Forgot your password?
typodupeerror

Secure Video Conferencing via Quantum Cryptography 163

Posted by timothy
from the hello-a77ghlfiyu-82md022x1x-bye dept.
Roland Piquepaille writes "If you use a webcam to talk with your mom, this tool is not for you. But if you're working for a company and that you have to routinely discuss about sensitive future projects or the possible acquisition of another company, you need more security, and this new video conferencing system based on quantum cryptography is a tool you need. According to this article from Nature, researchers from Toshiba have developed a system which can generate 100 quantum 'keys' every second, fast enough to protect every frame in a video exchange. This technology, which today is working over a distance of about 120 kilometers, could become commercially available within two years at an initial cost of $20,000. This overview contains more details and references."
This discussion has been archived. No new comments can be posted.

Secure Video Conferencing via Quantum Cryptography

Comments Filter:
  • by Anonymous Coward on Monday May 02, 2005 @09:04PM (#12415157)
    Maybe this "tool" isn't for having a chat with mom, but if you plan on making a Star Wars like lightsaber duel with a broom, make sure to use this.
  • by Anonymous Coward on Monday May 02, 2005 @09:04PM (#12415162)

    If you use a webcam to talk with your mom, this tool is not for you. But if you're working for a company and that you have to routinely discuss about sensitive future projects or the possible acquisition of another company, you need more security, and this new video conferencing system based on quantum cryptography is a tool you need. According to this article [nature.com] from Nature, researchers from Toshiba have developed a system which can generate 100 quantum 'keys' every second, fast enough to protect every frame in a video exchange. This technology, which today is working over a distance of about 120 kilometers, could become commercially available within two years at an initial cost of $20,000. Read more...

    Here is the introduction from Nature.

    Scientists from Toshiba's Cambridge Research Laboratory [toshiba-europe.com] unveiled their invention to business leaders and government officials at Britain's Department of Trade and Industry in London on 27 April.

    Their system is capable of generating 100 quantum 'keys' every second. This is fast enough for every individual frame of video to be protected by its own encryption. "This makes the system highly secure," says Andrew Shields, who leads the Cambridge team. "It would take an enormous computational resource to crack this frame by frame."

    Of course, today's videoconferencing tools using conventional encryption are already pretty secure. But if the NSA wants to check your conversation, I betit can. With quantum cryptography, this is a different story.

    Quantum cryptography promises to stop such eavesdroppers. The system works by first establishing a 'key' that provides instructions on how to decode an incoming message. This key is built into the quantum state of photons. Intercepting a message breaks the key and alerts the sender and intended recipient to the security breach, because the very act of observing a quantum state changes it.

    The Quantum Information Group [toshiba-europe.com] at Toshiba gives more details on this subject on this page about Security from Eavesdropping [toshiba-europe.com]. Below is a diagram illustrating the concept (Credit: Toshiba's Cambridge Research Laboratory).

    Using single photons to carry the bit material for the key prevents undetected eavesdropping. Because each bit is carried by a single photon, it is not possible for a hacker to tap in and remove part of the signal, as shown in the illustration. Single photons do not split, so if the hacker (Eve) measures the photons on the fibre, they will not reach the intended recipient (Bob). Only the photons that arrive at Bob are used to form the key, so Eve cannot gain any useful information by this crude 'tapping' attack.

    The first commercial applications of quantum cryptography are now about one year old. However, this new system offers new levels of performances, according to Nature.

    Unlike previous systems, which become unreliable when they heat up, this device can run continuously for more than four weeks, says Shields. The quantum information can only go so far before being corrupted by random interactions with surrounding material, however. "We've shown this can work over 120 kilometres of fibre," says Shields.

    Toshiba has already built a Quantum Cryptography Prot [toshiba-europe.com]

  • The scientific arms race between rebels and agents continues!
    • Re:excellent (Score:3, Interesting)

      by _Sharp'r_ (649297)
      I'm still trying to figure out why anyone would want to spend the cash on this when they could just tunnel through SSH, use a VPN, etc... etc...

      Sure, it might use slightly more bandwidth than this, but come on, for that price....
      • Man, its not the quality of your network, its how fucking sexy the hardware is!
      • Three words: Remote Military Applications. The benefits of this technology to the military stretch far beyond normal and even ultra secret communications; they could remotely control battle robots, or even properly equipped tanks, without fear of interference or subversion. This is especially interesting considering the latest drones in use by the US military.

