China's 'future-proof' crypto: We talk to firm behind crazy quantum key distribution network Two hundred local government employees across the capital of China's eastern Shandong province will soon be encrypting messages with keys that are "impossible" to crack. QuantumCTek, headquartered in the humid, subtropical city of Hefei in eastern China, will next month launch a commercial network for creating and sharing …
Would it not be possible (and relatively easy) to build into your encryption algorithm a self destruct mechanism. i.e. if someone types in the wrong code more then a dozen times then the message is permanently scrambled/deleted. Seems like an extremely easy way to defeat brute forcing, and a heck of a lot cheaper and more scalable then going to Quantum computing...
No, not possible.
How does your decryption algorithm know how many attempts I've made? I'm restoring from a backup every time I get it wrong.
Besides, your decryption algorithm is public knowledge (because no one in their right mind is going to use it unless it's been peer reviewed and is well understood), so I'm currently writing a program to do the decryption and just skip the bit about deleting (or 'scrambling') the message when I get the password wrong.
If I've read it right with quantum key sharing, the hard work can only be done in the key generation step. You can only confirm if Alice and Bob are the only holders of the key, or if someone has snagged the key (taken Alice's or Bob's). You cannot stop any other type of attack on the crypto (such as brute force decryption etc).
Not sure if the method in the article covers this though.
The issue is not "guessing the key" of a symmetric cryptosystem like AES256 (after all, reducing 2^256 attempts to 2^128 attempts is still infeasible).
It is about distribution of keys. This currently relies on asymmetric crypto like RSA or El Gamal, and these in turn are based on the difficulties of reversing certain mathematical problems (e.g. integer factorisation, discrete logarithm).
Quantum computers in theory could give ways to attack those much faster than the best currently known methods.
But how much value? Knowing the message is compromised probably won't mean much if someone else knows the compromised message and because of this can preempt your intended goals.
If you REALLY want to get the message without the target knowing, then you need to take the "outside the envelope" approach and simply snag the message in a phase where it MUST be decrypted.
For our classic crypto couple Alice and Bob to communicate, they first must receive a secret random number, N, that will be used to help authenticate their interaction via any one of the control centres.
Erm. I might be missing something here but if the whole system relies on a securely delivered, shared random number N then you might just as well distribute a shared key, or a shared one-time pad.
Ok.
So the stream is sent, the end point reads it, it says ABC.
Now instead, a middle man reads it first.
Stream starts off 'random'.
Middleman reads it, it now shows 'ABC'.
End point reads it, it still shows 'ABC'.
I'm unsure what's not being explained properly here, but something isn't. How can they check if the quantum state has been decided or not, if simply observing it will cause said state to be decided?
'We know the cat is dead, because we opened the box to check on the cat!' -- There's no proof the cat was ever alive. In the same vain, there's no proof in this system, that it's actually doing any of the things it claims to do. It could just be AES-256, and still be secure enough that no one else on earth can crack it...
You're almost there: (Lets call the start Alice, and the endpoint Bob, as is traditional) My additions in italic
So the stream is sent, and the end point (Bob) reads it, it says ABC.
Bob uses ABC as the key to encrypt his message, and only Alice can read it, all good.
Now instead, a middle man reads it first.
Stream starts off 'random', lets say it's now DEF
Middleman reads it, it now shows 'ABC'.
Bob reads it, it still shows 'ABC'.
Bob uses ABC as the key, and here's the important bit, because Alice has used DEF as the key, they can't communicate, so they know that the key exchange has been tampered with.
Of course, now Alice and Bob just know that someone is trying to listen in to them, but they can't exchange encrypted messages until they find a way to communicate that bypasses the middleman.
This is what quantum cryptography gets you, a way of detecting that the key exchange has been intercepted and read. You still need a decent crypto once you've exchanged keys, and in some ways it makes it easier for bad actors to 'jam' your communication.
@g0rg0r - thanks for taking the trouble to respond
If I understand you right, you are saying that the 'system' will know if the message has been intercepted. This may well be true - I can't tell from the article. But re-reading it, I know I am even more confused!
Firstly it's not clear if the quantum bit only applies to the transmission of the keys as opposed to the transmission of the subsequently encrypted message. I think it is keys only and the message can, in theory, be sent by any means.
Secondly, it didn't dawn on me until later that this is NOT a public key system. It's shared keys:
Alice then sends the K1-encrypted message and K3-encrypted checksum to Bob. Bob uses K1 to decrypt the message, and verifies it came from Alice by decrypting the checksum with K3 and recomputing it using the random number N they'd shared previously.
If Alice uses K1 and K3 to encrypt and Bob uses K1 and K3 to decrypt then this is nothing more than a fancy shared-key scheme.
It also means there is a backdoor because the control centre also knows K1, K3 and N so they can decrypt any message at any time. (Providing they can get a copy, of course.)
[Disclaimer: this is all based on the info in the article which may well be wrong. :-) ]
... interesting contrast to Usual Suspects like NSA/GCHQ or their contractors.
I guess it saves foreign spies the trouble of following the work by clandestine means. Not to mention the potential for diplomatic incidents.
Now the interesting question (on which I hope El Reg will keep us informed) is how governments around the world will react. Including those who preach Freedom of Speech.
It's complicated, but without going into too many details once the message has been intercepted, it is irrecoverably changed. There is no way to recreate the original message without knowing it's contents.
If you don't have a headache yet, the wiki entry is a good place to start.
The principle of quantum key distribution is based on how you do the measurement. It doesn't appear to have been explained in the article (beyond a quick mention of polarisation) and I'm not sure how it works with repeaters, but the idea is entangled photons are generated, sent to Alice and Bob and A and B both randomly choose which basis to measure in.
If you think of linear polarisation, if the entanglement meant the photons had to have the same polarisation, then if A measures at 0 degrees and B measures at 90 degrees, only one of them detects a photon at a time, and they know the other one shouldn't have (spooky action at a distance, the first detection means the other photon must be in the corresponding state). However, if they add 45 and 135 degrees into the mix, on the occasions they didn't use the same basis there's a 50/50 chance of detection. If they randomly select which orientations to measure in, and then, after exchanging photons, they communicate which basis they used for each one, they can work out which measurements they've got correct. If they also share a small proportion of the actual measurements then they can work out if Eve was listening, because Eve wont have known which basis to forward the signal on in and will screw up the statistics for the ones where E guessed wrong. That's the idea, the actual scheme is a bit more convoluted from what I remember.
Simplest (but inefficient) way to implement repeaters would be to have them work in A-B pairs and then use the one time pad generated to scramble the message all the way through. Might be possible to cause entanglement of forwarded photons (e.g. stimulated emission), not a method that would work for Eve as she would still have to make a "state-collapsing" measurement. (I say state collapsing as the simplest image, but I'm actually with Hugh Everett on this.)
Apparently they don't preserve quantum state, but people are working on it http://www.nature.com/nphoton/journal/v9/n2/full/nphoton.2014.311.html
Generally, you can't give a photon more energy, you can only absorb it and re-emit another. For a single photon more energy also means different frequency, being quanta they are indivisible, E=ħω. A classical amplifier is a cascade device, one photon to many.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
