Has any scientist in Canada disobeyed the 'official procedure' and talked to the journalists directly about his work? Or do they all follow the procedure, understandingly being very afraid of jeopardizing their positions and research grants prospects in Canada?
It is one of responsibilities of a publicly funded researcher (especially a tenured professor) to talk freely about his findings. This is an essential contribution of the publicly funded science to the society and democracy. I would thus seriously consider ignoring the orders in such situation, even at the risk of getting fired -- okay, it depends on the situation and how much is at stake, but I would at least think about this and probably discuss promptly with the university administration.
As far as I know, in other developed countries (including the one I am currently working in, Norway), there are no barriers in communication between scientists and the press. We answer emails and calls from journalists without asking anyone's permission. There is a public relations office at my university, but its purpose is to help the communication, not to censor.
Am I being too naive, or Canada is really abnormal in this respect?
Zero-knowledge authentication is impossible by definition. If you know nothing secret about someone, you can never verify his identity.
A small pre-shared key is used for initial authentication, in all classical and quantum crypto alike, to preclude a man-in-the-middle (MITM) attack. In the classical public-key infrastructure (PKI), this authentication key comes from the certicficate authority with, e.g., your copy of the web browser. If it is spoofed at the distribution step, MITM attack becomes possible.
In quantum crypto, the initial key is small, because once the quantum-generated key begins to grow, its small fraction is used for further authentication keys.
Agreed. This article will advance his career, so getting it on Slashdot leads, indirectly, to financial benefit for him. That said, I agree with the GP that it's deserved - and it really is news for nerds.
I'll bite this troll. I typed this submission because
1. I think what we do is cool, and is interesting to Slashdot readers (I read Slashdot daily myself).
2. I can formulate what we have done better and include most relevant links, comparing a random submitter who has just read a news story.
3. Yes! I am 37 and I do not nave a tenure yet! Every bit helps
I still think (from my fuzzy understanding of this attack) that it uses a specific implementation detail that depends upon the system used, and might be relatively easy to patch. Maybe they can use different wavelengths of photons, one for a test and one not--I don't have the expertise to say how much of a redesign is necessary. The article makes it sound like it's not a huge deal, and the Toshiba guys say in one of the other articles that their system isn't susceptible to these attacks when properly operated.
Currently the problem is quite general, because most quantum cryptosystems today use detectors of the vulnerable type. We think it is patchable, just not by the approach the Toshiba group practices, but patchable. (We dislike Toshiba's approach for not being general and thorough, but more of a quick band-aid.) During the past 20 years there were a couple problems of similar magnitude in quantum crypto, and they were solved. Note that similar problems periodically show in implementations of classical crypto.
The future of quantum crypto will now be decided, from one side, by the market, and from another side, by publicly disclosed mathematical developments on various classical ciphers (which can be cracked overnight, but can also be proven more secure... I'm not a mathematician so I won't venture a guess for the odds of either). In quantum cryptography there is at least one well-engineered commercial system, several advanced commercial prototypes (Toshiba has one), and the hacking efforts are going to eliminate all easy loopholes in a reasonable time. It is also important how well quantum cryptography can be meshed into networks with many nodes and links. There have been several demonstrations of quantum crypto networks, the latest in Japan last year.
The current commercial systems (like ID Quantique's Cerberis) use quantum cryptography as an extra security layer on top of classical crypto. To get to the master key used to encrypt the data, one needs to crack both quantum key distribution and classical key distribution at the same tme. We temporarily compromised the quantum layer in this work, but in a commercial installation the data security would hang on the classical crypto, until the quantum layer is patched. Of course the security of the symmetric ciphers (normally AES with frequent key changes) used for high-speed data encryption is another question, but I think there is also an option to establish a low-bandwidth highly-secure channel encrypted by one-time-pad. The whole reason AES is offered with quantum crypto is that the performance of the classical crypto has spoiled everybody, and the users do not want to separate communication into high-security and low-security categories. They just want to encrypt the whole 10 Gbps link, so this is the default option.
"An organization dries up if you don't challenge it with growth." -- Mark Shepherd, former President and CEO of Texas Instruments