Forgot your password?
typodupeerror
Encryption Math Security Science

Position-Based Quantum Cryptography Proved Secure 45

Posted by timothy
from the where-were-you-when dept.
KentuckyFC writes "Physicists have developed a new kind of quantum cryptography that uses position measurements to guarantee the security of a message. The technique is based on triangulation. Alice uses several transmitters to send messages to Bob who returns them immediately at the speed of light. If the return arrives within a certain time period, Alice can be certain that Bob is where he says he is. Physicists proved a few years ago that when the messages are purely classical this method is not secure because Eve can use any number of receivers to work out where Bob is and then use this information to trick Alice. However, the same physicists have now proved that the quantum version of the same position-based scheme is perfectly secure, essentially because Eve cannot easily measure the value of any qubits in the message. Alice and Bob go on to use the qubits to exchange a cryptographic key, a one-time pad, that they use to encrypt a message. The beauty of the technique is that a message encrypted in this way can be read only by somebody at a specific location, something that governments, banks, and the military, not to mention everybody else, may find useful."
This discussion has been archived. No new comments can be posted.

Position-Based Quantum Cryptography Proved Secure

Comments Filter:
  • by drDugan (219551) * on Thursday May 13, 2010 @02:25PM (#32197032) Homepage

    The position based exchange, of individual qubits, as describing in TFA is for key exchange, leading to a one-time pad [wikipedia.org]. The interesting thing is that once the one time pad is securely created and delivered, the locality is then longer restricted, the " can then be used to send a perfectly secure message" from TFA can then be anywhere.

    But from a security point of view, this is nice, but a major part of security holes don't come from technology, they come from personnel and the ability to trick people. Unless you completely restrict the physical location of the people, information encrypted this "perfect" technology still falls prey to human foibles. As stated in TFA " theoretical security is not the same as practical security"

    • by timeOday (582209)

      But from a security point of view, this is nice, but a major part of security holes don't come from technology, they come from personnel and the ability to trick people.

      I think we are getting to the point of over-emphasizing that fact, as if cryptography were unimportant. OK, this might not show up in Outlook Express. But there really ARE important applications for secure wireless transmissions, and there really ARE extremely professional and well-funded researchers on the "other side" who will use ever

      • by blair1q (305137) on Thursday May 13, 2010 @03:31PM (#32198360) Journal

        If you look at WWII and the Cold War, cryptography was tremendously important.

        It was even more important in WWI. The Germans had submarine warfare, and there was no sonar, making subs pretty much invincible. Germany also had a strong surface fleet. They succeeded in driving the Allied fleet out of the North Sea. They could have owned the entire ocean, cut off all trade and resupply of the Allies, taken Europe and then Britain, and then by degrees the rest of the world.*

        But the British had captured a German codebook and were using it to track subs and ships, made easier by the German practice of daily radio communications (admiralties being groups of control freaks with politically motivated bosses, they tended to be clingy that way.) They still considered the North Sea dangerous, but were able to maintain a blockade by patrolling the Channel and the North Atlantic.

        * - It's likely they wouldn't have had to "take" the U.S.; we at the time were isolationist and neutral, and in fact had welcomed a German submarine as heroes when she ran under the British blockade to get supplies from us. They used their biggest sub and gutted it for the trip, but the effectiveness was minimal so they never tried it again. The point is, if the British hadn't had control of the ocean, the Germans could have been trading with the world's prime source of natural resources all along while they were knocking down one nation after another, and America would have fed Germany right up until the moment Germany turned on America. Instead, the Germans got desperate, started attacking civilian vessels, sunk the Lusitania, disgusted us all, and put America on the side of the Allies, though it would be some time before we did more than supply them.

        • by owlstead (636356)

          WWI was not about Hitler Germany or anything. It was basically a war between countries to see who could grab the most riches and colonies - at least as far as I can tell from the little history I got about it. If you look at the history between the US and the UK at that time, I would not think it strange that German subs were considered heroes.

          My history is not that good, but I know you have to look at facts like these from the perspective at that time. Not the current perspective, let alone the perspective

      • Re: (Score:3, Insightful)

        by Bakkster (1529253)

        I think we are getting to the point of over-emphasizing that fact, as if cryptography were unimportant. OK, this might not show up in Outlook Express. But there really ARE important applications for secure wireless transmissions, and there really ARE extremely professional and well-funded researchers on the "other side" who will use every algorithmic trick in the book to crack them. If you look at WWII and the Cold War, cryptography was tremendously important. Even the cryptographic attacks on "everyday" technologies like WiFi and ATMs available to the average script kiddie are quite impressive. So I wouldn't be too blase about cryptography not being the weak link.