        You can find a lot of people to fight your wars, but they are expensive to train, unreliable, and to gain experience they need to risk serious inj

        • Re:excellent (Score:3, Insightful)

          by DoctorVic (716683) *
          While that sounds all fine and dandy, if I understand this technology, it is not wireless. I am sure that the military could come up with some amazingly devious ideas with this, but I do not think this would be one. How could you transmit a stream of photons bearing the encryption to a remote location out of line of sight without some type of optical cable and maintain an error rate of around 9%? I am sure they have some other shit worked up for that!!!
        • First, I agree with you that good crypto is required for the control and data channels of a remote military device, such as a drone. However, there are some far more important considerations...

          First, you want to prevent the enemy from being able to jam your communications. This means you want some frequency hopping built in to your communications. This increases the amount of power needed by the enemy jammer by an amount equal to:

          (hopping bandwidth)/(signal bandwidth)

          The GPS system has a signal bandw

    • Toshiba has basically held up three fingers, and
      told NSA/DoD/DHS to "read between the lines".

      The USA's Dept. of Commerce is going to have a much
      tougher time helping US-based companies to compete
      in the world market if this techology becomes mainstream.
  • by Anonymous Coward
    ..which today is working over a distance of about 120 kilometers, could become commercially available within two years at an initial cost of $20,000.
    $20,000 is a lot more than what it costs to deliver a hard disk full of random numbers for use as a One Time Pad.

    But I guess you could get the best of both worlds, by storing your OTP on Quantum hard disks. Nyuk, nyuk.

    • To REALLY try to run away from the "bad guys" who would tremendously enjoy making a couple of extra holes in your head???

      I'd guess it can cost much more to SECURELY deliver anything from point A to point B...

      Paul B.
      • What's it going to cost to securely install the equipment? Maybe the guys installing it make some modifications so they can get the data before/after the optical link. If you're sending over disks you could send them in small batches. If you have any reason to believe one of them has been compromised, don't use the data on those disks. You'll have to trust the driver or the guys installing the quantum equipment either way.

        After you have received the disks you'll have to protect them so no one retrieves th

      • The data on the disk becomes useless. All you need is a device that can tell you if the disk has been read while in route. Such things cost a lot less than $20k.

  • by Anonymous Coward on Monday May 02, 2005 @09:05PM (#12415178)
    I think most of you are aware of the controversy surrounding regular Slashdot article submitter Roland Piquepaille. For those of you who don't know, please allow me to bring forth all the facts. Roland Piquepaille has an online journal (I refuse to use the word "blog") located at http://www.primidi.com/ [primidi.com]. It is titled "Roland Piquepaille's Technology Trends". It consists almost entirely of content, both text and pictures, taken from reputable news websites and online technical journals. He does give credit to the other websites, but it wasn't always so. Only after many complaints were raised by the Slashdot readership did he start giving credit where credit was due. However, this is not what the controversy is about.

    Roland Piquepaille's Technology Trends serves online advertisements through a service called Blogads, located at www.blogads.com. Blogads is not your traditional online advertiser; rather than base payments on click-throughs, Blogads pays a flat fee based on the level of traffic your online journal generates. This way Blogads can guarantee that an advertisement on a particular online journal will reach a particular number of users. So advertisements on high traffic online journals are appropriately more expensive to buy, but the advertisement is guaranteed to be seen by a large amount of people. This, in turn, encourages people like Roland Piquepaille to try their best to increase traffic to their journals in order to increase the going rates for advertisements on their web pages. But advertisers do have some flexibility. Blogads serves two classes of advertisements. The premium ad space that is seen at the top of the web page by all viewers is reserved for "Special Advertisers"; it holds only one advertisement. The secondary ad space is located near the bottom half of the page, so that the user must scroll down the window to see it. This space can contain up to four advertisements and is reserved for regular advertisers, or just "Advertisers".

    Before we talk about money, let's talk about the service that Roland Piquepaille provides in his journal. He goes out and looks for interesting articles about new and emerging technologies. He provides a very brief overview of the articles, then copies a few choice paragraphs and the occasional picture from each article and puts them up on his web page. Finally, he adds a minimal amount of original content between the copied-and-pasted text in an effort to make the journal entry coherent and appear to add value to the original articles. Nothing more, nothing less.

