First Bank Transfer via Quantum Cryptography 310
An anonymous reader writes with today's announcement that "the Austrian project for Quantum Cryptography made the world's first Bank Transfer via Quantum Cryptography Based on Entangled Photons; see also Einstein-Podolski-Rosen Paradoxon." (For more background, see the recent Slashdot post "Quantum Cryptography Leaving the Lab.")
Unexpected Consequences (Score:5, Funny)
Re:Unexpected Consequences (Score:2, Funny)
You are able to decode them now??
Re:Unexpected Consequences (Score:3, Funny)
But only 50% of the time.
Oh, well then this is simple.
In the future, your process for decoding your bank statements will work 50% of the time, but of course observing whether your bank statement has been decoded (by you) will completely undermine the decoding process.
Therefore, you will receive your bank statements in the mail, and you can leave them unopened and mathematically consider them 50% decoded.
Re:Unexpected Consequences (Score:4, Funny)
Easy! The Quantum Improbability Engine.
But... (Score:5, Funny)
Re:But... (Score:5, Funny)
You know the two-slit experiment? Well, its just like that
-- standard explanation for weird quantum things when you don't know the right answer.
Re:But... (Score:5, Interesting)
-- standard explanation for weird quantum things when you don't know the right answer.
I was just reading about that last night in The Elegant Universe.
For those who haven't heard of it before, here's the experiment:
- take a wall with light shining on it from a projector.
- place a board in-between the wall and the projector that interrupts the beam of light. The board should have two vertical slits cut in it, which can be opened and closed independently of each other.
If you open just the left one, you get a vertical bar of light on the wall.
If you open just the right one, you also get a vertical bar of light on the wall, offset from the one that was there with the left one open.
Now, intuitively you would think that if you opened both at once, you would just get two vertical bars of light, but you don't. Wave interference means you get a whole bunch of light and dark vertical bars on the wall.
Here's the spooky quantum-mechanical part - the same interference effect happens even if the projector is designed to only emit one photon at a time, then wait until it has hit the wall (or the board) before sending another. You will still get the bands of dark and light.
Pretty weird, eh?
Re:But... (Score:3, Interesting)
|>oug
Re:But... (Score:4, Funny)
theory and SF are 'entangled' too, it seems (Score:3, Interesting)
This is not impossible, because, contrary to what most ppl think, lightspeed is in fact an average; within one beam, there can be photons that are moving slightly slower, and photons that move sl
Re:theory and SF are 'entangled' too, it seems (Score:3, Interesting)
That photons can be slowed down is not even disputed anymore, there have been numerous examples of it in various degrees (depending on the medium it passes through). I even believe there was a slashdot-article about it, when some researchers managed to slow it down to a crawl.
For faster then light photons (obviously, only possible with non-mass quantummechanical particles) there is more discusion about it, since it's extremely difficult to prove. However, this experiment actually *w
Re:But... (Score:5, Informative)
When I first read about the double slit experiment, I said to myself, "That can't be!"
I cut two slits into a piece of cardboard and directed a flashlight beam through the slits at a wall.
And I observed exactly what one would expect, two diffuse bright spots. I said, "Hmph."
Of course, when I learned a little more, it was obvious why this didn't work. In order to see the interference pattern, your light must be coherent and columnated (as from a laser), and your slits must be very close together, and narrow (with dimensions similar to the wavelength of light). You pretty much need to use a laser as your light source, and rather than a "board" with slits, a sheet of metal with two very thin slits cut into it, very close together.
Something I found very fascinating is that the diffraction pattern you get is the fourier transform of the pattern of slits the system of interference exactly implements the fourier transform integral!
Re:Real-time Mars rover remote control. (Score:3, Informative)
Entangled particles can be used
Re:But... (Score:2)
So tell me, then... What's the medium?
One more link (Score:3, Interesting)
"The entangled photon pairs created by Kwiat's team are produced using two thin, nonlinear optical crystals to split the "parent" photons from a laser into entangled "daughter" photons. In previous research at Los Alamos, these entangled photons have been used for quantum cryptography to create unbreakable cryptographic keys that can be used to lock or unlock e
Unfortunately... (Score:5, Funny)
Re:Unfortunately... (Score:2, Funny)
Quantum tracking number... (Score:5, Funny)
Your transaction number has a 90% probability of being between 8765432 and 8765478.
