transferring funds in downtown Manhattan.
      • Eve can only be detected if she tries to eavesdrop on the line, not if she sits in the middle doing her own quantum key exchange protocol. The only way around this is to have Alice and Bob authenticate themselves against each other. Which is not possible with quantum crypto yet, so you have to use public/private key crypto.

        When you have to use public/private key crypto, there is no reason to use quantum anymore, since a chain is as strong as it's weakest link so quantum crypto is worthless - QED

        --Blerik
        • Right. But well, some people have attempted to develop quantum authentication protocols [perimeterinstitute.ca] like this one [arxiv.org], this one [nist.gov], and this one [mit.edu]. Dunno if the device in question does any of them, or even if any of them are actually practical to use with today's technology. If the device in question doesn't use quantum authentication of some kind, well, they're selling snake oil, but I wouldn't dismiss the whole concept of quantum cryptography out of hand totally the way you seem so ready to.

        • Claiming this is useless because it falls to man in the middle attacks is totally false.

          Firstly, noone is saying QKD is perfect, or secure from highly sophisticated MITM attack, or anything of the sort. It claims to be secure from what amounts to a wiretap, which it entirely is. It is also secure from anything but the most sophisticated and perfectly executed MITM attack, because of the fragile nature of the quantum communication.

          The only way the BB84 protocol can be subverted by a man in the middle att
      • My notes [doosh.net][pdf,344k] on the subject, a nice table if I do say so myself.

        ps: strange:
        -rw-r--r-- 1 yarn staff 344111 Nov 6 11:56 Cryptonotes.pdf
        -rwxr-x--x 1 yarn staff 309915 Jul 28 2002 notes.pdf

        The original (notes.pdf) is from dvipdfm, the selected page were extracted with MacOSX Preview.app. Must be some poor creation routines there.
      • I don't know if you guys have noticed this, but that darned Eve has been causing a lot of trouble since Applied Cryptography came out. I think at this point, we can label her a terrorist, and have her investigated.
    • Possibly might be useful in foreign capitals, to run between the embassy and the comms shed or the embassy and employee houses in the nearby compound.

      Can't see many other uses for it at the moment, but it's early days.
    • If i understand correctly (and im not certain that I do - im just reciting my memory/limited knowledge here), the basics if quantum cryptography is this:

      Using the quantum states of photons, you are able to encrypt information that cannot be intercepted; by observing the photons you are altering them, rendering the information useless.

      This is a very fragile process, since a lot of things can influence the photon stream. There's no guarantee that the information will make it to the receiver, but thats not t
    • Re:Ummm... (Score:3, Insightful)


      If the pair of boxes has to be in the same building, that isn't going to be a big seller. Bob would just walk down and HAND Alice the data.
      Nice PR stunt, though.

      It's worse than that... it's complete FUD even if the boxes are in different buildings.

      - This only works for individual point-to-point links, where the burden of managing pre-shared keys is not that high.
      - Quantum cryptography replaces Diffie-Hellman, but it doesn't replace authentication. So you still have to have a pre-shared key or else the a
    • > If the pair of boxes has to be in the same building, that isn't going to be a big seller. Bob would just walk down and HAND Alice the data.

      They claim 120km range.
    • >Can the signal be regenerated or amplified without disturbing the photons?

      Absolutely not.

      You can't copy a quantum state. If you could, then you could clone the state of a particle, make an exact measurement of the position of one copy and the momentum of another, and you'd have bypassed the uncertainty principle.

      Which is what makes this whole scheme theoretically possible. If you could amplify one photon to N photons without disturbing the first one, then you could tap the key exchange undetectably.
  • Sounds cool, but probably ahead of its time. Who really needs that kind of security?
  • by cravey ( 414235 ) on Thursday November 06, 2003 @04:32AM (#7405292)
    Yeah, but due to the nature of the the quantum portion, don't you have to have an unbroken end to end fiber connection with optical breaks for things like switching equipment? It seems that a repeater would change the polarization of the signal and kill the protocol.
    • by ajs318 ( 655362 ) <sd_resp2@earthsho[ ]o.uk ['d.c' in gap]> on Thursday November 06, 2003 @04:54AM (#7405356)
      Yup, that's the dirty little secret of quantum crypto. You need a direct, end-to-end fibre connection for it to work. You also need an alternative, non-quantum, secure communication channel to verify the integrity of the quantum data. If the secondary channel isn't secure, an eavesdropper who listened both to the quantum-encrypted data and the integrity check would be able to reconstruct the data.