    Now let's talk about money. Visit BlogAds to check the following facts for yourself. As of today, December XX 2004, the going rate for the premium advertisement space on Roland Piquepaille's Technology Trends is $375 for one month. One of the four standard advertisements costs $150 for one month. So, the maximum advertising space brings in $375 x 1 + $150 x 4 = $975 for one month. Obviously not all $975 will go directly to Roland Piquepaille, as Blogads gets a portion of that as a service fee, but he will receive the majority of it. According to the FAQ, Blogads takes 20%. So Roland Piquepaille gets 80% of $975, a maximum of $780 each month. www.primidi.com is hosted by clara.net (look it up at Network Solutions ). Browsing clara.net's hosting solutions, the most expensive hosting service is their Clarahost Advanced ( link ) priced at £69.99 GBP. This is roughly, at the time of this writing, $130 USD. Assuming Roland Piquepaille pays for the Clarahost Advanced hosting service, he is out $130 leaving him with a maximum net profit of $650 each month. Keeping your website registered with Network Solutions cost $34.99 per year, or about $3 per month. This leaves Roland Piquepaille with $647 each month. He may pay for additional services related to his online journal, but I was unable to find any evidence of this.

    All of the above are cold, hard, verifiable facts, except where stated otherwise. Now I will give you my personal opinion
    • OH Comeeee onnnn man..
      You think any of the other sites slashdot links to dont collect advertising revenues?

      Even if its 'not a worthwhile service' Its NOT costing you anything, its information being shared, even if hes doing it for profit it's not at the readers expense.

      Why should slashdot not accept GOOD submissions just becuase someones collect advertising revenues?
      Its not Hurting the /. community, it's contributing to it no matter how you look at it.

      Until your post I hadn't heard of or noticed anythin
    • The site that I see showing up in /. over and over again that's just copies of press releases elsewhere on the net is PhysOrg. How much are they getting from /. eyeballs? How many slashleeches are there?
    • by benjamin_pont (839499) on Monday May 02, 2005 @09:45PM (#12415486)
      How does this kind of thing happen? Just curious.

      benjamin_pont's Recent Submissions

      Title
      Quantum leap in secure web video

      Datestamp
      Friday April 29, @02:09PM Rejected
    • This is just spam. He has copied and pasted this form post. As is shown by today's date he used.
    • You know, if you really find this guy annoying, there is contact information so you can tell him about it: http://www.primidi.com/personalinfo/contactme.html [primidi.com]
    • by Anonymous Coward
      you know, people pay for Readers Digest. I say, If the man has an audence let him do his thing.
    • You say this and yet, the current slashdot submission actually links ot the original article and adds a link to his (Roland Piquaille's) own overview at his online journal.
      In fact, it pretty much looks like you just copy and pasted this comment from a previous comment, isn't it?
    • We all know they wouldn't know integrity if it bitch-slapped a disobediant user talking about Slashcode internals or shut down www.censorware.org [google.com] in a temper tantrum.
      Well, the censorware.org story is disturbing, but it isn't the Slashdot organization that did that, it was someone who also happens to work for Slashdot. And I don't really understand what you mean about Slashcode internals. It's open-source, right? Can you give some info to back up the innuendo?
      • And I don't really understand what you mean about Slashcode internals. It's open-source, right? Can you give some info to back up the innuendo?

        He means this post [slashdot.org] from 2 years ago, where all users who modded in that thread were banned from moderation, and the whole thread was modded -1. The post itself was moderated over 800 times. More info here [kuro5hin.org]

    • Well, at the least that explains the "Suck It" post. Although I can see differing opinions existing regarding this practice, I don't believe the parent is a troll. Whatever I decide about Piquepaille, this is the first I've heard about him, and I find the information to be of value. I personally don't have a problem with someone else paying this guy. I doubt many /.ers SEE the ads, much less read them. If the assertions that Piquepaille used to copy without giving credit and has changed his ways are true, t
    • Yes, first of all, I am kinda jealous that when I submitted the same story on April 28, it got rejected and to my shock today, its in!!

