Researchers demo "unbreakable encryption" based on quantum cryptography
By Darren Murph 
posted October 9th 2008 6:39PM
posted October 9th 2008 6:39PM
Call us devilish, but we just can't help but love these types of stories. Here we have yet another overly confident group of researchers grossly underestimating the collective power of the hacking underground, as gurus from all across Europe have joined together to announce "the first commercial communication network using unbreakable encryption based on quantum cryptography." Interestingly enough, quantum cryptography has already been cracked in a kinda-sorta way, but that's not stopping these folks from pushing this claim hard to government agencies, financial institutions and companies with distributed subsidiaries. We've no doubt this stuff is pretty secure, but the last time we heard someone utter a claim similar to this, we saw him uncomfortably chowing down on those very words merely months later.[Via Physorg]
The only way it would be unbreakable is if Chuck Norris was guarding it.
Wait, what? This isn't 2004? I'll get my coat then. Back to 4chan for me.
I think the word "unbreakable" was used to attract people. In less than two days, some hacker will eventually break it and the joke will be on them.
BTW can this be used to ultra duper mega pirate movies and software and not get caught?
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
7A 5F 8A 09 F8 33 F7 22 1B D4 1F A6 4C 9C 79 33
If someone made it, someone else can crack it.
Only if there is enough examples for them to work with.
If we got part of an alien language, without a key, nor context, we wouldnt have a clue what it meant.
The best codes are like this. Give your oponant as little information as possible, and hide as much of the original messages propertys as possible. (eg, for an easy example; letter frequencys).
In just about any situation these days the idea is to avoid the possibility of "automatic" hacking by computers anyway.
Most of us are perfectly safe if we have a code that would take a team of humans to crack.
ANY and ALL encryption schemes that can be decrypted can be cracked. If it is truly impossible to crack, it is also be impossible to decrypt legitimately and is thus useless. Its just a matter of time.
Wow, dangerous and sweeping generalization. As lethal as saying you have an "unbreakable" cipher :)
@DirtyVegas
As per Dave's above comment: http://www.tgdaily.com/content/view/39599/108/
You lose.
An implementation was broken, not the actual method. Not the same thing.
Obviously you haven't read as much into this as you claim: the reason that it is so "secure" is simply because it gives the people using it a way to know if the data has been intercepted or not. As of this month, someone found a way to steal information being transferred without anyone knowing. As such, the the "unbreakable encryption" has been broken.
Again, you lose.
I didn't know we were competing. Does me losing make you happy? Ok.
This is more descriptive version of what Dave was talking about
http://technology.newscientist.com/article/dn14866-laser-cracks-unbreakable-quantum-communications.html
From the article "The method exploits the way a common type of photon counter can have its sensitivity reduced by a very bright flash of light. The attack begins when Eve fires a pulse of laser light to all four detectors in Bob's equipment."
And for some reason, we're supposed to make a leap of faith that Eve can access the receiver or the transmitter? The breach is then physical, if the channel or equipment can be compromised by a "pulse of light". That points to a faulty implementation, not a fault in the method. Here's something I said the last time :
" Why's it that no one understands the "real world" where algorithm + implementation + practicality are always together, making generalizations of both kind -> completely breakable, completely unbreakable are both incorrect?"
All I'm saying is you can't deal in black and white with cryptography.
@DirtyVegas
obviously this encryption method has to work with all the forces and effects of the universe acting upon it, you measure the changes the information is there.
http://en.wikipedia.org/wiki/Side-channel_attack
maybe if the thing is in it's own little warp bubble.
its, dammit! Jjust ignore any other mistakes; damn grammar police are everywhere.
does anyone else hear the futurama theme song in their head when they look at that picture?
This is just bad journalism.
The point of quantum encryption is not that it is "unbreakable" at all, but that it cannot be intercepted without the interception being detected.
+"Whelp. India got our nuclear tech and Pakistan intercepted it."
-"Oh good. I was going to send a copy to them next week, so I guess I saved some time and effort. What needs to go where, next?"
+"20,000 mile range ICBM plans for Israel. Hamas or the Mahdi Army will probably intercept that one"
-"Ok. Let's get to it."
yeap... unless you have physical access to the receiver. Then you could apply Makarov's technique (http://technology.newscientist.com/channel/tech/dn14866-laser-cracks-unbreakable-quantum-communications.html)
Who needs to crack the encryption when you can just swipe the plaintext from either end. A simple method requires you to be in the same room as the sender or recipient, but rather than needing a "quantum non-demolition box", you just point a lethal weapon at 'em.
