from the does-'foolproof'-mean-backdoor-installed? dept.
If implemented on a wide scale, quantum key distribution technology could ensure truly secure commerce, banking, communications and data transfer.
A small device developed at Los Alamos National Laboratory uses the truly random spin of light particles as defined by laws of quantum mechanics to generate a random number for use in a cryptographic key that can be used to securely transmit information between two parties. Quantum key distribution represents a foolproof cryptography method that may now become available to the general public, thanks to a licensing agreement between Los Alamos and Whitewood Encryption Systems, LLC ( http://www.whitewoodencryption.com/ ). Los Alamos scientists developed their particular method for quantum cryptography after two decades of rigorous testing inside of the nation's premier national security science laboratory.
http://www.lanl.gov/discover/news-release-archive/2014/September/09-02-secure-computing.php
Related Stories
Researchers have increased the speed of quantum key distribution from hundreds of kilobits to megabits per second:
Researchers have packed extra information onto single photons to speed up quantum key distribution (QKD) systems. QKD uses a characteristic of quantum mechanics to protect keys used to encrypt data using classical crypto schemes: if Eve tries to snoop on the key Alice is sending Bob, the quantum state/s a photon carries are destroyed. Alice and Bob know there's an eavesdropper, and the key Eve eavesdropped is useless.
However, compared to conventional telecommunications systems, QKD is slow: most systems based on photon-by-photon transmission of crypto keys run at speeds of hundreds of kilobits per second.
Research from Duke University's Nurul Taimur Islam, with collaborators from Ohio State University, Oak Ridge National Laboratory, and the National University of Singapore, achieved megabit key distribution rates using off-the-shelf components, meaning existing photonic QKD systems could be adapted to use it their work. In a paper based on research funded by the United States Navy and Defense Advanced Research Projects Agency (DARPA), published in Science Advances [open, DOI: 10.1126/sciadv.1701491] [DX] and available as pre-press at arXiv, the researchers explained that to get faster key distribution rates, they worked to overcome the limits on photon detectors' speed.
Also at Engadget.
Related: Secure Computing for Everybody
Reflective Satellites may be the Future of High-end Encryption
Quantum Video Chat Links Scientists on Two Different Continents
(Score: 3, Funny) by jasassin on Saturday September 06 2014, @09:57PM
NSA already powned it.
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 1, Interesting) by Anonymous Coward on Saturday September 06 2014, @10:12PM
gotta agree. i'm sure as hell not sticking any device from the US government in my computer.
i'd rather buy everything from china... better the devil you know than the two-faced monster
(Score: 0) by Anonymous Coward on Saturday September 06 2014, @11:00PM
Don't you know United States Government Vice President Al Gore invented the Internet? Why the fuck are you still using the Internet?
(Score: 2, Interesting) by anubi on Sunday September 07 2014, @02:47AM
I get the idea its all coming from China anyway.
If you pay more, you can get a product labeled in the USA.
However if we want to have a secure OS, we have to have a legal framework in place that tolerates people investigating digital mischief in their machines. Blinding the cashiers is not the way to handle thefts of candy.
We desperately need a "public OS". Linux appears to be in a prime position to do this, however trying to maintain interoperability with a known sickly dinosaur is very difficult. Ok, its not the dinosaur itself that's so sickly, rather its all those attachments and unsafe sex we insist it perform before some businesses will talk to us - and we do not have any better sense than to go along with whatever arbitrary code the business insists on - whether it be some plug in, pop-up, codec, driver, or whatever.
If we can come up with a secure public kernel along with a legal framework that will hold a business responsible for any extensions, plug-ins, apps, whatever-they-wanna-call-it... required to view their content. I guarantee you even if Linux became the System Du Jour worldwide, businesses would still have a hey-day insisting on us running their arbitrary code in our machines in order to talk to them. The devil is in that arbitrary code.
The biggest reason I see for a public codebase is to unify our communications. We have entire nations speaking the same language, of which no-one can claim ownership and rights to use that language, or continuously release revisions to the language to force repurchase of rights to use it. I feel we need a public OS just as much as we need the English language - and it needs to be just as public as the use of English is. Its gotta be simple enough that anyone so inclined can understand every little jot and tittle of how it works.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 3, Interesting) by kaszz on Saturday September 06 2014, @10:44PM
Yeah, how do we know this is true?
"A small device developed at Los Alamos National Laboratory uses the truly random spin of light particles"
(Score: 4, Funny) by BradTheGeek on Sunday September 07 2014, @01:18AM
You either know it's true or you own the device, but never both.
(Score: 0) by Anonymous Coward on Saturday September 06 2014, @10:52PM
But but but how will t3h l33t d00dz stay 31337 if everybody can use it???
(Score: 4, Interesting) by sjames on Saturday September 06 2014, @11:45PM
This is a quantum random number generator, NOT quantum key exchange.
Many PCs already have that in the form of a device that uses quantum noise in a tunnel diode.
The device in TFA may be an improvement, but it isn't groundbreaking.
(Score: 2) by theluggage on Sunday September 07 2014, @03:09PM
Except that TFA includes the claim:
...which would imply full-blown quantum key exchange. Plus, the picture shows a fibre optic cable emerging from the device, which wouldn't be needed if this were just a standalone key generator. So maybe there's some critical info missing from TFA about how they plan to transmit individual photons around the world so that you can exchange keys with someone more than 3 feet away?
(Score: 2) by sjames on Sunday September 07 2014, @06:13PM
It does, and I have no idea why. Everything in the actual text talks about RNG, thumb drive sized devices and use by the everyman. Since the everyman doesn't have a private well conditioned dark fiber connection and that's not the sort of thing you connect like a thumb drive, I lean towards RNG. Then they get to the heart of it:
The technology at the heart of the agreement is a compact random-number-generation technology that creates cryptographic keys based on the truly random polarization state of light particles known as photons. Because the randomness of photon polarization is based on quantum mechanics, an adversary cannot predict the outcome of this random number generator. This represents a vast improvement over current "random-number" generators that are based on mathematical formulas that can be broken by a computer with sufficient speed and power.
My best guess is that the fiber is where the light source is connected.
The everyman is probably better off using 2 switchable banks of resistors and a copper wire pair.
(Score: 2) by arslan on Sunday September 07 2014, @10:50PM
The fiber leads back to NSA HQ. Nothing to see here, please carry on.
(Score: 2) by darkfeline on Sunday September 07 2014, @09:10PM
From the summary, this is just a random number generator/entropy generator. It's not at all gamebreaking. We have had truly random entropy generators for a long time, and in any case, the problems with encryption, security, privacy etc. etc. in the present day have pretty much nothing to do with a lack of truly random entropy and almost everything to do with programmers who don't know what they're doing, backdoors installed courtesy of NSA or your local NSA branch-equivalent, and general public ignorance and indifference. In other words, a people problem.
Join the SDF Public Access UNIX System today!