      Well, /. submission FAQ warns about such a thing and asks me not to get pissed but to blame my stars, so I was mentally prepared for this.. but this Ronald unmasking brought an interesting thing..

      what if one constantly sees a site like freshnews [freshnews.org], would it not increase the probability of a story getting posted.. I mean it has all sites from cnet to techdirt to porn-tec

    • And your point is that he works his butt off copying content for a paltry $647 a month?
  • Unless you're Bill Gates.
    • it says not for webcam chatting with "your mom", but does that mean my mom? because i know when i webcam chat with your mom, i would prefer people not be watching.....it could affect my performance
    • Sounds like something out of a spy movie.
      But, eventually, if you are somewhere, talking and being seen by a camera, "they" will listen in on you, before your data enters the webcam. You'll have to move around, and take the $20,000 device with you. They'll still find you. Spy stuff.
      Consider the Alantic Wall. [versatel.nl]

      Didn't stop the Allies.

      • Not to mention a HUGE roll of optic fibre cable...

        this isn't exactly stealthy as you'd need a DEDICATED SINGLE line of cable between the two points, otherwise, using this won't make any sense whatsoever. You can't route it, you can't do anything with it.

        That's the whole point really ;)
  • How long before this in some ways is integrated with those digital projectors in the theaters?
  • by Anonymous Coward
    But you can cheat on your spouse as well!!

    Not that the internet has such nefarious uses!
  • ah.. (Score:5, Funny)

    by Keruo (771880) on Monday May 02, 2005 @09:10PM (#12415218)
    video conferencing.. the politically correct way to say, streaming porn
  • by G4from128k (686170) on Monday May 02, 2005 @09:16PM (#12415266)
    New encryption tools are cool, but they only secure the network. The end-terminals (and end-users) are still insecure. Holes in the OS, clicking on the wrong email, etc. can compromise one of the machines. And if either party likes chocolate, then we know that we can get the keys to crypto just by offering a tasty morsel.

    Security is only as strong as its weakest link. This invention ensures that the network is not the weakest link. Its a step in the right direction, but other components are still pretty vulnerable.
  • by eskwayrd (575069)
    Interesting. Quantum cryptography is supposed to be 'hack proof'. So, why the need for 100 keys per second? One key at the start of the stream should be enough. If your video gets scrambled, it tells you that you have an infrastructure problem, or someone is actively trying to hack into your stream. Either way, continuing the conversation seems kinda moot.

    Perhaps this is a 'just because we can' technology which ignores the 'should we?' question. (or, I lack the vision to see how this is useful :)
    • Quantum Encryption is a misnomer in this case. It's really quantum key exchange. Normal one-time pads require that the parties exchange keys in a secure method. This means meeting beforehand. QE allows two parties to exchange one time keys in a manner that cannot be intercepted, meaning they can use one-time pads without having to meet beforehand.
    • by ericpi (780324)

      So, why the need for 100 keys per second? One key at the start of the stream should be enough.

      If the quantum channel were fast enough, I'm sure they'd want to use it to send the video directly. Since it isn't fast enough, they're doing the next best thing: Send the encrypted video over traditional (possibly hackable) channels, then send the keys 'securely' using quantum tech.

      Rotating the key for every 1/100 sec minimizes the damage in case some of the video is decrypted: the hacker would only be able

      • I forget the exact details of how QE works, but basically about half of the bits you send over the QE link are unrecoverable, making it unusable for exchanging actual data. I've explained the basic idea better in other posts in this thread, and I'm sure someone more knowledgable than myself will explain the actual quantum link somewhere in here.
        • Actually, in the case of quantum key exchange, the whole point is that you can tell if someone has eavesdropped on your quantum channel and thus discard that bit of the key and resend something new.

          I've always wondered if this is susceptible to a DoS attack, though.
    • Disclaimer: I haven't RTFA, but I previously did some work in quantum cryptography.

      The reason that quantum cryptography is "hack-proof" is that it's based on one-time pads; it just uses quantum physics to avoid the key distribution problem. The security of one-time pads, of course, depends on them being used only one time; there has to be a separate random bit used to scramble every bit of the video. Thus, the "100 keys per second" basically just means that each key is long enough to completely encrypt o
      • AFAIK quantum channels are too slow to stream video at the moment(other than crap quality I guess).
        "100 keys per second" seems to imply that they use a standard symmetric crypto(AES) and just send the much smaller 128-256b keys over the quantum channel(via afforementioned one-time pad).
    • Nope. If it's going to be completely secure, you need as much key as message - a 100 bit key can only encrypt 100 bits. So this will be useful.
      • I'm sure this is an obvious question, but how does quantum cryptography protect against man-in-the-middle attacks? Observing the quantum state destroys it. Can I generate new photons whose state matches what I observed? If not, How can the sender encrypt the message with the quantum key, if he can neither observe the key without destroying it, nor generate a particular key at will?
        • by m50d (797211)
          The basic idea is there are two measurements you can carry out, but making the wrong one will destroy the information. The sender generates a random bitstream and encodes it using random choices of which method. The receiver makes one measurement at random for each photon they get. Then, after the measurements have been made and the photons destroyed, the sender tells the receiver which encodings were used and the receiver tells the sender which bits are correct. These bits are random - the sender cannot ch
    • because if you reuse the one-time-pad again and again, eavesdropper can use statistic to come up with the actual message sent
  • Bandwidth (Score:1, Interesting)

