First Quantum Cryptographic Data Network

jdubs writes to tell us ScienceDaily is reporting that scientists at Northwestern University and BBN Technologies have demonstrated the first truly quantum cryptographic data network. From the article: "Kumar's research team recently demonstrated a new way of encrypting data that relies on both traditional algorithms and on physical principles. This QDE method, called AlphaEta, makes use of the inherent and irreducible quantum noise in laser light to enhance the security of the system and makes eavesdropping much more difficult. Unlike most other physical encryption methods, AlphaEta maintains performance on par with traditional optical communications links and is compatible with standard fiber optical networks."

Quantum post

[BadAnalogyGuy]

This post is <blink>not</blink> insightful!

Re:

[RuBLed]

I agree...

Re:

[rackhamh]

If you'd had a quantum computer, perhaps you would have known your blink tags wouldn't work BEFORE you hit the submit button! ;)

Re:

[Anonymous Coward]

it was both blinking and not blinking. then you went and spoiled everything by observing it...

Re:

[waxigloo]

I agree. It would have been nice if the article compared what they have done here with what is already been done by commerical quantum key ditribution (www.magiqtech.com). It is not clear from the article what is actually the new breakthrough...

Re:

[schliz]

That's cause it's a press release :( Cool tech though. I'll look into it and post another link up soon...

Oh god no...

[Anonymous Coward]

The sharks are talking to each other with their frickin' lasers! Quick, get Sony to invent a ludicrously overpriced piece of hardware for all the other colours of laser, so that we get a shortage of those too and the sharks can't get their fins on any more! ...OK, I'm done.

Will we know?

[SanityInAnarchy]

We know a working quantum computer, on a sufficient scale, can crack modern encryption in something like linear time, or at least better than the current exponential time. We know that no such computer exists now, or at least not on sufficient scale to enable the NSA to snoop all our encrypted traffic.

Or (tinfoil hat time) do we really? Will we know when this happens, or will it be classified and snapped up by the government? Would we notice that? (The way we did with the a-bomb -- contests were held for whose work could be classified the fastest.) Or would we only notice years later, when it's finally leaked...

Re:

[Tribely]

In Soviet Russia etc. etc. etc. uh-huh.

Re:

[Rufus211]

(The way we did with the a-bomb -- contests were held for whose work could be classified the fastest.)

Never heard of this before, but seems resonable. Any sources?

Re:

[SanityInAnarchy]

Can't find any, sorry. I think this is something my high school physics teacher told me.

Re:

[Anonymous Coward]

It's been classified.

Re:Will we know?

[johndoe42]

Really? Last I heard, quantum computers were not known to be able to solve NP-hard problems in polynomial time, and, in the absence of cryptographic breakthroughs, breaking symmetric ciphers ought to be difficult NP problems. Grover's algorithm might help, but only enough to reduce the rate of exponential growth a bit (i.e. 256-bit encryption will stuff be effectively unbreakable by any technology, unless BQP >= NP).

That being said, quantum computers can easily break RSA, ElGamal, and related schemes (using Shor's algorithm, for example). But this quantum encryption thing, absent any details, doesn't look like it's trying to do assymetric encryption.

See http://en.wikipedia.org/wiki/Quantum_computing [wikipedia.org] for more info.

Re:

[SanityInAnarchy]

As far as I know, you usually need asymmetric encryption to reasonably set up temporary symmetric encryption. And so many systems today are based on RSA, which is what I'm talking about. Basically, it makes SSH no more secure than Telnet.

Re:Will we know?

[maxwell demon]

An existing large enough quantum computer would make ssh much less secure, but as long as not everyone can afford his own quantum computer, it would still be magnitudes more secure than telnet. It's still a difference if e.g. your encrypted banking password can be read by the government, or if it can be read by anyone having access to a computer in between.

Re:

[Magada]

Your post is a bit shortsighted. Substitute "the government" with "any organisation which can match .gov spending in the particular area of quantum decryption devices". That's a much larger set.

Re:

[kalirion]

And add "any hacker who gets can break into the systems of such an organization."

Re:

[inKubus]

The government CAN read your shit. Even if they maybe can't decrypt your bank password, they can just stroll into the bank and get what they need. So yeah, you are just protecting yourself from the Joe Cracker who wants credit card numbers to card shit, or an identity theft ring that wants to make ID's for illegal mexican immigrants (terrorists).

Hopefully it's not a problem if the Government reads our shit because THEY WORK FOR US (so the constitution says). If they misuse that information, it's really o

Re:Will we know?

[ajs]

As far as I know, you usually need asymmetric encryption to reasonably set up temporary symmetric encryption.

