Stories
Slash Boxes
Comments

SoylentNews is people

posted by LaminatorX on Tuesday August 25 2015, @07:33PM   Printer-friendly
from the Alice-&-Bob dept.

Quantum key distribution is regularly touted as the encryption of the future. While the keys are exchanged on an insecure channel, the laws of physics provide a guarantee that two parties can exchange a secret key without knowing whether they're being overheard. This unencrypted-but-secure form of key exchange circumvents one of the potential shortcomings of some forms of public key systems.

However, quantum key distribution (QKD) has one big downside: the two parties need to have a direct link to each other. So, for instance, banks in and around Geneva use dedicated fiber links to perform QKD, but they can only do this because the link distance is less than 100 km. These fixed and short links are an expensive solution. A more flexible solution is required if QKD is going to be used for more general encryption purposes.

A group of Italian researchers have demonstrated the possibility of QKD via a satellite, which in principle (but not in practice) means that any two parties with a view of a satellite can exchange keys.

http://arstechnica.com/science/2015/08/reflective-satellites-may-be-the-future-of-high-end-encryption/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by tibman on Tuesday August 25 2015, @08:27PM

    by tibman (134) Subscriber Badge on Tuesday August 25 2015, @08:27PM (#227768)

    Just reading through QKD and it sounds bad for secure connections. Because it is based on chance there is a possibility that a 3rd party does indeed have the key (however low that may be, it is possible). In my experience with computers if there is a slight possibility of something happening you only have to ramp up the event occurrence to make it happen. Bonus points if you can poison any results you don't want and force the system to repeat until it gives a result you do want. E91 does sound better than BB84 though.

    The quantum entanglement (talking about BB84 here) doesn't mean someone can't listen. They can listen but they only have a 50% chance of retransmitting the bit with the correct basis. That is what introduces the errors. So if the hardware is working great that day and the spy guesses 80% correct then the spy has the exact key (after reconciliation and amplification). Ah, but it gets better. The spy doesn't need the whole key. Since errors are corrected on a public channel the attacker can use that information to improve the accuracy of the stolen key. So bring that 80% down some... and it starts looking scary : )

    The whole thing looks like an excellent puzzle to solve for a spy agency. Intercepting a key isn't impossible, just unlikely. How can those odds be improved? Please correct me if i am wrong!

    --
    SN won't survive on lurkers alone. Write comments.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 1, Insightful) by Anonymous Coward on Tuesday August 25 2015, @08:36PM

    by Anonymous Coward on Tuesday August 25 2015, @08:36PM (#227773)

    50% ^ key length[2048] is pretty fricken small. [3.094346047382578275480183369971197853892556303884969045... × 10^-617]

  • (Score: 3, Insightful) by draconx on Tuesday August 25 2015, @09:30PM

    by draconx (4649) on Tuesday August 25 2015, @09:30PM (#227793)

    The whole thing looks like an excellent puzzle to solve for a spy agency. Intercepting a key isn't impossible, just unlikely. How can those odds be improved? Please correct me if i am wrong!

    It doesn't need to be impossible. The odds of successfully eavesdropping only need to be worse than randomly guessing the key by flipping coins, which is also not impossible (just unlikely). If we can achieve that, then we can conclude the key exchange is secure against eavesdroppers because flipping coins gives better results.

    • (Score: 1, Insightful) by Anonymous Coward on Wednesday August 26 2015, @12:40AM

      by Anonymous Coward on Wednesday August 26 2015, @12:40AM (#227878)

      The point of QKD isn't that interception is impossible: it's that undetected interception is impossible. Collecting information (eavesdropping) on the system changes the system, which means that eavesdropping cannot go unnoticed. When you notice interception, you halt the negotiation of the shared secret for the encrypted session. If you don't notice interception, then your shared secret was negotiated safely.

      This is incredibly expensive, cutting edge research. Meanwhile the NSA has already side-channeled the client boxen and has simply been keylogging the shit out of Alice and Bob, so they know everything without dicking around with your magic photons, which were always just a distraction.