Forgot your password?
typodupeerror
Communications Encryption United Kingdom Science Technology

Quantum Cryptography Now Fast Enough For Video 69

Posted by kdawson
from the key-frames dept.
cremeglace sends in news of a major advance in the speed of quantum key distribution. "Researchers at the Cambridge Lab of Toshiba Research Europe have solved the problem of transferring highly sensitive data at high speed across a long distance network. The team were able to demonstrate the continuous operation of quantum key distribution (QKD) — a system that allows the communicating users to detect if a third party is trying to eavesdrop on the data communication — at a speed greater than one megabit/sec over a 50 km fibre optic network, thanks to the use of a light detector for high bit rates and a feedback system which maintains the high bit rates during data transfer. ... The faster one megabit/sec data handling will allow the one-time pad to be used for the encryption of video — a vast step forward over the current ability to only encrypt voice data."
This discussion has been archived. No new comments can be posted.

Quantum Cryptography Now Fast Enough For Video

Comments Filter:
  • by mooglez (795643) on Tuesday April 20, 2010 @04:07AM (#31907584)

    Would this be vulnerable to the man in the middle attack on quantum key distribution described in this earlier slashdot article:

    http://it.slashdot.org/story/09/12/30/2118250/Quantum-Encryption-Implementation-Broken [slashdot.org]

    They seem to be attacking the hardware rather than the software

  • by FuckingNickName (1362625) on Tuesday April 20, 2010 @04:37AM (#31907726) Journal

    And howd'ja verify the integrity of your transmission? In a possibly equivalent formulation, Bob, how do you make sure Alice is the source of your channels, not Eve?

  • by gweihir (88907) on Tuesday April 20, 2010 @05:49AM (#31907994)

    And will remain so. Key exchange is not the issue. The issue is the symmetric encryption used afterwards (and that is present with quantum key exchange as well). Even if you disregard that, Quantum key Exchange will never be economically or security wise superior to existing solutions.

    If you spend what this quantum BS costs on distributing one-time pads, you are a) provable secure b) need no new infrastructure and network links c) have no problems with routing (Quantum key exchange can only be routed optically and only for a limited distance, signal amplification is not possible) and d) spend a lot less money.

    This comparison is unfair, you say, because one-time pads for n participants have size n*n? Unfortunately that is what you likely will end up for the infrastructure for Quantum Key Exchange as well, unless you have a very low number of participants. In that case the one-time pad becomes very cheap too.

    Let me give you an example:
    Say, we have 10 participants. Say we need 100'000 keys a day. Say a key has 256 bit, i.e. 32 bytes. A single DVD-ROM of random bits can then last for about 4 years. Generating 5GB of high-quality randomness can be done relatively cheaply, I would estimate that a generator using junction-noise can be built that gives you about 50kB/sec of random bits for less than $5000 (32 junction generators at $100 each, one 32 bit digital I/O card, one standard PC. My prototype for a junction generator is about $2 in parts, but has no shielding or filtering). That one takes a bit more than a day for the DVD. Say $10'000 overall, including labor. Then you have costs of couriering the DVDs to the destination. Say something like $100'000 per year. For a larger net, say 100 participants, use 1TB HDDs for 31 years at 1'000'000 keys/day. Or 3 years at 10'000'000 keys/day for 1000 participants.

    While this is simplified, the numbers are realistic. They are several orders or magnitude cheaper than any quantum solution. Do not forget that this quantum stuff only works with people you know and that have the right (expensive) hardware already installed and are on a direct optical or optically routed link with you that is below a certain length.

    And here is the killer: There are working key exchange solutions that can be made far more secure than the symmetrical encryption and that do not need any change to the network infrastructure at all. In addition, they do not have the risk that the physical theory (and it is just a theory, not fact) has a slight error that then leaks key material.

    In short: This technology makes no sense whatsoever form a security or economic point of view and very likely never will.

  • by Joce640k (829181) on Tuesday April 20, 2010 @09:53AM (#31910228) Homepage

    There's no reason to believe a brute force attack on AES128 will ever succeed.

The reason that every major university maintains a department of mathematics is that it's cheaper than institutionalizing all those people.

Working...