Yes and no. Let's step back and cover what is currently done:

Typically you generate a public/private key and give one out to the world (the "public" part, though in most systems that's an arbitrary distinction). The reason you do this is because it's "safe" to give out the public part (no one can decrypt your messages with it) and it gets around the horrible problems inherent in trying to move a key around that *can* decrypt your data (such as those used in symetric key systems). Now you could just stop there, and encrypt all of your data using the target's public key, but it turns out that that's fairly computationally expensive.

In order to speed up the process, you can just use the public key to encrypt a random, one-time session key that you use as the input to a (much faster) symmetric key algorithm such as IDEA, blowfish, twofish, DES, 3DES, etc. Now you have a fast communication path and, as long as the symmetric key system is believed to be at least as strong as the asymetric key system, you have not lost any security.

Now, if symetric key is so much faster, why don't we just use THAT? Well, we would, except that it's a pain to get the symetric key to the target without compromising it. You could, for example, send it via U.S. Post (slow, and not 100% reliable), send it over a private communication channel like a leased line (expensive, not secure), etc. There are other ways too. For example, you can NOT send the key, but have an out-of-band agreement as to how they are generated. For exaple, you might agree to use a pseudo-random number generator (PRNG) wiht a particular seed on a particular date, generating a new key each day. That's not too bad for some purposes, by typically it's not strong enough for truly important information, as PRNGs tend to have their own flaws, and anyone who finds out what you're doing essentially has every key you'll ever use until you exchange a new seed.

What quantum encryption changes is this: it gives you a secure channel over which to communicate (usually at low bandwidth), so you can use it to move a key for symmetric key encryption, and then perform your encryption with that. If anyone evesdrops on the connection, you are guaranteed to know (because the data will be changed, and presumably you've built in appropriate checksums so that you will realize that you now have line noise), and you won't use that key (providing trivial denial of service, which is why this isn't good for non-physical communications).

Quantum computing essentially replaces asymetric key encryption for short, physical links in terms of providing a secure way to exchange symmetric keys. If it gets up to the point that high volumes of data can be moved through the quantum link (which the article is not describing), then you can just move a one-time pad through the link, and your encryption algorithm will be a simple xor.

Re:

[(negative video)]

What quantum encryption changes is this: it gives you a secure channel over which to communicate (usually at low bandwidth), so you can use it to move a key for symmetric key encryption, and then perform your encryption with that.

<sigh> Quantum "cryptography" is not what most people seem to think it is. It's mostly snake oil pushed by con artists and deluded academics.

The only thing "quantum encryption" does is tell you that you exchanged a secret message with whatever machine is plugged into t

Re:

[LRBenson]

There are some smart mofo's on /.

Perfect case in point

[jonwil]

When Chuck Yeager broke the sound barrier in the Bell Aerospace X-1 rocket plane, the results were kept classified by the airforce.

Re:Will we know?

[Anonymous Coward]

The problem is one of information theory - read Cryptonomicon for a good fictional overview of these type of issues - the problem is that *if* they had a working quantum decrypter could they use it yadda yadda, well, there's two options - either they start using it left right and centre and soon everyone *knows* that the NSA can read encrypted data (in which case the bright monkeys will switch back to one-time pads and the hell that is key exchange) - or the NSA will be very clever about it and only act on that information they have decrypted that they can explain coming from other sources, such as:-
1. crack PGP1024-bit message using quantum goodiness
2. get juicy intelligence from message
3. 'bust' someone in the 'organisation' who had access to this information
4. go public with/act upon the intelligence, claiming where needed 'x told us everything'

The whole issue is one the allies had to deal with throughout WWII since they had cracked enigma and so wanted to act on the intelligence without letting the axis know that we could read their codes.

Having said all that though - I'm a big believer in the cock-up Vs. conspiracy theory, meaning given two situtations it is usually always the case that the conspiracy is fantasy.

Re:

[SanityInAnarchy]

It could be much simpler than that today, though -- just find a fairly isolated terrorist cell and bust them. The Patriot Act lets you do it without telling the public why, and the rest of the network never knows how they were caught.

Still, the Cryptonomicon point is a valid one. Even with an elaborate scheme like yours, you still can't be 100% accurate, and every day you have to decide: Do we let this one pass, so they don't get too suspicious, and so we can do more good later, or do we nail them now, s

Re:

[ichigo 2.0]

I suspect your theory about conspiracy theories is flawed, in that any half-decent conspiracy theory isn't easily provable as a fantasy. It doesn't mean one should believe them, either -- like God, they are often inherently not scientific hypotheses, because they can't be disproved.

