Posted 08.30.2010 at 5:07 pm
17 Comments
Inside a Quantum Cryptography Scheme
Vadim Makarov
Quantum cryptography is one of the most secure known means of transmitting data, due to the fact that even if a third party does intercept a quantum signal, that interference changes the encryption key, making the tampering apparent to parties at both ends. But a handful of quantum hackers at Norwegian University of Science and Technology in Trondheim recently performed successful hacks of two commercial quantum cryptographic systems -- and they did so without leaving a trace.
Quantum encryption is based on the notion that you cannot take measurements of a quantum system without in some way disturbing it. A sender uses standard values of zeros and ones. That key is encoded into a beam of light using two different quantum states of photons. The receiver has a detector that measures the quantum states of the incoming photons. Anyone who messes with the signal in between will change it in some way, making it apparent to the sender and receiver that someone tampered with the signal.
Related Articles
Tags
Technology, Clay Dillow, computers, cyptography, quantum, quantum encryption, securityBut the trick is in how they blind the receiver's detector. While blinded, it cannot act as a quantum detector, but it still functions as a classical light detector, reading a "one" if an extra bright pulse of light hits it, quantum properties of the light notwithstanding. So as the interceptor receives the sender's signal, it pumps an extra bright pulse of light at the receivers' detector every time it reads a "one" in the original signal.
In this way, the receiver still receives the correct signal from the interceptor even though it's a forged signal. Since it's a classical signal rather than a quantum one, quantum rules no longer apply and the sender and receiver aren't made aware of the signal tampering.
The makers of the two quantum cryptographic schemes, Switzerland-based ID Quantique and Boston's MagiQ Technologies, likely weren't thrilled to find a hole in their systems but welcomed the news as it will help them to shore up weaknesses in their encryption schemes.
'Quantum Hacker' Lars Lydersen Gets Cracking: Vadim Makarov
If quantum cryptography really gets your photons entangled, a PDF of the Nature Photonics paper published by the quantum hackers is available, or you can check out the hackers' "how we did it" site.
[Nature]
17 Comments
To comment, please Login.
Popular Tags
Technology
|
|
|
|
|
|
June 2013: American Energy Independence
Five amazing, clean technologies that will set us free, in this month's energy-focused issue. Also: how to build a better bomb detector, the robotic toys that are raising your children, a human catapult, the world's smallest arcade, and much more.
Popular on Popsci
Most Commented
Technology
- Defense Distributed's Cody Wilson On Being Told To Remove 3-D Printed Gun Plans: "We Win"
- Thieves Stole $45 Million From ATMs Because The U.S. Uses Absurd 40-Year-Old Technology
- A California State Senator Is Trying To Outlaw 3-D Printed Guns
- 2013 Invention Awards: Family Flier
- Autonomous X-47B Jet Fighter Makes Historic First Launch From An Aircraft Carrier
- U.S. Navy Spends $37 Billion On A Ship That Barely Works
- Time-Lapse GIFs Show Earth Transforming Over 25 Years
- How To Turn An AK-47 Into A Soup Ladle
- How The World's First 3-D Printed Gun Works
- Iran Unveils Absurd New Stealth Drone
Most Emailed
Technology
- 7 Reasons Why 'Star Trek Into Darkness' Is A Beginner's Guide To Star Trek [Spoiler Alert]
- America's Road To Energy Independence, Part 1
- Video: MIT's Cheetah Robot Trots, Then Gallops
- Mapping The Simpsons' Slow Descent Into Suckitude
- Google Bets $10.7 Million On Drone Intelligence
- Concept Skyscraper Generates Its Own Energy, Looks Like A Toilet Brush
- Robot Plane Flies Humans 500 Miles
- Google And NASA Team Up In Quantum Artificial Intelligence Lab
- How NASA Could Save Kepler
- Inside The Army's Sunshine Simulator
Most Viewed
Technology
- 7 Reasons Why 'Star Trek Into Darkness' Is A Beginner's Guide To Star Trek [Spoiler Alert]
- America's Road To Energy Independence, Part 1
- Video: MIT's Cheetah Robot Trots, Then Gallops
- Mapping The Simpsons' Slow Descent Into Suckitude
- Google Bets $10.7 Million On Drone Intelligence
- Concept Skyscraper Generates Its Own Energy, Looks Like A Toilet Brush
- Robot Plane Flies Humans 500 Miles
- Google And NASA Team Up In Quantum Artificial Intelligence Lab
- How NASA Could Save Kepler
- Inside The Army's Sunshine Simulator
Online Content Director: Suzanne LaBarre | Email
Senior Editor: Paul Adams | Email
Associate Editor: Dan Nosowitz | Email
Assistant Editor: Colin Lecher | Email
Assistant Editor: Rose Pastore | Email
Contributing Writers:
Rebecca Boyle | Email
Kelsey D. Atherton | Email
Francie Diep | Email
Shaunacy Ferro | Email
Today on PopSci.com
Copyright © 2012 Popular Science
A Bonnier Corporation Company. All rights reserved. Reproduction in whole or in part without permission is prohibited.