      It's a bit like having a faster-than-light communicator where you get the message faster than light, but you can only find out what the message meant by calling up the sender on a slower-than-light link.

      Quantum Cryptography is a bit like one of the things you see advertised on satellite TV "info-mercials", or in those irritating promotional catalogues that get tucked into magazines. You know the sort of thing I'm talking about: you start out amazed, barely able to believe anyone could invent something as wonderful as that; but if you order one, you'll end up wondering why they even bothered inventing it.
        • If the secondary channel isn't secure, an eavesdropper who listened both to the quantum-encrypted data and the integrity check would be able to reconstruct the data.
        Yeah, but the point is that in a good implementation of such a system, no third party would be able to listen to the quantum-encrypted data without changing it - at which point Bob and Alice would know that the there was an eavesdropper (or that the system had gone bellyup).
        • Yeah, but the point is that in a good implementation of such a system, no third party would be able to listen to the quantum-encrypted data without changing it - at which point Bob and Alice would know that the there was an eavesdropper (or that the system had gone bellyup).

          This is why I generally insist on calling this technology "Quantum Intrusion Detection"; it adds little or nothing to the "Cryptography" aspect of the communication. It's only contribution is the ability to add 100% provable intrusion
      • AFAIK, the classical channel can be eavesdropped upon, and the eavesdropper will gain no information about the key being exchanged, so it doesn't need to be absolutely secure. It just needs to be safe from jamming, because if you jam the classical channel the two parties have no way of discussing the level of interference on the quantum channel, and the protocol breaks down. As has been mentioned repeatedly, it is impossible to passively eavesdrop on the quantum channel and gain useful information without

  • I'll go out on a lim here and say that if all of the internet will slowly become quantom-secure and ip addresses will stop being centrally provided (think about it... a blob of addresses no one central organization provides.. everybody have a dynamic IP and DNSs publicize only those who wants to be publicized...) P2P sharing will stop being a risk to the sharer/sharee.
    Goodbye all copyright.
    • by RMH101 ( 636144 )
      and i'll go out on a limb and say "bullshit". decentralised, totally secure and anonymous connections worldwide? like that's going to be allowed to happen.
      • This should be marked 'funny', not 'insightful'.

        Decentralized, totally secure and anonymous connections *are* available worldwide, or as close to worldwide as 'any place with a cybercafe' is. Anonymous, yup, decentralized, yup, secure, grab PuTTY and go, yup.

        Of course maybe you know this and were being ironic, in which case it's just the mods who are being silly.
        • In many places, they may be available, but not necessarily allowed. Especially the PuTTY part. And they are not necessarily very anonymous either.
  • I have to say this technology is really subject to Dos style attacks. Simply overwhelm the server with false keys very much like an alphabet attack, and for those of you that scoff because of the huge numbers involved, realize the computer power of a large zombie army with todays excessive computer power.

    I don't want to say anymore because I am freaking myself out just thinking about it.

  • A Business Week article [businessweek.com] dating from this year's July says: "A Swiss firm, ID Quantique, introduced the first commercial quantum cryptography products last summer" So that would be mid-2002.
  • If you can already transmit random bits by means of quantum cryptography, why not go the whole nine yards and exchange random keys that are as long as your entire message? The papers I've read on quantum cryptography all employ it as a method for the secure exchange of one-time pads. The only reasons I can think of are that 1. the effective bandwidth of the quantum channel is too low and/or 2. they're having problems setting up a reliable and fast source of real random numbers on their device (this is act

    • You don't ever need to exchange your one time pads. All you need is for your two functions to have the property that A'(B(A(x))) == B(x) and B'(A(B(x))) == A(x).

      Alice sends Bob A(x). Bob sends Alice B(A(x)). Alice sends Bob A'(B(A(x))) [== B(x)]. Bob evaluates B'(A'(B(A(x))) and gets x. {I think this method is known as Diffie-Hellman key exchange.}

      It needs three passes, but an eavesdropper would have to successfully intercept all three transmissions before they could recreate the message. And the
    • If you had a secure channel to transmit a one-time pad you might as well just transmit the message through this channel. The only reason to use a one-time pad is that you have the opportunity to securely exchange a message at an earlier time (e.g. by handing over a CD) and can use this message to send a secret message later.

      And yes, I suspect bandwidth is the reason they transmit a secret key, rather than the secret message itself over this channel.