I'm sorry, but you are completely wrong. Yes, god cannot be proven or disproven, as the concept is completely outside our laws of nature, but claiming the same of conspiracy theories? Now that's just silly.

Re:

[SanityInAnarchy]

Let's try that, then. Disprove for me, if you will, that an alien craft landed at Area 51 and is now being held in a secure location...

Maybe it's a silly idea, but it's pretty much impossible to disprove. If it's specific enough to disprove, they can still change the theory to match new facts.

Not all conspiracy theories are created equal. However, the one I was bringing up, specifically about quantum computers existing now and being used to crack encryption, cannot practically be disproved, as that would

Re:

[ichigo 2.0]

I think the problem isn't that it's hard to prove god exists, but that the concept of god is completely outside the scientific method. How can you measure or observe something that can create a universe at will, controls time and can change the very laws of nature? Even if someone found a way to detect the presence of god, then this god could suddenly decide to change the past and make it so the person never invented the detection mechanism. Or maybe it changes the very laws of nature, making the method ine

Re:

[SanityInAnarchy]

As you already pointed out, with enough time and money, one could gather enough evidence to do just that.

Prohibitively expensive, for all intents and purposes, can mean theoretically impossible. No one will ever organize the kind of resources needed to hunt down one conspiracy theories, when ten others will spring up in their place, at least one saying the "proof" comes from an untrustworthy source.

Kind of like how, without a working quantum computer, there is no known way to beat RSA, because even if we

Re:

[solitas]

The whole issue is one the allies had to deal with throughout WWII since they had cracked enigma and so wanted to act on the intelligence without letting the axis know that we could read their codes.

Um, I think the Allies didn't exactly HAVE those problems. They only had to justify the intelligence for themselves - they did not have civilian groups demanding 'full disclosure', media making an idiot-simple circus out of 'spying' coverage, or enemies crying to a u.n. they they were being 'unfair'...

Re:

[ishepherd]

The point is that by repelling attacks *too* efficiently, the enemy becomes suspicious that you have broken their communications somehow - and one way is by cryptanalysis. So they change their encryption methods, and suddenly you are stuffed.

Oblig wiki link [wikipedia.org]:

The Allies were seriously concerned with the prospect of the Axis command finding out that they had broken into the Enigma traffic. This was taken to the extreme that, for instance, though they knew from intercepts the whereabouts of U-boats lying in wai

Re:

[solitas]

You're right - I hadn't remembered Churchill dilemma concerning Coventry.

Re:Will we know?

[strider44]

I don't mean to be a pedant but this article has nothing to do with quantum computing. It just has to do with using quantum mechanics to design a data stream that is impossible to be eavedropped on according to quantum physics. See Wikipedia [wikipedia.org] for more details.

Re:

[UnHolier than ever]

I don't mean to be pedant, but the summary did not mention quantum computing, it only mentioned quantum cryptography which is what the article is about, for once.

Re:

[SanityInAnarchy]

I don't mean to be a pedant, but that was in direct reply to my comment on quantum computing, so it would seem to be a valid bit of pedantry.

Thank you

[JackBuckley]

No pedantics taken. I was about to post the same point for all the kiddies citing Neal Stephenson as their source of crypto knowledge.

Re:

[medelliadegray]

the only way it would *EVER* get out is if that information were leaked, or another government said "look what we can do", even with the later, the US of A would probably remain silent in their capabilities.

why? think of how much leverage the us would have in being able to eavesdrop on any friend or foe. I cant think of anything which would have more strategic value.

I think if an academic facity were to announce a breakthrough such as this, (assuming it was before OR after the government had a working versi

Re:

[ajs318]

When an invention's time comes, the invention comes. The telephone was invented almost simultaneously by both Alexander Graham Bell and Elisha Grey, who arrived at the patent office only a few hours too late. The phonograph was invented by Thomas Alva Edison at around the same time as the gramophone was invented by Emil Berliner. The filament bulb was invented by Thomas Alva Edison only one year after it had already been invented by Joseph Swan {and unfortunately still has not been banned}. A public-ke

Re:

[SanityInAnarchy]

They don't have to suppress facts, they just have to ridicule anyone who questions the official version of the truth -- which is how they deal with UFO sightings. Whether or not they are true, you have to admit, if UFOs were real and the government was hiding them, we would "know" just as much about them as we do now.

Also, your RSA example does help -- how much later? And certainly with modern tech, you often see good fields unexplored because they aren't yet seen as practical. A good example here is pro

Re:

[ajs318]

They don't have to suppress facts, they just have to ridicule anyone who questions the official version of the truth -- which is how they deal with UFO sightings. Whether or not they are true, you have to admit, if UFOs were real and the government was hiding them, we would "know" just as much about them as we do now.