When PopSci announced this encryption method a while back I said then that it wouldn't take long before it got defeated. Some of you mocked and ridaculed me for saying that. Well I get to say "I told you so" and it took less time than I thought too.
If we can make it, we can break it. This is not shocking news.
Quantum cryptography is not broken only a flawed implementation is.
first of all, if you've got a sensitive receiver line in the open where any punk with a laser pointer can read you messages- you deserve to be shot. Second, quantum cryptography does not to be broken- no matter how good your protection, your average end user is as stupid and susceptible to social engineering as ever, his/her system is likely to be crawling with keyloggers.
The anthropologists of the future; rejoice!
hahaha
www.erkekbu.com
lol so they basically beat-down the messenger and then hand-delivered the message to the reciever.
Talk about an old-school method.
But it does seem like this was a flaw in the communication.
According to the statement:
"due to the fact that even if a third party does intercept a quantum signal, that interference changes the encryption key, making the tampering apparent to parties at both ends"
Sounds like neither the sender nor the receiver was able to tell that the signal was intercepted.
That's more than an implementation issue...thats a major flaw since it did not adhere to one of its major principles.
@Dustin...yeah, you are right (generally), but I doubt they are playing around with Quantum Cryptography for Facebook or general inter-webs users.
You'll never make a system better if you don't find its faults. While this might not be a true real-world scenario it is a valid test.
No encryption is perfect, the best we can hope for is to make it so difficult as to not be worth the effort. Internet security is a cold war, with each side trying to one-up the other with neither side winning for long.
The most secure computer in the world has never been turned on.
lol AlBme...even THAT's not secure
I said you could do exactly this the first time I heard quantum encryption was unbreakable. Alright, so you can't read the signal without destroying it, and therefore alerting the other end when it doesn't show up. But as long as you can make that exact signal in the first place someone else can replicate it after reading it, so as long as they can stop the first signal entirely they can replace it.
www.LEDthings.com
Go ahead, I dare you to try
www.LEDthings.com
Yeah I love how they say "by simply intercepting the incoming signal and generating a brand new one to send on to the receiver." So while you cut through the fiber optics to do that, signal is lost and your busted. Of course I am naive
@CDales1004
3 letters. PHB.
@caradoc01:
Yep .. some people actually believe in security through obscurity, sadly. In fact, too many do.
Fact is this.
Safest would be turning off every computer. But - you think that's still secure? Oh it's locked you say? Ever hear of : stealing the key ? Or lock picking ? Etc.
No such thing as 100% secure data. Quite amusing, however, to see how many people get told this, and they then disagree .. until it bites them, and hard.
As I think someone else mentioned - which I also said above in more detail - even a "safely turned off" computer is not 100% secure (why do you think there is the program : shred and similar ?). Yet time and again, people do not get this. This includes every kind of organization, group, whatever.
Also, it doesn't matter if the algorithm is cracked (as someone had to point out) or not. I mean really, if you care about that, versus your data / site being safe, well then you're quite ... troubled. Reminds me of the ancient apache bug (phf - for those who remember that). Allowed you to say, spit out /etc/passwd .. sure, the encryption algorithm was good, but you know, without shadows (read : You have the encrypted password) it does not make a difference; brute force still wins!
Sure, you can be fairly secure or even very secure.. PCI Compliant, and all that stuff. But to just assume - well we know what that does.
I am surprised that someone has not tried to entangle an entire PC hard drive and just take the data by in fact having a remote copy that was generated by the entanglement. Then you don't have to steal the encrypted data. You have the original. :P How is that for scary?