      Ponxx

      PS ok, there are some justification for transmittin
      • I imagine they're using the protocol, or a close variation thereof, of the one described by Charles H. Bennett, Gilles Brassard, Louis Salvail, and John Smolin in their paper "Experimental Quantum Cryptography [nec.com]" (Citeseer link). They use the quantum channel to allow Alice and Bob to negotiate a random key known only to them, which cannot be eavesdropped upon, and also allows them to discover any eavesdropper attempting to obtain their key. You can't use a quantum channel to transmit real information, but y

  • SO I figure they must be doing something
    funny on the way. I would not recommend using
    such a system, I will stick to 2Kbit RSA thank you.

    Me
  • I wonder... (Score:1, Insightful)

    by Anonymous Coward
    Couldn't the quantum twin effect be used to transmit information without anybody else even seeing that a communication takes place?
  • hopefully... (Score:3, Insightful)

    by jlemmerer ( 242376 ) <xcom123@y[ ]o.com ['aho' in gap]> on Thursday November 06, 2003 @05:22AM (#7405437) Homepage
    ...this cool invention does survive the time until it can become widespread. At the moment I cannot really see a market for this system other than at the NSA and similar organisations (anybody got a quantum computer out there at the ready?). But as technology rapidly advances it this crypto mehthod could prove quite useful for enterpises and in the long term to all end unsers. We just have to look out that this technology doesn't disappear too soon (maybe a little bit accelerated by the above named organisations who don't like crypo they can quite easily brak or trapdoor)
  • by IversenX ( 713302 ) on Thursday November 06, 2003 @05:26AM (#7405451) Homepage
    But it is not likely to become widely available any time soon. The problem with quantum encryption, is that it is based on quantum states. These states are destroyed when observer (literally, you just have to look at them!), so it's not possible to read the data out and perform a "quantum dictionary attack", because how you read the data is part of the encryption

    This is what makes quantum encryption perfect. If somebody has even read the signal, you will know it. If they haven't, the problem is solved.

    However, in order to make use of this perfect encryption, the quantum state must not change. Therefore, any obstacle along the way (imperfections in the fiber optic cable, or any attempts to read the signal) will destroy the signal. This means that a quantum encrypted message cannot be transmitted through a switched network. Every switch (as we know them) would have to read the data, and pass them along. That is not possible.

    Instead, a technique known as Quantum Teleportation [phys.au.dk] could be used. It's developed mainly in Denmark, and uses something called Einstein-Podolsky-Rosen-beams to transport the quantum state. The catch is that they never read the state, because that would crush it. They simply transport it on a carrier wave, much like in Star Trek :)
    • However, in order to make use of this perfect encryption, the quantum state must not change. Therefore, any obstacle along the way (imperfections in the fiber optic cable, or any attempts to read the signal) will destroy the signal. [...] Instead, a technique known as Quantum Teleportation could be used.

      Quantum Teleportation has the same limitations. The way it works is Alice entangles 2 particles, transmit one to Bob. Then, Alice measures one, and Bob gets checks his particle to see what it was. But, tr

  • by Anonymous Coward
    So what does this mean then? I'm assuming it means that as soon as someone looks at something, it changes so the original information is lost.

    In that case, could you launch a DoS attack on quantum crypto systems just by looking at all the data from a specific source? That way, none gets through.
    • In that case, could you launch a DoS attack on quantum crypto systems just by looking at all the data from a specific source? That way, none gets through.

      Uhm, if you have access to the cable, then why not just cut it if you want to do a DoS attack? Much easier, if you ask me...

    • The fun part is that if an intruder observes or intercepts the transmission, those properties get changed.

      My initial reaction was: if they can read the transmission, can they not predict exactly how their interference will alter the stream? In which case, does it matter that it has been altered?
  • With the current hype about everything which ascends the term Quantum I'd prefer this to be called photon encryption. It's principles are known for ages and are even put into practice by some scientists and it does not what it has s to do with the things people associate quantum with.
  • A couple of years ago, there was an interview posting with PRZ [slashdot.org] where I asked [slashdot.org] about quantum computing and quantum cryptography (were the answers ever posted?) They are technnically two quite different beasts, but both should be kept in mind when considering future cryptgraphy needs.

    I think we really need some quantum cryptography that will stand when large-prime-based methods fail... Are there any good hackers working on this?

  • USELESS!! (Score:5, Insightful)

    by logicnazi ( 169418 ) <gerdesNO@SPAMinvariant.org> on Thursday November 06, 2003 @06:30AM (#7405612) Homepage
    So even if this is really workable quantum cryptography, in which case it would only work on a direct fiber to fiber link. I don't see how it would give any benefit.

