My latest Math Review on Quantum Keys

Click MR2921421 to download my review of Skobelev’s article On the Computational Security of Quantum Algorithms. Hint: Eve wins if she can control the classical channel and have good stats on the pseudo-random number generator.

Advertisements

Dark Fiber and White Space

Two underused resources, “Dark Fiber” and “White Space” are to be taken advantage of to increase the power of the network.

 

One application seeks to use optic fiber that has being laid but not being used to enable the establishment of secure keys using quantum technology http://www.technologyreview.com/computing/23317/page1/

The other is a wireless network in which the information is carried in the unused interstices of the TV spectrum. http://www.technologyreview.com/communications/23781/

Waiting for the Quantum Leap

For the longest time I have the suspicion that quantum cryptography, although a neat idea, is overrated. I was keeping an eye into developments (see previous posts) just in case. currently my impression is that, with the current, technology, QC is an expensive proposition for the added value it provides. It looks like I am in good company on this. In the October issue of Wired, Bruce Schneier writes a commentary piece where he asserts:

While I like the science of quantum cryptography — my undergraduate degree was in physics — I don’t see any commercial value in it. I don’t believe it solves any security problem that needs solving. I don’t believe that it’s worth paying for, and I can’t imagine anyone but a few technophiles buying and deploying it. Systems that use it don’t magically become unbreakable, because the quantum part doesn’t address the weak points of the system.

Security is a chain; it’s as strong as the weakest link. Mathematical cryptography, as bad as it sometimes is, is the strongest link in most security chains. Our symmetric and public-key algorithms are pretty good, even though they’re not based on much rigorous mathematical theory. The real problems are elsewhere: computer security, network security, user interface and so on.

Moreover I have a nagging question about the fundamental tenet of quantum cryptography. The principle is that Alice and Bob will know for sure that Eve is eavesdropping in their channel because their bits will be changing as required by the uncertainty principle. Eve may be out of luck in getting the secrets as Bob and Alice will certainly decide not to exchange them in her presence. However, the mischievous Eve may decide that she is quite happy with only preventing the exchange. I will call this a denial of channel attack by which Eve can prevent Alice and Bob to exchange any secret until the police figures out where she is tapping the quantum line and force her to stop. Eve-hacker can now start a cat and mouse chase, that judging from the record on netting hackers by the internet police, is lopsided on Eve’s favor.

A mathematical note aside, Schneier mentions in his article the Bennet-Brassard and key reconciliation algorithms used by quantum cryptography. In a paper written with A. Bruen and D. Wehlau we gave rigurous proof of convergence for the Bennet-Bessete-Brassard-Salvail and Smolin (BBBSS92)method. These results and more about quantum cryptography also appear on the our book.

Man in the Middle attack for QKD?

In an article titled “Can Eve control PerkinElmer actively-quenched single-photon detector?” Vadim Makarov et al. report that thanks to the “strange behavior” found of one of the most often used photon detectors, it is possible for the eavesdropper (Eve) to inject a crafty pulse and fools Bob’s detector by introducing a click of her choice. Eve can now run a man in the middle attack, and when Alice send Bob the list of erroneous polarizations (the “key reconciliation” phase) Eve will be able to recover the key.
I am not sure at this point whether this is just a shortcoming of the particular hardware being used or if this is a pervasive characteristic of the type of circuits used for the detectors. Let’s see.

qubits and such

The ominous promise of a quantum computer able to factor large primes is often cited as the end of the road for cryptographic systems based in number theory, that is all forms of public key cryptography. To gain some perspective on the probabilities that a practical quantum computer with such capacity be around the corner, I have compiled a list of links related to the most promising technologies being developed in labs around the world.

A very nice graphical representation of the concepts of qubit and entanglement can be found here.
Detailed description of the trap technique (also here).
Developments on Quantum dots at Delft.
A recent survey of quantum algorithms.
IBM’s famous Quantum Information Group.
A quantum communication bus.
News from Nature blog.

Quantum Cryptography (update)

Over a year ago I was posting about advances on practical quantum cryptography. In particular on the commercial side of it. Since then I’ve been keeping an eye on the news and everything is very quiet on this front with the exception of id Quantique.
As far as I know they have the only commercial implementation of a quantum key distribution (QKD) system. They are advertising a hybrid system in which a quantum channel is used to exchange the encryption keys for a AES encrypted classical channel. From the latest news at their website I can guess they figured out that without a standard to conform to, the sales of any new type of encryption system is an uphill battle.
The arXiv has a recent paper on practical quantum cryptography in which the authors mention mainly QKD as the only quantum technology mature enough to be commercial.
Other than the above mentioned systems, quantum cryptography is still a promise that has not delivered real, usable products.

Attacks on Quantum Cryptography

As recently reported in an IEEE On-line magazine, practical implementations of quantum cryptographic systems are exposed to attack. The weakness arises from the need to authenticate the communicating parties. The laws of physic determine that the proverbial eavesdropper Eve will reveal her presence when snooping from a quantum channel.
However, to avoid a trivial man-in-the-middle attack, quantum encryption protocols need to exchange information over a classic channel for authentication purposes. Authentication over a classic channel is subjected to classic attacks targeting the weaknesses of the underlying protocol.
My two comments on this:
Authentication is still ‘the’ problem for many cryptographic systems and;
Prof. Lomonaco’s dictum* is applicable also to quantum encryption.

[*] To be able to communicate in secret one must first communicate in secret

related post

Quantum Key Distribution

Since the introduction of the original ideas by Wiener and further development by Bennet, Brassard, Salvail, Smolin and others in the 1980’s, Quantum Cryptography has being making steady progress towards practical applications.
Currently some banks and government departments are using Quantum technology based on the transmission of single photons over fiber-optic links to transmit unconditionally secure cryptographic keys. However current technology allows for transmission only over relatively short distances at limited transmission rates.
One of the main drawbacks of quantum encryption is the difficulty of generating and transmitting individual photons without a loss of information because of interactions between photons and the medium.
An article describing Quantum Key Distribution can be found here.
I have compiled a list of companies (not exhaustive) that offer hardware based on different aspects of quantum cryptography. Without any claim of performance and in no particular order they are:

IBM, Hewlett-Packard and NEC also have extensive research projects on quantum cryptography. (NEC have announced delays in the marketing of its products).
There is a tremendous amount of research effort and money being spent on this technology as the prize for a practical technology that allows unconditional secure key generation will be huge.