Actually, the British and American governments deliberately let people believe in UFO sightings to cover up military experiments. The famous cattle mutilations were just hasty attempts to obt

Re:

[SanityInAnarchy]

You seem to be advising against copy'n'paste, so it would seem you agree with me here. And personally, I prefer a quick evolutionary process. Code, unit test, fix, so that it's correct, and stays correct, while you work on something else. The cycle I hate is code the whole thing, then spend the last month or two testing and fixing bugs, at least until managers deliberately ship the (still) buggy code.

Re:

[DangerTenor]

Well, as I just posted on our blog, SecurityMusings [securitymusings.com]...

The theory is that quantum cryptography / quantum eavesdropping-proof networks will advance as quickly (or quicker) than general-purpose quantum computers. So, we'll hopefully all have moved to quantum cryptography by the time quantum computers are available which can cut through today's keys like a hot knife through butter.

Theoretically....

-=-=-=- Listen to and comment upon the musings of information security geeks [securitymusings.com] -=-=-=-

The real question is...

[und0]

Has Harold a research team of his own?

Cheating!

[Mister Impressive]

They changed the outcome of the test by checking the results!

Solution without a problem

[suv4x4]

Is modern digital cryptography so easily broken anyway? No.

I don't mind research on quantum tunnels and so on regarding cryptography, but I really wonder: who ever needed it.

BTW, anyone need a noisy stupid mechanical donkey? Oh yea the military do. I swear this is where this is going as well. No general wants someone to sniff his porn traffic.

Re:

[chicoryn]

I can't claim to be an expert on the subject but rather then an actual new encryption quantum cryptography is an way to ensure no one can listen without you knowing(Making use of the "Can't watch without changing" law in quantum physics), while it isn't that much of an problem right the computer power will continue increasing, better to have the solution before the problem right? And yes this isn't going to be an home device anytime soon since it's WAY to expensive for home use.

Re:

[DarenN]

Well Duh! :)

FTA:
The quantum cryptographic research project is supported by a five-year, $5.4 million grant from the Defense Advanced Research Projects Agency (DARPA).

Can some-one please explain?

[kwikrick]

The article does not explain at all what quantum cryptograpy is and how it's different from the cryptograpy we all know. Ah, but here's wikipedia to the rescue http://en.wikipedia.org/wiki/Quantum_encryption [wikipedia.org]:

Quantum cryptography uses quantum mechanics for secure communications. Unlike traditional cryptography, which employs various mathematical techniques to restrict eavesdroppers from learning the contents of encrypted messages, quantum cryptography is based on the physics of information. Eavesdropping can be viewed as measurements on a physical object -- in this case the carrier of the information. Using quantum phenomena such as quantum superpositions or quantum entanglement one can design and implement a communication system which can always detect eavesdropping. This is because measurements on the quantum carrier of information disturbs it and therefore leaves traces.

Information-free article!

[Ancient_Hacker]

The dang original article mush have encrypted all the useful information, as I didnt see a single useful detail.

You can certainly use quantum "noise" to generate high-entropy keys, but how does that prevent evesdropping on a public network? It can't.

And since novbody has been able to get even two quantum gates to work, they can't be using "quantum computing" in any real sense of the word.

Or perhaps TFA is the high-entropy key? More details, or ANY details, would have been useful.

Friggin Quantum crap.

[Rob T Firefly]

I'm sick of Quantum Cryptography. Every time I try and encrypt something, this smartass time-travelling scientist guy takes over my body, kisses some girl I know, and solves one of my lifelong problems before disappearing in a flash of cartoon FX.

Re:

[Kehvarl]

Settle down, you're leaping all over the place.

Story reads like a press release

[hotspotbloc]

And it seems it is [eurekalert.org]. Others including UPI got caught too [google.com].

Besides, a point-to-point quantum crypto connection was done around two years ago in Europe. Also the "article" never talks about the one thing you can't do with quantum traffic: route.

Moo

[Chacham]

The beauty of quantum encryptions is that even the smallest things means something different to everyone.

The basis of the encryption is simple. The data goes inside a plain cryptumbular box, and is locked with a quantum key. The key's signature can be detected by any decrypter, and the user is asked to use a C code to open it.

The C code is done differenlty by everyone, and does not deserve any specific comment. The obfuscation is awarded on the quantus anum, and the results are easily availible.

After that,

Link to BBN

[jesboat]

BBN's page for quantum crypto [bbn.com]