    From a technical point of view Quantum cryptography is only secure against man in the middle attacks if you have a SEPERATE channell to the remote host that you are absolutely sure in fact goes to the right person. As long as all communication goes over the fiber nothing prevents a spy from splicing his own box into the line and negotiating a key using quantum cryptography for both parties. However, if you have some channell that you know reaches the other source you can just use Diffie-Helman or like protocal to negotiate a shared key without ever broadcasting it on the line.

    The only think quantum cryptography does for you is take the public key component out of the equation. However from reading the article this box just uses quantum encryption to negotiate a key for 3-DES or similar. Seems to me that the public key is not the weakest link in the system. Also as it does packet based encryption you can still watch and time packets to observe keystrokes (I believe good ssh and the like programs wait for several seconds to try and send a bunch of keystrokes together, but a box that sits outside the computer can't decode the first layer of encryption to stick the packets together in a meaningfull way...though I could be wrong on this).

    From a pragmatic point of view, since this is only going to work on an unbroken single fiber there is some limit to distance here. I'm sure someone else on slashdot knows about how long you can string fiber before you need a repeater or something. Wouldn't it be easier to just routinely check to make sure there is no middle man inserted in the wire (use diffie-helman or similar again so that someone JUST listening can't decode things). Even better, take a key generated on the first computer BY HAND to the other end of the communications loop. Better cheaper security with no new high tech gizmos.
    • Wouldn't it be cheaper to just run ethernet cables through a thick steel conduit? It may not have kewl photon technology involved, but it's pretty hard to saw or drill a steel pipe without attracting attention. Maybe if the companies in question did their wiring the right way, wire taps wouldn't be such a problem.

      Actually, I think if I was a government agency looking at subcontractors, I would check out this sort of thing. "What's that? You run your netowrk cable over standard wiring ladders and drop it th
  • Too bad that this is no real quantum crypthography here.

    They just use quantum cryptography to generate the keys. In my opinion there are better ways to get a key since the real encryption is still based on standard techniques like DES. Everybody knows that these can be bruteforced....

    So the real Quantum Encryption still lies in the future
    • They just use quantum cryptography to generate the keys

      Quantum techniques are applied not to key generation, but key distribution. This is a crucial distinction.
      Also, if you think you can bruteforce AES in a useful amount of time, have a ball. The people spending this kind of money on a QKD system are likely going to be picking appropriatly large key sizes for their message traffic.

  • One thing is for certain... it will get cracked.

    If it was a MS product, it would get cracked quicker.

  • I'm sure M$ has an implementation going too. Be prepared for polarization bugs!
  • I watched a their presentation. It was typically marketingtastic until we hit the phrase it's FUTURE PROOF...that's inspired! Well actually it's nicked (or to be fair simultaneously invented!) from a company called brabantia www.brabantia.com who make kitchen appliances! All technical/poltical discussion aside...I think that's funny. As for someone attempting to make a company on this...good on ya. Let me know when it's done. ;)
  • Old news (Score:1, Offtopic)

    by Gothmolly ( 148874 )
    Seen on Yahoo! 2 days ago.

    -1, Boring.
  • Something that can both be vaporware and NOT be vaporware at the same time!
  • The company's press release mentions a "single photon generator," but neglects to mention the cat that must be included inside the box for Heisenberg's Uncertainty Principle to work. It also doesn't mention kitty litter, catnip, or other necessary supplies. Perhaps they're using Cat5?
  • Coming up with better and better encryption schemes is moot at best.

    As Bruce Schneier says [techtarget.com] super-encryption technologies are like a single, indestructible fence post anchoring a much weaker defense curtain. The defense is indestructible only so long as the enemy runs directly into the fence post. However, it's much easier to circumvent the fence post and cut through the fence. Social engineering, poor policies, key theft and other routes make it much easier possible for hackers to get around conventiona

  • A spin-off from University of Geneva has been selling similar devices since 2002 [arxiv.org].

    Note that quantum cryptography is a misnomer for the BB84 and BB92 protocols. These should be called quantum key distribution because that's all they do. You can't encrypt information with them, just exchange keys. You still need conventional crypto to use the keys with.

    Also keep in mind you need a dedicated fiber link between the communicating parties. Quantum crypto is only useful in ultra-paranoid, damn-the-expense ap

Where are the calculations that go with a calculated risk?

Working...