Have a 75% nice day.
Re:Quantum tracking number... (Score:2)
Of course, according to Cramer's Transactional Interpretation, both of those are bogus. There is no superposition, no "collapse". The advanced reply wave reinforces the offer wave "instantaneously".
My check bounced (Score:5, Funny)
Re:My check bounced (Score:2, Funny)
Re:My check bounced (Score:2)
Due to the Heisenberg Uncertainty Principle... (Score:5, Funny)
But don't delay cashing the check (Score:2)
Proof of Concept (Score:4, Insightful)
The biggest hole in security is usually the people operating technology. Ever want something, call up and ask for it.
What does the ability to have uncrackable encryption do to thwart social engineering tactics?
Re:Proof of Concept (Score:5, Insightful)
Secondly, even if they were related, you're appear to be suggesting we might as well not bother patching one future security hole because a different one also exists? Thats crazy. We should tackle all security risks, not just one particular one.
Lastly, socially engineered attacks are most often people giving up a PIN or forging a signature. That affects one account per attack. If a cracker gets past the sort of stage that Quantum Cryptography protects they have the opportunity to automate and reap every transaction the bank carries out.
Now which is the bigger problem?
Re:Proof of Concept (Score:2)
Re:Proof of Concept (Score:3, Informative)
The two different security issues are related in the way almost, if not all, issues are related. Time, money and resources. If you spend them in an effort to address one problem they can't be spent in an effort to address another.
Re:Proof of Concept (Score:3, Insightful)
Re:Proof of Concept (Score:3, Interesting)
Very good point. FWIW, I actually thought of this (really ;)... after I posted. You are right, one cannot afford to wait.
But I also t
Re:Proof of Concept (Score:3, Insightful)
No, the question is one of resource allocation. At present, there
Re:Proof of Concept (Score:2, Insightful)
It's ridiculous reasoning.
Should deadbolts not have been developed because most people break in through windows?
Should we stop working on vaccines to deadly viruses just because most people die of heart disease or cancer?
It's called progress. People work on improving their own peice of the puzzle and the whole system improves as a whole by the sum of the efforts.
Re:Proof of Concept (Score:2)
Should we spend limited resources to improve deadbolts that are currently, and are expected to remain, unbreakable, when there are not sufficient resources to improve and adequately secure windows?
Should we continue to work on vaccines to deadly viruses if: (a) ten times as many people die of heart disea
Re:Proof of Concept (Score:2)
Should deadbolts not have been developed because most people break in through windows?
A better analogy would have been asking 'should I upgrade my deadbolts to tungsten carbide, drill-resistant ones, because no burgler will ever get through them' when your back door is made of 3/8" plywood and non-toughened glass.
The bank to bank transfers are the strongest link of the chain - making them tougher is fine, but not at the expense of the weakest part.
Insightful? Hardly. (Score:2)
~Berj
Entertaining but Not Useful (Score:3, Insightful)
What about the fees (Score:2, Funny)
trade ya (Score:5, Funny)
I'll give you my entangled photons in exchange for chocolate [slashdot.org].
Dear Prestigious Journal (Score:3, Funny)
At the University concluded a study which finds quantum cryptography is a lot better than plain cryptography. Please FAX bank account via quantum cryptography to KWEISE MFUME at +34 79 345 8792 for full article.
Looking forward to hearing,
Letter
quantum bank transfers (Score:4, Funny)
Au contraire (Score:3, Funny)
This principle is generally true in classical economic transfers as well: Bill Gates keeps having lots of money, but I only sometimes have money; I know I owe lots of money to my bank for student loans, but I only have a suspicion that my friend owes me 50 cents.
This just in (Score:2, Funny)
Complicated (Score:4, Funny)
Re:Complicated (Score:5, Funny)
"I may know how to program with code, but damned if i know how futons work!"
Simple: fold the futon up when you want to use it as a couch and then fold it back down when you want to use it as a bed.
Re:Complicated (Score:2)
Re:Complicated (Score:2)
Re:Complicated (Score:2)
From a slashdot sig: "Quantum Mechanics -- the dreams stuff is made of".