        The best part is that both weaknesses were used to break the Enigma cipher. They first exploited weaknesses in the cipher itself (letters couldn't be encrypted to themselves) and then weaknesses in the operators (the lazy Nazi would frequently choose Der Fuhrer's birthday for his cipher).

      • So I wouldn't be too blase about cryptography not being the weak link.

        Also, it has to be said that the main reason cryptography is getting less emphasis as the weak link is the dramatic advance made in cryptography over the last few decades. It's not becoming less important, it's just become better. Since we get to the point where nobody could feasibly use an algorithmic brute-force attack against properly used household cryptography (OpenGPG), non-cryptographic attack vectors like social engineering or vir

    • " theoretical security is not the same as practical security"

      Not to mention Applied security. This kind of encryption is nice in theory but how long until its deployable?

      But I get your point, technology only goes so far when you get people who don't know what a phishing attempt is, and/or leave their password on a post it on their monitor.

  • Hmm... (Score:5, Funny)

    by fuzzyfuzzyfungus (1223518) on Thursday May 13, 2010 @02:26PM (#32197056) Journal
    Could the work that has been done in "slowing" light be used to interfere with this?(or, more practically, since the speed of light varies based on the medium, would you need a completely accurate characterization of the contents of the light paths that the signal travelled over for your certainty to be valid?

    On the plus side, this will finally provide a way for Bob to prove to Alice's satisfaction that he isn't with Eve, and Alice will be able to demonstrate the same about Mallory. Bliss through superior quantum physics!
    • by Itninja (937614)
      No kidding. Somewhere on the network an engineer replaces CAT5 with fiber and POW!
      • There are lots of ways to induce delta T. iTunes, as an example.

        Or in actuality, playing with the MPLS tables.

        Heaven help you if you're on WiFi and move out of the zone. You are so screwed.

    • by Chris Burke (6130)

      On the plus side, this will finally provide a way for Bob to prove to Alice's satisfaction that he isn't with Eve, and Alice will be able to demonstrate the same about Mallory. Bliss through superior quantum physics!

      Yes as they let out a simultaneously blissful sigh of relief that Bob doesn't suspect that Eve is with Alice, and Alice doesn't suspect that Mal is with Bob.

  • by rubycodez (864176) on Thursday May 13, 2010 @02:28PM (#32197096)

    this only works in a perfectly flat space-time, if unknown or changing (known or caused by hostile party) curvatures are present the whole thing falls apart

    • by onionman (975962)

      this only works in a perfectly flat space-time, if unknown or changing (known or caused by hostile party) curvatures are present the whole thing falls apart

      You beat me to it. Yes, it's hard to see how this particular method would be useful on Earth. Of course, the research results are academically interesting even if there is no (immediate) practical application.

      • by nospam007 (722110) *

        "Yes, it's hard to see how this particular method would be useful on Earth."

        If I was a drug dealer, I would like to know that the cell tower I'm talking through is inside the FBI car behind me.

        • by GofG (1288820)
          Be like Tevye, who used the subjunctive mood properly. "If I were a rich man".

          Do not be like Aiken, who used the subjunctive mood improperly. "If I was invisible".

          In the subjunctive mood, where we are talking about things which are not true, we use "were" instead of "was". :D
        • by onionman (975962)

          "Yes, it's hard to see how this particular method would be useful on Earth."

          If I was a drug dealer, I would like to know that the cell tower I'm talking through is inside the FBI car behind me.

          The surface of the Earth is a rotating, accelerating reference frame located in several gravity wells (Earth's, the Moon's and the Sun's). Hence the proposed mechanism would not work with any transmitter/receiver combination located on Earth.

      • by blair1q (305137)

        It's impractical where distance is involved, but could eliminate man-in-the-middle attacks at very short distances, say within a single interface between two separately secured networks.

        You'd have to have a chunk of neutronium to warp space enough to make that go out of skew on't treadle.

    • Unexpected curvature would make the travel path longer, which would make it slower, which would be detected by the system as an insecure connection.

  • So a quantum crypto-cracking program wouldn't work? It'll be an ugly loop just like armor and armor piercing weapons. Wait for it...
  • It would never work that perfectly in practice – at least not on the internet, definitely – because the latency on the internet is much too large. The time taken for a packet to travel from point A to point B is nowhere remotely close to the time it would take at the speed of light with no latency.

  • by fahrbot-bot (874524) on Thursday May 13, 2010 @02:37PM (#32197292)

    Eve can use any number of receivers to work out where Bob is and then use this information to trick Alice.

    I'm concerned that this Eve [wikipedia.org] character keeps causing trouble. First for Adam, now Alice and Bob.

