Feeds

Quantum Crypto – It's in the fiber

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Letters : Holy Grail of crypto to arrive in three years, say UK boffins

You mention already the fundamental existence of noise.

Precisely noise makes it impossible to differentiate between errors in the communication because of noise or because the perfect hacker started listening in.

Please use your Holy Publicaton Powers to make an end to this stupid hoax!

+++chefren




While this is a break through it is important to remember that it will not provide absolute security.

As a first note it is important to realize that quantum communication systems are subject to DOS type attacks. While these are less of a security risk they are noteworthy. Also we must constantly remind ourselves that any system is only as secure as its weakest component. Like most systems, quantum systems are based on the assumption of random numbers. Unfortunately there is currently no reliable way to rapidly generate random numbers, particularly in a corporate (bank) environment. These considerations do not include the small number of theoretical attacks including listening to photon gun switching noise (reference unknown).

This is not to belittle the technological advance though. Quantum cryptography will add a key part to modern cryptography. It is an option, while dependant on other technologies will allow society to reach a new level of security. It is just important to keep in mind that if someone wants your data they will get it, its just a matter of making it too difficult to make it worth while.

-Dan Thiffault




Your article seems to suffer the same problems that so many others have fallen for, the assumption that quantum cryptography is anything but a laboratory toy.

Yes there are narrow cases where quantum cryptography will be of use in the real world, but the simple fact is that it will never be of much use. The reason is fundamental and was actually missed in your article.

It is important to note that a quantum cryptography signal CANNOT be routed, and the reason lies in the nature of quantum cryptography. This will completely cripple the ability of quantum cryptography to be at all useful.

The reason it cannot be routed is fairly simple; quantum cryptography relies on the fact that once the particle has been examined the state changes randomly, the result is that the bits cannot be discovered by two entities.

A second necessity is that the particle state cannot be created, so no particle stream can ever be cloned. Based on this look at the process of routing. Receive the data, read the routing information (which will obviously be in the clear), hold the data in memory while the next step is discovered, read the data from memory (voids the state), write the data to
the next link (no state can be duplicated so this cannot be done). The two critical steps cannot be done.

There is actually an alternative, there is a reflector that can be built that will "route" the signal without reading it, but in order to use such a reflector you would have to read the routing data, then shunt the real data off into a big loop (with absolutely critical timing) so that the routing could be computed.

This though has it's own problems, each in process packet would require its own loop (to avoid contamination which would void all the states), and each of these loops would have to be several miles in length (light is very fast). Consider just my home router, it has 3 computers connected, and at peak usage probably is routing a dozen packets, my personal home network would require potentially hundreds of miles of fiber optic cable. Considering that cheap fiber optic cable appear to be about $1/foot, and there are 5000+ feet per mile, I'd be looking at a half million dollar investment just for the fiber optic cable to quantum crypto my home network of 3 computers (and I haven't even begun to talk about how to store these miles of cable). I don't even want to think about what it would take for a large city, but it would certainly be larger than the city.

This is not to say that there aren't cases where quantum crypto is useful, there are, but as a "holy grail" of cryptography it's really rather useless.

Joseph Ashwood
Trust Laboratories




Right now we have SSL, good stuff, hard to break, but so poorly implemented (management of keys/etc/etc) and the ultimate storage of data on servers is so insecure that SSL is largely meaningless. The same will be true of quantum crypto. We're using armed bank trucks to transport bags of money from one city park bench to another (i.e. the money is left out in the open).

Besides, anyone with the capabilities to tap into fiber optic links typically has enough resources to get at your data other ways.

Kurt Seifried

Intelligent flash storage arrays

More from The Register

next story
Holy vintage vehicles! Earliest known official Batmobile goes on sale
Riddle me this: are you prepared to pay US$180k?
'Open source just means big companies can steal your code.' O RLY?
Plus: Flame of the Week returns, for one night only!
Hey, you, PHONE-FACE! Kickstarter in-car mobe mount will EMBED your phone into your MUG
Stick it on the steering wheel and wait for the airbag to fire
NEWSFLASH: It's time to ditch dullard Facebook chums
Everything hot in tech, courtesy of avian anchor Regina Eggbert
'It is comforting to know where your data centres are.' UK.GOV does NOT
Plus: Anons are 'wannabes', KKK says, before being pwned
Criticism of Uber's journo-Data Analytics plan is an Attack on DIGITAL FREEDOM
First they came for Emil – and I'm damn well SPEAKING OUT
Bible THUMP: Good Book beats Darwin to most influential tome title
Folio Society crowns fittest of surviving volumes
U wot? Silicon Roundabout set to become Silicon U-BEND
Crap-spouting London upstarts to get permanent road closure
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Choosing a cloud hosting partner with confidence
Download Choosing a Cloud Hosting Provider with Confidence to learn more about cloud computing - the new opportunities and new security challenges.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.