quantum cryptography

[DrPizza]

here

1st of all, anyone have a clue whether this site gives reliable science info?

Anyway, I recall reading a little bit about this in the past. It seems to me that *if* quantum computers are scaled up to a size where they're manipulating more than just a few bits, and they become extremely effective at parallel computations, then a huge use for them would be to crack encryption.

But, unless I'm missing something, with the type of encryption described in this article, you would know if someone was "eavesdropping" on your communications, and thus would be able to avoid them decrypting your message in the first place.

 

[f95toli]

I just took a brief look but it looks ok. Quantum Cryptography has been around for a few years and the first commercial products have been available for about a year or.

You are right about the rest, Quantum Computers are good at factorizing and since most encyption systems rely on the fact the factorizing large number takes a very long time a Quantum Computer would be able to break those codes.
But quantum cryptography makes it impossible to eavesdrop so even a quantum computer is useless. You can actually prove mathematicaly that quantum cryptpgrahy is 100% secure.

 

[silverpig]

Nice find. It sounds like they're making progress.

I've been to quite a few lectures on quantum computing, encryption, error correcting, etc in the past year at my university. I sit in a room with 40 physicists with their Ph.Ds and watch as a visiting prof lectures. I and 38 of the physicists in the room are completely left behind, and the 2 physicists at my university who work in highly advanced quantum information research ask all the questions. It's some crazy stuff you really have to go to grad school specifically for in order to fully understand.

To address what you've said, yes you would know if someone was listening in, so you could be sure you're generating keys which no one knows about. You then use these keys to encrypt your data and send it back and forth. Someone can intercept this data and use a quantum computer's power to decrypt this. What they were doing in the article is just generating and transmitting the keys for the encryption, not any encrypted data itself.

 

[AbsolutDealage]

Originally posted by: f95toli
... quantum cryptpgrahy is 100% secure.

Sounds like famous last words to me. No matter how advanced cryptogrophy gets, there will always be a way to crack it.

 

[f95toli]

The difference is that quantum crypthograph is based upon the "laws of nature", unless there is something wrong with quantum mechanics it is 100%.
And as I wrote abouve. it has been mathematicaly PROVEN that you can not crack it, it is not "very, very secure" it is truly 100% secure,

But as Silverpig pointed out the word "crypthography" is actually a bit misledaing, the big thing is that you can always detect if someone is eavesdroping. So it is not really an "encryption algorithm" as such.

And there is acutally another form of cryptograhy which is 100% secure, unfortunately I don't remember the name.
You simply use key which is as long (or longer) than your message, after being used once the key is discarded. This is not very practical since you have to distribute the key somehow (you have to send it in the mail) but it has been used for very sensistive information for a long time.
Nowadays I guess they just use a CD with noise as a key.

 

[AnthraX101]

Quantum Cryptography is better named Quantum Key Distribution. It permits you to transmit a key secure in the knowledge that it can not be intercepted, at least in theory.

There are debates about the true security delivered by QKD. Although it is perfect on paper, there is the possability of a flaw in the implementation of it.

But as Silverpig pointed out the word "crypthography" is actually a bit misledaing, the big thing is that you can always detect if someone is eavesdroping. So it is not really an "encryption algorithm" as such.

And there is acutally another form of cryptograhy which is 100% secure, unfortunately I don't remember the name.
You simply use key which is as long (or longer) than your message, after being used once the key is discarded. This is not very practical since you have to distribute the key somehow (you have to send it in the mail) but it has been used for very sensistive information for a long time.
Nowadays I guess they just use a CD with noise as a key.

You are thinking of a One Time Pad. This is actualy the "unbreakable" part of quantum encryption. It makes it so you can trade these long keys in complete security, without anyone being able to break the message. The problem with using this in a normal way is that it becomes just as difficult to transport the key as it does the message, QKD eliminates this danger.

Don't confuse the different forms of QKD and quantum computers/cryptanalysis. Although both rely on quantum mechanics, they are two very different things.

AnthraX101

 

[eigen]

Originally posted by: f95toli
I just took a brief look but it looks ok. Quantum Cryptography has been around for a few years and the first commercial products have been available for about a year or.

You are right about the rest, Quantum Computers are good at factorizing and since most encyption systems rely on the fact the factorizing large number takes a very long time a Quantum Computer would be able to break those codes.
But quantum cryptography makes it impossible to eavesdrop so even a quantum computer is useless. You can actually prove mathematicaly that quantum cryptpgrahy is 100% secure.

Quantum computers are good a factoring in theory. However I highly doubt that the dechorence problem will be solved within the next 30 years.

 

[f95toli]

Well, but my main point was that QC is different from ordinary cryptography in the sense that even though you can always detect if someone is eavesdropping there is not much you can do about it.

Whith "ordinary" cryptography (Such as public key systems) you have the option to transmitt your message even if you know someone is listening and hope that they are not clever enought to figure out how to decrypt the message. As far as I understand, QC can't help you in cases like this.