    • But the fucks like a goddess! And everyone knows it. Unfortunately she never uses contraceptives. Which nobody knows.
      This explains why she’s the mother of every human ever. ;))

  • No doubt, while charging an extra $1 per song, Apple will spin this as a much needed feature.
  • The technique is based on triangulation. Alice uses several transmitters to send messages to Bob who returns them immediately at the speed of light. If the return arrives within a certain time period, Alice can be certain that Bob is where he says he is

    Alice can be certain that the repeaters are where they say they are.

    But Bob could be elsewhere - and his personal responses to these messages won't be - can't be - instantaneous.

  • Lasers work by stimulated emission [wikipedia.org], which is a quantum process that makes identical copies of photons. Quantum cryptography relies on qbits not being copyable, so how does this not break it?

    The critical detail of stimulated emission is that the emitted photon is identical to the stimulating photon in that it has the same frequency, phase, polarization, and direction of propagation. The two photons, as a result, are totally coherent. It is this property that allows optical amplification to take place.

    • by pclminion (145572)

      Stimulated emission is not perfect cloning. The monkey wrench which prevents lasers from violating the no-cloning rule is the non-zero probability of spontaneous emission. See this paper:

      Experimental Quantum Cloning of Single Photons [ucsb.edu]

      Although perfect copying of unknown quantum systems is forbidden by the laws of quantum mechanics, approximate cloning is possible. A natural way of realizing quantum cloning of photons is by stimulated emission. In this context, the fundamental quantum limit to the quality o

  • Intentionally read ALL quantum encrypted transmissions, thereby making it impossible to use it, and forcing people to traditional channels. Then crack them. The traditional ways.

    Or: After Bob received the message, just call him, tell him you are the new admin, and they did not give you the password yet, but you were told to install $somethingBobReallyWants on his computer. So if he could kindly give him the password... ;)

  • the location is specific to 500 miles around. ;)

  • ...for now.
    • by owlstead (636356)

      It is certainly possible to prove something secure from a mathematical point of view. Since mathematics is more or less self contained, that's all right. Unfortunately, the real world isn't. So then you have all sorts of things to factor in:
      - errors in the assumptions
      - setups to avoid detection errors
      - side channel attacks on the detectors and transmitters
      - insecurities of the complete protocol
      - insecurities of the overal system
      - human errors
      etc. etc.

      The problem with quantum crypto always has been that the

  • by Daffy Duck (17350) on Thursday May 13, 2010 @11:46PM (#32203632) Homepage

    From TFA:

    "Unfortunately we do not have a security proof, and we leave it as an open problem to find an attack or prove its security," they say.

    So how did the summary conclude "proved secure" from that?

    • At least they didn't prove its security. It works if, and only if conventional quantum cryptography works, what means, it doesn't work at all.

      Let me prove it is not secure:

      1. Bob places his transmiters, to triangulate Alice.
      2. Alice places her transmiter.
      3. Eve places a transmiter between each Bob's tranmiter and Alice's one. (That is, on the same configuration that would break the classical crypto.)
      4. Now, let's say Bob starts transmiting. He transmits the key encoded on the polarization of the wave.
      5. Eve reads the key
  • Technically speaking, isn't there a sphere of locations that would all be the same light-distance from the message sender? (I'm picturing an equilateral triangle here.) I don't know how you'd read the qubits to know the distance, but if you could, maybe you could position yourself at one of those equal points and thus be the right distance (and time) away.

  • Exciting news (Score:3, Informative)

    by Vadim Makarov (529622) <makarov@vad1.com> on Friday May 14, 2010 @01:06PM (#32209038) Homepage

    There are two things about this publication that make it remarkable.

    1. This is a new useful information processing primitive that is only possible to do quantum, not in any classical information processing (the paper [arxiv.org] cites impossibility proof in classical domain). There's just a handful such quantum primitives known today (e.g., QKD, Shor's algorithm), so discovering one more is a great deal.

    2. It is practically implementable with today's quantum crypto hardware. In fact, I expect any lab that has a working free-space QKD system can be working on an experimental demonstration of location-restricted QKD right now. It may just take some software rewriting and a couple extra wi-fi links to assemble a full 2D-location QKD scheme.

    To be fair I must mention that the location primitive has been published two months ago [arxiv.org] by R. Malaney from Australia. However, his version was more difficult to implement (although also doable with today's experimental techniques), and notably it lacked QKD functionality. Now with this publication the scheme is complete and is even supplied with a security proof. My applauds to the authors.

"Whoever undertakes to set himself up as a judge of Truth and Knowledge is shipwrecked by the laughter of the gods." -- Albert Einstein

Working...