    by 514CK3R (875865)
    Now we all get to suffer the bandwidth consequences of the paranoid's video conferencing. The packets screaming over UUNet's backbone will be prohibitive if only a handful (per capita) of streaming video apps used this technology. I guess it would push providers to put OC48's in our neighborhoods though.
  • Limitations (Score:5, Interesting)

    by Bifurcati (699683) on Monday May 02, 2005 @09:20PM (#12415290) Homepage
    It should be pointed out that at the moment this technology is limited to sites linked by a fibre optic cable along which the entangled photons (which ultimately form the key) are sent. They claim that it can work over a 120km section.

    For this to be really useful, you would need to be able to send the photons via satellite, something which is hard as the interaction with the environment along the way can destroy the entangled state. This would probably be interpreted the same as eavesdropping, further muddling the water. Physicists are indeed trying to get this to work, but it may take some time.

  • by Anonymous Coward on Monday May 02, 2005 @09:21PM (#12415302)

    because his "articles" sure read like them, check out a google search on this phrase
    This overview contains more details and references [google.com]

    perhaps Roland should spend his time and get a proper job (or perhaps nobody will employ him) and actually contribute something new to the internet instead of just leeching from others hard work.

    • "perhaps Roland should spend his time and get a proper job (or perhaps nobody will employ him) and actually contribute something new to the internet instead of just leeching from others hard work."

      It would help you guys would stop adding to the post count for his stories by bitching about him. I wonder how many extra Slashdot ads are served when he posts a story.
  • by goldspider (445116) <ardrake79.gmail@com> on Monday May 02, 2005 @09:24PM (#12415327) Homepage
    Yes, offtopic, I know. Moving on.

    There are a lot of us here who object to Roland Piquepaille's well-documented practice of using Slashdot to direct readers to his site and thereby generate ad revenue for himself.

    Roland Piquepaille contributes none of his own work (it's ALL derivative of others' efforts), and Slashdot is more than willing to sell their readers out to this character.

    So the next time a Roland Piquepaille-submitted story comes up, don't read it. Don't post replies. Don't even acknowledge that the story is there.

    It's time we send Slashdot the message that we don't like being taken advantage of in this manner.
    • by Quixote (154172) * on Monday May 02, 2005 @09:48PM (#12415503) Homepage Journal
      I keep seeing the same sort of responses to Roland's stories, and have finally begun to wonder: why doesn't Slashdot stop posting his stories? Will someone at Slashdot address the readers' concerns? It is about time that an official answer came from Slashdot central about their relationship with Roland. I find it hard to believe that each and every story of his gets accepted, while the rest of us have a much less success rate.
      • I wonder what would happen if someone submitted a story about Roland to kuro5hin [kuro5hin.org], and got enough votes to make it on the front page.

        The problem right now is that complaints about him end up only in the comments. Maybe if there's enough external attention, the powers at VA might reconsider their policies.

        • > I wonder what would happen if someone submitted a story about Roland to
          > kuro5hin, and got enough votes to make it on the front page.

          It would mean another tedious, pointless, whiny article on Kuro5hin, representing just one more reason never to go there.
      • This page is still appearing in a horrible gold/brown shade, so I think slashdot just ignores its readers completely. After all, we keep reading and commenting, giving them their ad views, so why should they change?
    • "It's time we send Slashdot the message that we don't like being taken advantage of in this manner."

      How are you being taken advantage of? He, like this site and numerous others, gather news they find interesting and aggregate it.

      "Roland Piquepaille contributes none of his own work (it's ALL derivative of others' efforts), and Slashdot is more than willing to sell their readers out to this character."

      Again, see here [slashdot.org]

      I've heard he used to never document who he got his information from which is wro
      • He gathers information and posts it to slashdot who in turn accepts it. He makes money, slashdot makes money and the readership gets amused for a little while. This guys not doing anything morally or ethically wrong.