Quantum Crypto Provably Flawed? (Score:5, Interesting)
Is quantum crypto provably flawed?
I've seen tons of blurbs stating the the link is "absolutely" secure, but it seems that isn't really the case. [dhushara.com] (see the bottom of the page.)
What strikes me about all this is the following section:
"each pulse should be attenuated to an average of about
What that says to me is that there is not way to 100% know you're transmitting just one photon.
It sounds like there's no device that is capable of transmitting one and only one photon with 100% reliability. If this is the case, a lot of the arguments about how secure this is are vastly overstated.
In the end QC would be vulnerable to a man-in-the-middle attack by watching for multi-photon emissions.
If this is the case, a lot of the noise surrounding QC could turn out to be hype. (The big plus for quantum crypto is that it's supposedly immune to this.) Is there a quantum physicist in the house?
Re:Quantum Crypto Provably Flawed? (Score:5, Interesting)
If an eavesdropper successfully split the extra photons off, they have successfully captured 1% of the data stream. First off, that's not much data if you want to reconstruct something meaningful in the way of information carried by the stream.
Another problem, however, is the effect of the splitter on the rest of the stream. When a single photon passes the splitter, which path does it choose? If I'm not mistaken, that choice will be at random. If so, then the presence of the splitter becomes immediately detectable because half the single photon pulses never reach their destination. In fact, the number missing is likely to be so close to 50% that the presence of the splitter should be obvious to the bank.
Re:Quantum Crypto Provably Flawed? (Score:2)
Re:Quantum Crypto Provably Flawed? (Score:2)
To each party you pretend to be the other party and just relay the messages.
the whole point of quantum cryptography is that a man-in-the-middle attack like that is fundamentally impossible.
Why MIM doesn't work (Score:5, Insightful)
The reason that the man-in-the-middle attack doesn't work is that by doing so, you introduce two sets of attenuation rather than one. If the message is intercepted and then re-transmitted, the message has now been sent through the attenuation cycle twice. This means that instead of the signal being modified by the original attenuation function, it's modified by the attenuation function squared, which is easy to distinguish.
Re:Why MIM doesn't work (Score:2)
So it sounds like my assessment that you just CAN'T reliably send out single photons is right and quantum crypto is relying very heavily on statistics, whereas tradditional crypto relies on factoring, etc.
This mea
Heisenberger (Score:5, Funny)
Nah, back to those good ol' electrons.
Re:Heisenberger (Score:4, Funny)
Re:Heisenberger (Score:4, Funny)
So... (Score:4, Funny)
How does it defeat repeaters? (Score:3, Insightful)
Re:How does it defeat repeaters? (Score:5, Informative)
This [dartmouth.edu] is a good overview.
Re:How does it defeat repeaters? (Score:5, Informative)
For more info read this primer [csa.com].
Re:How does it defeat repeaters? (Score:2)
In related news, the RIAA announced it was investigating quantum encoding for audio tracks, rendering them uncopyable.
snake oil (Score:5, Insightful)
"It's like defending yourself against an approaching attacker by putting a huge stake in the ground. It's useless to argue about whether the stake should be fifty feet tall or a hundred feet tall, because the attacker is going to go around it. Even quantum cryptography doesn't "solve" all of cryptography: the keys are exchanged with photons, but a conventional mathematical algorithm takes over for the actual encryption."
Re:snake oil (Score:2, Interesting)
Re:snake oil (Score:2)
All of the AES finalists are secure, and they don't have a problem with transmitting the pad.
Re:snake oil (Score:2)
(not any less oily than others) (Score:5, Insightful)
Anyway, sure. QC alone ain't gonna help you. But if it's a stake in a ground that's part of a fence, it damn well matters if it's 100 ft tall vs 1 ft tall, or even 10 ft tall.
Does it 'solve' security problems? No, of course not, because as many many many people have already said, in this post and in many other places, the way to defeat the best crypto in the world is to look under a keyboard and copy down the relevant password/phrase that the user wrote on a sticky-note there. (or other social engineering tricks)
It does make security easier, as it prevents MITM attacks, requires (for now) specialized hardware, and provides really-tough-to-decode crypto. So, if you have the rest of your process working, yes, QC can help by being a more secure technology.