And by the way. There are what I guess you could call "well-founded rumors" that a QC link was installed between the White House and Pentagon a few years ago.
The technology to tranmitt keys over such distances have been available for quite some time (even though is was expensive and complicated to use) so it is entirely possible that it is true.
I have heard this story at conferences from several people who are actually working on solid state lasers meant to be used in QC.

 

[f95toli]

eigen: Maybe, it all depends on how money we get and how difficult it will turn out to be to connect many qubits togheter. It is a VERY active area of reseach, recently the circuit people got involved and they are trying to figure out read-out schemes for many qubits.
It might take 30 years, it might take 10 and it might never happen because it might turn out to be impossible to scale the technolgy to about 10 000 qubits which is what we need.
Right now we can connect 3 qubts in solidi state technology, the NMR people can manage 7 but their techinque can not be scaled up.

 

[eigen]

^^ I agree if the nanotech field (sorry to use such a general buzzword) actually takes off. Also josphenson junctions are an interesting idea as well.

 

[f95toli]

Josephson junctions? In what type of circuit?
You can use them in many types of configurations and ther are many qubit proposals tha uses JJ, the most succesfull "pure" JJ qubit being the three junctions flux-qubits (Mooij et al).
AFAIK all superconducting qubits that have been shown to work so far use JJ.

I doublt you will ever be able to make a quantum computer by just coupling single junctions together,
I know Martinis&Co at NIST have done some good work but it shitt does not look very promising

(Martinis is an extremely good experimental physicist who has worked on quantum phoenoma in JJ for many years, I think it is that more than the their circuit design which have made them succesfull so far).

 

[cquark]

Since the topic has diverged into quantum computation, I should point out John Preskill's Quantum Computation class notes and resources. Contrary to an earlier poster, it's not graduate material, and the course provides an introduction to quantum mechanics so you don't even need an undergrad QM course as a prereq. However, you do need to understand linear algebra and partial differential equations.

 

[eigen]

^^ also Texts is a prety good site for quantum comp/info/crytpto. They even have a cool little color coded system to help you figure out what material is at your level.

 

[Rainsford]

I'm not sure this particular application is all that useful. As I understand the article, it's simply a secure way to transmit keys. Fine, even assuming the system is impervious to eavesdropping, at some point you have to USE the key to encrypt and transmit your message. This, I assume, would still be done using traditional methods, which themselves are subject to possible cryptanalysis. Of course this DOES solve the problem of transmitting the key in the first place, but if you have your secure quantum link in the first place, wouldn't it make more sense to just transmit the message through it?

Also, to address a comment made earlier, "most" encryption algorithms are NOT based on factoring, although this phrase seems to be thrown around quite a bit. RSA is the most well known algorithm that relies on the difficulty of factoring large numbers, but it's an asymetric (public/private key) algorithm. Symetric (private key) algorithms, as far as I know, do not use factoring at all, and the most well known, AES, certainly does not.

Even if quantum computing cracks the factoring problem, I believe elliptical curve based asymetric crypto would still be secure. Anyone know about that, I'm not 100% sure?

 

[AnthraX101]

Originally posted by: Rainsford
I'm not sure this particular application is all that useful. As I understand the article, it's simply a secure way to transmit keys. Fine, even assuming the system is impervious to eavesdropping, at some point you have to USE the key to encrypt and transmit your message. This, I assume, would still be done using traditional methods, which themselves are subject to possible cryptanalysis. Of course this DOES solve the problem of transmitting the key in the first place, but if you have your secure quantum link in the first place, wouldn't it make more sense to just transmit the message through it?

Not really. The reason you use QKD is because you can detect eavesdropping, not that it is impervious to it. This means once you detect that a key has been compromised, you no longer use it. The main advantage to having a secure key of (almost) unlimited length is that One Time Pads become practical. A one time pad (as explained above) is impervious to cryptanalysis. Think that you have a key-stream and a plain text stream. Normaly, the key stream is random, but I am going to use a special case to demonstrate the security. I have an encrypted text as follows (in hex):

FF FF FF FF

Given the following two keys: (9D 90 92 9D 00) and (97 9A 93 93 90) you can see that the message either decodes to (bomb) or (hello) respectivly. Because either key is equaly likely, you have no way to figure out which one it is.

Also, to address a comment made earlier, "most" encryption algorithms are NOT based on factoring, although this phrase seems to be thrown around quite a bit. RSA is the most well known algorithm that relies on the difficulty of factoring large numbers, but it's an asymetric (public/private key) algorithm. Symetric (private key) algorithms, as far as I know, do not use factoring at all, and the most well known, AES, certainly does not.

Almost. Symetric encryption would still be considered secure, however quantum computers are better at brute force. While normal computers take n/2 time on average to brute force a message, a quantum computer would take sqrt(n) time to break it. This just means we would need to use larger key lengths.

Even if quantum computing cracks the factoring problem, I believe elliptical curve based asymetric crypto would still be secure. Anyone know about that, I'm not 100% sure?

I think ECC would also fall to a quantum computers ability to solve the discrete log problem, however I am not sure of this.

AnthraX101