        True enough; Roland is certainly not doing anything wrong (seriously).

        Nor is Slashdot doing anything wrong by transparently funding Roland's work-free lifestyle through it's immediate publication of anything Roland submits.

        I've come around on this. It's not as is anyone seriously considers
    • look at the ratings on his comments [slashdot.org].

      Come on slashdot people -- its obvious that none of us like this parasitic-poster.

    • Yes, perhaps we should start moving to other sources where we can get some fresh writing and not be taken advantage of. Perhaps SecurityFocus would be a good source. Here's the first paragraph of their article titled Quantum crypto moves out of the lab [securityfocus.com]:
      "Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ."
      Or maybe we should use The Register's article titled Quantum crypto moves out of the lab [theregister.co.uk]. Here's their first paragraph:
      "Quantum cryptography - long the stuff of cyberpunk novels and hi-tech spy stories - is leaving the laboratory and making its way into commercial markets. A briefing session at the UK's Department of Trade and Industry on Wednesday featured demonstrations of working quantum key exchange systems by QinetiQ, Toshiba Cambridge and US start-up MagiQ."
      Or another article [issuperstore.com] and you can probably guess that the opening paragraph there will make you think there's a glitch in the matrix.

      Both The Register and SecurityFocus show ads, and they're just rehashing some company's PR spam and profiting from readers. But this is all academic -- the more interesting question is why you don't seem to find it objectionable that the bulk of these articles, even if from reputable places, ARE ads themselves?
  • The technology is interesting and promising, but further development is necessary.
    A price tag of $20000 is not justifiable over 120km. You can drive that distance in a couple of hours, and that is a) cheaper and b) enables face-to-face interaction.
    I wonder whather they are really expecting anyone to buy such a system, or rather they just really want to stir interest on the technology instead.
  • by twfry (266215) on Monday May 02, 2005 @09:40PM (#12415448)
    What they are doing here is encrypting each frame with a different key where the key is sent using quantum states so that any eaves dropping will be discovered. Their stated reason is that decrypting each frame is much more difficult than if the entire stream was encrypted with a single key.

    Basically what they are saying is their system has several thousand keys instead of just one. But that does not make the underlying transmission any more secure. If it is possible to brute force one key, it is possible to brute force many keys.

    All they are doing is making it less pratical to use a brute force attack. I'd classify this as being closer to a "security through obscurity" technique rather than a real advancement.

    Now if they sent the entire data stream using quatum bits, that would be something different.

    • If it is possible to brute force one key, it is possible to brute force many keys.

      Um, no. You might be able to brute force a single key, if you've got a supercomputer handy and a few months to spare. But brute forcing x keys will take x times as long.

      With this technique, even if you did force a key, that'd only get you single lousy frame, which is a helluva lot more secure than the old way, where you would have gotten the whole stream. Now, to get the next frame, you've got to repeat the cracking proc
      • Actually you couldn't even "brute force" a single key because they're all one-time pads. Quantum "crypto" provides a means for two parties to securely agree on one time pads.

        The only way brute forcing works is for an algorithm based encryption system with a given key. You try all the possible inputs of that key until the algorithm decrypts the text to something meaningful. With a one-time pad, the key is the same length as the encrypted text and each bit of the key is XORed to each bit of the cleartext. Si
        • This is not a one time pad - the key is not the same length as the data in this scheme; the article points out that keys are only 256 bits long, obviously far less than the number of bits in a frame.

          The "quantum cryptography" bit is only to stop you from intercepting the keys, in the same way that PGP doesn't apply public-key encryption to the whole message, only the keys to a symmetric cypher.

          As such, the 256 bit keyspace is eminently brute forceable.
    • Quantum encryption allows you to exchange one-time pads. Basically, you use a key that has the same number of bits as your message and then XOR them together. This is unbreakable without the key, not just hard to break. Usually this requires meeting and exchanging keys beforehand. QE makes it impossible to intercept the key in transmission, meaning that a one-time pad can be used without meeting beforehand.
    • You miss the point. This system DOES make the underlying transmission secure. Quantum key exchange is impossible to eavesdrop on. Combine this with XOR (which is impossible to break any way other than brute force), and you have a very secure system. Plus, with advanced compression techniques, knowing the contents of one frame tells you very little about the video at that frame.
  • From the article:
    Single photons do not split, so if the hacker (Eve) measures the photons on the fibre, they will not reach the intended recipient (Bob).

