Position-Based Quantum Cryptography Proved Secure 45
KentuckyFC writes "Physicists have developed a new kind of quantum cryptography that uses position measurements to guarantee the security of a message. The technique is based on triangulation. Alice uses several transmitters to send messages to Bob who returns them immediately at the speed of light. If the return arrives within a certain time period, Alice can be certain that Bob is where he says he is. Physicists proved a few years ago that when the messages are purely classical this method is not secure because Eve can use any number of receivers to work out where Bob is and then use this information to trick Alice. However, the same physicists have now proved that the quantum version of the same position-based scheme is perfectly secure, essentially because Eve cannot easily measure the value of any qubits in the message. Alice and Bob go on to use the qubits to exchange a cryptographic key, a one-time pad, that they use to encrypt a message. The beauty of the technique is that a message encrypted in this way can be read only by somebody at a specific location, something that governments, banks, and the military, not to mention everybody else, may find useful."
nonlocal results and human weak links (Score:5, Insightful)
The position based exchange, of individual qubits, as describing in TFA is for key exchange, leading to a one-time pad [wikipedia.org]. The interesting thing is that once the one time pad is securely created and delivered, the locality is then longer restricted, the " can then be used to send a perfectly secure message" from TFA can then be anywhere.
But from a security point of view, this is nice, but a major part of security holes don't come from technology, they come from personnel and the ability to trick people. Unless you completely restrict the physical location of the people, information encrypted this "perfect" technology still falls prey to human foibles. As stated in TFA " theoretical security is not the same as practical security"
Re:nonlocal results and human weak links (Score:3, Insightful)
I think we are getting to the point of over-emphasizing that fact, as if cryptography were unimportant. OK, this might not show up in Outlook Express. But there really ARE important applications for secure wireless transmissions, and there really ARE extremely professional and well-funded researchers on the "other side" who will use every algorithmic trick in the book to crack them. If you look at WWII and the Cold War, cryptography was tremendously important. Even the cryptographic attacks on "everyday" technologies like WiFi and ATMs available to the average script kiddie are quite impressive. So I wouldn't be too blase about cryptography not being the weak link.
The best part is that both weaknesses were used to break the Enigma cipher. They first exploited weaknesses in the cipher itself (letters couldn't be encrypted to themselves) and then weaknesses in the operators (the lazy Nazi would frequently choose Der Fuhrer's birthday for his cipher).