But think of the inverse. OK, so, crypto is like a stake in the ground, it doesn't matter what size or where it is. So, let's all use DES, because it's an established standard!
You are only as secure as your weakest link, obviously. You'd be stupid if crypto turns out to be your weakest link, as even not counting QC, there's lots of good, secure crypto processes available.
Re:snake oil (Score:2)
Asks teller what my mortgage 'principle' is... (Score:2)
Re:Asks teller what my mortgage 'principle' is... (Score:2)
"Well, I can tell you precisely what the princepal is, but the interest rate will be indeterminate; or I can tell you the interest rate, but then the princepal will be indeterminate.
Sorry, I can't tell you how much you owe, or how long you have to pay.... It's a that pesky problem with uncertainty. Just keep paying double the monthly payment, I'm sure eventually that'll be enough. Your loan officer will call you to tell you to stop. I'm just sure of it sir."
Kirby
How Immediate is Immediate? (Score:3, Interesting)
Is this instantaneous? Wouldn't that violate the whole speed-o-light thing?
Re:How Immediate is Immediate? (Score:5, Informative)
Yes and no. (Well, we *are* talking quantum stuff here, aren't we?) Do a google for "bell inequality" and see if you can get anything from the results. Basically, the answer is , yes, it is instantaneous. And no, it doesn't violate the speed-of-light limitation because you cannot get any useful information transmitted that way. You see, there are two photons which are interlocked. The first photn came at the speed of light and it contains the information you are looking for. The second photon, which serves to validate the quantum key is redundant from the information point of view, it doesn't carry the bank account balance, it only serves to detect tampering in the system.
is this as big as I think? (Score:3, Interesting)
To me this story is rather sensational -- I didn't realize that quantum crypto is that close to actually being used; it also seems to me that wide use of quantum crypto is going to revolutionalize the field.
Can someone who knows a lot about this explain to the rest of us: is this "WOW!!!" or just "neat!"?
quantum jokes galore (Score:5, Funny)
Okay, I'm done now.
[TMB]
Re:quantum jokes galore (Score:2)
The history of cryptography (Score:3, Informative)
Excelent read for anyone interested in the field or just currious about it.
ISBN: 0385495315
Entanglement (Score:3, Interesting)
Re:Entanglement (Score:2)
Sorry, this is something that would be covered in first two weeks of any introductory course on quantum mechanics or quantum information theory.
Bank transfer? (Score:2, Funny)
I would expect transfering some data would be pretty ok, but they entangled and transfered a bank? Unbelievable. Did some bank office clerks survive their quantum encryption?
Unwanted side effect... (Score:5, Funny)
a quantum leap (Score:2)
This is really amazing; think of the possibilities that this offers. If this sort of system gets affordable, mass-produced and hits the market, it will invoke a whole new era of communication!
Gone are the hackers who snif out passwords and creditcardnumbers; the moment they try to intercept it, it is discovered. Brute force attacks become meaningless, since the key is generated completely at random and is of a one-path nature, which is theoretically proven to be unbreakable (in contras
Protocal (Score:2)
does this work (Score:2)
What A Feeling (Score:4, Funny)
It will be cool one day, imagining that for a brief moment, the photons, being in a superposition of states, *could* be transferring all the known wealth of the universe to my bank account. Sadly, when observed, minus service fees, it's probably only like a buck-fifty.
Quantum Cryptographic Communications & 1-time (Score:5, Informative)
Yes, Quantum Cryptographic Communications (QCC) can help with the requirement that the one-time pad must be transmitted in private. However the one-time pad cannot be reused so your key must be the same size as your text. Thus far, Quantum Cryptographic Communications is not a speedy high bandwidth form of communication. It might be OK to transmit a small key but to date it is not OK for sending, in a reasonable period of time, huge one-time pad keys that are as big as your original message.
Another thing people sometimes gloss over about Vernam one-time pads is that your cipher is only as good as your random number generator! If you generate your one-time pad using the v7 libc rand(3) function your one-time pad is next to useless.