    IIRC, "Oscar" was the traditional (wo)man-in-the-middle. If this new "Eve" is hot, she can have all the photons she wants.
  • Why? (Score:5, Insightful)

    by nacturation (646836) <nacturation@gma[ ]com ['il.' in gap]> on Monday May 02, 2005 @09:46PM (#12415496) Journal
    I don't see this as being really practical for security. So you've got all of this quantum-encrypted video which is infinitely better than an SSH-encrypted stream and you're feeling pretty smug about how unbreakable it is. Meanwhile, the janitor has planted a bug under your desk and is eavesdropping on everything you say. Or someone else hid a pinhole camera in a plant and is recording it all.

    While I applaud the research and find the technology cool, I don't think a lack of decent encryption technology is the weakest link with regards to security.
    • Re:Why? (Score:3, Insightful)

      by Sancho (17056)
      Yeah, let's just stop worrying about security and transmit all our attack tactics in the open!

      There's always going to be a security risk. The key is minimizing the risk for each component of the system in order to reduce the overall risk. With a setup like this, the network is considered to be 100% secure. Now we can begin to work on the other pieces of the puzzle.

      And don't doubt that the government doesn't have sophisticated bug detectors....
    • don't see this as being really practical for security. So you've got all of this quantum-encrypted video which is infinitely better than an SSH-encrypted stream and you're feeling pretty smug about how unbreakable it is. Meanwhile, the janitor has planted a bug under your desk and is eavesdropping on everything you say. Or someone else hid a pinhole camera in a plant and is recording it all.

      I disagree. I think it is eminently practical (assuming, of course, the actual hardware is practical). Issues wit
  • If you use a webcam to talk with your mom, this tool is not for you.

    But you don't know what Mom and I do over the webcam. She's SO Hot in those fishnet stockings!

    Just kidding. I have no mother.

  • by Bender0x7D1 (536254) on Monday May 02, 2005 @09:57PM (#12415573)
    There is nothing really exciting about this other than the overkill usage of quantum cryptography (also called quantum key exchange).

    Basically, they are trying to generate enough keys so any succesful breaking of the cipher used gets only one frame of video. The only "exciting" part is they are using quantum cryptography to do this. However, this is like using a sledgehammer to push in a thumb tack - It uses a lot more hardware, and isn't the easiest or best method.

    Another way to do this would be to conduct a large number of Diffie-Hellman key exchanges [rsasecurity.com] or STS exchanges, (one for each frame), and use the new key for each frame.
    Or, even easier, both sides could use identical Linear Feedback Shift Registers to generate the same keys that they need. They cost way less than $20k and since a compromise of the system at either end would destroy the privacy afforded by the quantum encryption, just as secure.
    Or, they could exchange one-time pads on a DVD and use the bits on there as the key. If my math is right, then a 4GB CD could hold enough keys for over 1100 hours of video, assuming a 256 bit key and 30 frames/sec. Exchanging 2 or 3 DVDs a year (if that) doesn't seem unreasonable.

    None of these methods require a dedicated fiber line connecting the two groups. It can be performed over regular Ethernet if the groups want to. Translation: I can use it to talk to someone more than 120km away.

    This isn't to say that some groups wouldn't want quantum security for something - if I was a Swiss bank that made daily transfers of a billion dollars to a German or Italian or French bank, then sure, I should spend the extra couple hundred k for an obscenely secure system.

    This also begs the question of why encrypt each frame differently? Since it is VIDEO, then something in the picture is probably important - like a PowerPoint slide or graph or something. Since a presenter usually spends a minute or two on each slide, this means that an attacker would only need to decrypt one out of every 1800 slides (assuming 30 frames/second) to get the information they wanted. I think that it is a good idea to change keys as often as possible, but you have to ask what is the benefit for the added cost/overhead. In this case, I don't think it is very much.

    So nice use of the "quantum cryptography" buzzword, but bad application of crypto technology in general.
    • The point of QE is to exchange not just any ordinary keys, but one-time pads. OTPs literally cannot be broken without stealing the key, and QE makes it literally impossible to steal the key.
    • Mod parent up. I wish more people wrote comments like this one.
    • While I agree with the thrust of your post, there's one bone I have to pick.

      Diffie-Hellman and all other nominal one-way functions haven't been proven secure - it could well be possible that one-way functions don't exist, in which case all security based on them is worthless. Even if OWFs do exist and Diffie-Hellman is one it is still breakable in exponential time, which is vulnerable if quantum computers (or equivalent) are developed, and could potentially be vulnerable to a specially-designed supercomput
  • How often? (Score:3, Insightful)

    by Jobe_br (27348) <bdruthNO@SPAMgmail.com> on Monday May 02, 2005 @10:06PM (#12415641)
    So, maybe I haven't been following the news, but have there been many instances of corporate video conferences being tapped/monitored/etc.?!

    I understand the need to develop these technologies, but at least admit that there isn't any immediate demand besides possibly military applications. I much rather have someone working on securing ChoicePoint, Lexus Nexus, and a few other large data warehousing systems ... maybe that's just me?
  • But if you're working for a company and that you have to routinely discuss about sensitive future projects or the possible acquisition of another company, you need more security, and this new video conferencing system based on quantum cryptography is a tool you need.

    Wow.
    How can an educated person write garbage like that? I would expect something similar from a 5th grader.
  • secure (Score:1, Insightful)

    What is secure? Nothing secure today will be secure tomorrow. Jeremy MCSE MCSA CCNA http://www.n2networksolutions.com/ [n2networksolutions.com] Arizona computer consulting
    • Re:secure (Score:1, Insightful)

      by Anonymous Coward
      Unless by "insightful" you mean "complete bullshit", someone is being stupid with the mod points again.

      Quantum cryptography is, barring our learning that our conception of physics is not just wrong but dramatically wrong, completely future-proof. It is a means of generating one-time pads (which have been proven totally secure. No, not secure-as-in-you'll-spend-millions-of-years-decod i ng-it secure. Secure as in attempting to brute-force it will generate literally every string of characters with the same s
  • Is it just me, or is using currently available teleconference protocols over a VPN just as secure?

    That way you could use MSN, iChat, Jabber, whatever over PPTP, IPSec, or whatever floats your boat.

    Let me know if I'm way off base here.

    Thanks,
    Aardwolf
    • Way off base? Yes very much so. Quantum cryptography is currently considered unbreakable. With even the strongest standard ciphers, AES, serpent, twofish, etc, there are a variety of methods of attack; whether it is against the algorithm, the keys, or the implementation.

      With quantum cryptography, an attack it basically impossible, as any attempt to intercept the communications (tapping the fiber) causes an interruption to the photons, and the entire exchange stops.

      For the most part, using a VPN with stron
  • All the hackers will have to do is make a quantum leap into the past to stop it from ever existing. That's a no brainer.
  • by Bradlegar the Hobbit (132082) on Monday May 02, 2005 @11:23PM (#12416201)
    Quantum cryptography is neat, to be sure, but what happens if the cat dies?
  • I'd like to point out that quantum cryptography (depending on the protocol) does not protect against man in the middle. Unsurprisingly, some guy in Russia already has
    done research on this:

    http://www.vad1.com/qcr/present-attacks-via-optica l-loopholes-erlangen-200409/present-attacks-via-op tical-loopholes-erlangen-200409.pdf [vad1.com]

    There goes my confidence for quantum cryptography.
    • it's funny because each time there is a subject about quantum cryptography, there is someone clever than other to tell us that "quantum cryptography is vulnerable to man-in-the-middle attacks!". And each time we must repeat that, well, it's not. Not because the quantum physics prevents MITM (it don't) but cause we know unconditionnal algorithms (see Wegman-Carter MAC) that can makes a channel authenticated. For discussion about authentication and Quantum Cryptography see Gilbert and Hamrick "Practical quan
  • Just what we need, now even wiretap attempts are going to make it look like the IT guys don't have a clue what they are doing with the network...

    I can just see the look of astonishment, $20,000+ later, and Fred in IT still can't get the conference call thingy to work...

    Looks like they will have some work on their hands... finding a use that justifies the cost, as well as finding customer's who think spending that kind of money for a phone call is justified. Look at all the companies that are losing custom
  • Has Jon Johansen broken their cryptography yet? No, give him a few more days then.
  • If even one quantum key is "unbreakable" in its complete transmission, why not just use it to send a long symmetric password, and just encrypt with that?

APL is a write-only language. I can write programs in APL, but I can't read any of them. -- Roy Keir

Working...