Another important aspect of Quantum Cryptography (Quantum Cryptography is not simply limited to communications) is random number generation. Quantum Cryptographic Random Number Generation (QCRNG) is a useful tool in generating keys (one-time pads, block cypher keys, public/private key pairs, etc.).
The importance of QCRNG goes beyond Vernam one-time pads. You want a cryptographically strong RNG such as a QCRNG when you generate your session keys. Sending predictable keys over a QCC protected link is next to useless!
Now IF you have:
then you will begin to approach the ''unbreakable cypher level'' that some people think you get with Vernam One-Time Pad Ciphers.
Re:Quantum Cryptographic Communications & 1-ti (Score:3, Informative)
It seems impractical (Score:4, Insightful)
OK, I am not a believer in quantum cryptography for one big reason -- fiber loss. Someone please enlighten me if I'm wrong.
The loss of standard single-mode fiber is about 0.1-0.2 dB/km. Therefore, unless the distance is short (as in this demonstration), the transmitter must send multiple photons to ensure a decent probability of providing the receiver with one photon.
For example, if the span is 100 km long (20 dB loss), then on average only 1 out of every 100 transmitted photons will reach the receiver.
The situation is worse for autocompensating quantum-crypto systems (e.g., polarization-based encoding), because the photons must survive a round trip through the fiber.
Therefore, the relatively high power at the transmitter implies that an attacker can tap into the fiber near the transmitter, subtract (on average) only 1 photon, and remain undetected by the receiver.
Furthermore, typical optical amplifiers add noise (3 dB noise figure for your standard erbium-doped amplifier). The added noise photons would screw up the link, so amplifiers are out.
In the end, it seems to me that quantum crypto is good for table-top demos, and maybe for short jaunts across a metro area. But it is NOT absolutely perfect, at which point computationally difficult encryption is more attractive.
Uncertainty + international bank transfers?. (Score:3, Funny)
Re:Entangled Photons (Score:5, Funny)
When in doubt, mod +1 funny and pray
Re:Entangled Photons (Score:2, Funny)
Re:You Q-bank Transfer (Score:2, Funny)
Re:Why bother? (Score:2)
Yes.
Re:Why bother? (Score:2, Informative)
Uncrackable to date with current tech (Score:2)
Re:Uncrackable to date with current tech (Score:2, Informative)
It's not a question of current technology at all. RTFL.
a medical doctor / writer talking about physics (Score:2)
Hype (Score:4, Interesting)
Furthermore, this is really just a Quantum Key exchange. So tack on whatever protocol you wish to use once you have the key. Quantum encryption is something that would require quantum computing first.
Also please note, the quantum transmission is not even "secure." Its just that if anyone but you reads it, you are secure in the knowledge that you will know about it.
At least this is what I have understood. Still hype. Notwithstanding, as science this is probably an advancement. Its just not what its being marketed as.
Re:Hype (Score:3, Informative)
Re:Hype (Score:4, Insightful)
I came away with a different understanding of what they did (granted, I only read the press release [quantenkryptographie.at], pdf link; and I have just about no knowledge in quantum mechanics, so chances are I don't get it right).
From the press release (emphasis mine):
I read this as, they not only exchanged keys, but in fact transmitted an encrypted message as well(?)
On the interception/security issue, the press release says (again, my emphasis):
From what I read, a message cannot be stolen. If I understand this correctly, communication can be prevented (which is a weakness of course), but cannot be intercepted and decrypted by an eavesdropper. Am I misunderstanding, and/or are they possibly mixing theory with their actual accomplishment?
Re:Hype (Score:3, Insightful)
Not if the key is as long as, or longer than, the message. In that case there's no way to crack it by cryptanalysis - your only hope is in more cloak-and-dagger methods like having a spy at one end of the channel.
As a practising geek I can suppose that you're familiar with ROT13. This is, of course, trivially cracked. An attacker knows in advance - because it is a USENET standard and has been for many years - that your key is 13 an
Re:Hype (Score:3, Informative)
Also please note, the quantum transmission is not even "secure." Its just that if anyone but you reads it, you are secure in the knowledge that you will know about it.
OK - here's what you missed. Its a two phase process. Yes, the clever part is the key exchange - you can exchange a key and know with certai