That first sentence was supposed to end with a question mark?
hmm...unhackable? possibly. immune to me pulling the power plug out of the socket? i think not.
Quantum encryption works by placing a single photon at the head of the data that is being sent. By the very nature of a photon, if it is disturbed at ALL at ANY point in transit, its signature is changed and all data coming after it is destroyed, where the sending side will be notified and they can try and send again. So, what this means is that your data either makes it, or it doesn't, and if anyone along the line tries to snoop on it or intercept it, all data will be destroyed. Pretty cool idea I think but again, we'll see if it holds true, but according to what we currently know about modern physics, its should theoretically be UN-crackable.
Actually, there is a slight chance, which I think is 25% or 50% but I can't quite remember which one, that you will not notice that the attacker tried to intercept your bit. Because the attacker just have to send the photon back but can't be sure of the exact polarization. But since it's per bit, with 256 bits, the chances that you don't notice it are quite small!
But yes if you manage to send the key securly, you could have a perfect encryption system if you have a good one time pad implementation
I learned how to hack anything from TV.
Turn off the lights. The best hacking is done in a darkened room. Then, after a few closeups of typing on the keyboard, a click of the mouse, and a progress bar, someone has to exclaim "we're in!"
Alternatively, solder an LED display (the more digits, the better) onto a fancy-looking circuit board, and hold it up to the device to be hacked. When a number shows up, you're in. In some cases you'll need to physically plug it into the device.
No fair! You changed the outcome by measuring it!
I friggin hate when you guys use contractions stupidly. DIE
You know what's not an encription algorithm, quantum cryptography ;)
Quantum cryptography is just a way to detect wether someone is spying your communications or not. You don't actually cipher or decipher anything with quantum cryptography. You just send the keys to someone else so that you can communicate securly through you favorite symetrical algorithm like AES on the internet.
Actually, there is a slight chance, which I think is 25% or 50% but I can't quite remember which one, that you will not notice that the attacker tried to intercept your bit. Because the attacker just have to send the photon back but can't be sure of the exact polarization. But since it's per bit, with 256 bits, the chances that you don't notice it are quite small!
switchbitch is right. Quantum Cryptography provides for a theoretically unbreakable encryption that cannot be broken. As I understand it, if you do eavesdrop, the information will be erased. To those of you that scoff at the word "theory," understand that a theory is our current best interpretation of the world today. Quantum mechanics, the theory behind this encryption, is literally the most verified theory we have to date, more so than the theory of gravity.
So it is actually more likely that tomorrow gravity will reverse and we will all be flung into space than for someone to get around this encryption.
Alas, poor Heisenberg. He knew the exact velocity of his quantum keychain.
I posted a link to an article about how it's already being cracked with lasers on the first page. So...
We already have unbreakable encryption, it's called TrueCrypt.
I didn't know we were competing. Does me losing make you happy? Ok.
This is more descriptive version of what Dave was talking about
http://technology.newscientist.com/article/dn14866-laser-cracks-unbreakable-quantum-communications.html
From the article "The method exploits the way a common type of photon counter can have its sensitivity reduced by a very bright flash of light. The attack begins when Eve fires a pulse of laser light to all four detectors in Bob's equipment."
And for some reason, we're supposed to make a leap of faith that Eve can access the receiver or the transmitter? The breach is then physical, if the channel or equipment can be compromised by a "pulse of light". That points to a faulty implementation, not a fault in the method. Here's something I said the last time :
" Why's it that no one understands the "real world" where algorithm + implementation + practicality are always together, making generalizations of both kind -> completely breakable, completely unbreakable are both incorrect?"
All I'm saying is you can't deal in black and white with cryptography.
I guess the safest type of encryption is a physical one, where on person is talking to another and they tell each other the code and the key. As long as no one is listening and we haven't developed a mind reading device.
and how do you make sure that no one is listening (point being, on long-distance international calls)? Encryption...
this all sounds like a load of jibberish to me. surly someone must be able to break it eventually.
If the point of cryptography was simply to make sure that you knew if someone was reading your mail, then we perfected it with wax seals and carrier pigeons EONS ago.
Tell that (cryptography is only to make sure that we know if someone reads our info, that's why the future is quantum cryptography) to ANYONE in the military and they'll laugh in your face and then throw you out on your ass.
1) The whole point of cryptography is not to make sure that the enemy doesn't listen in, it's to make sure that he doesn't understand what we're saying.
2) EVERY MEASURE OF SECURITY IS BREAKABLE. PERIOD. If not mathematically/laws of physics than there's social engineering.
3) Even if something were unbreakable because it was based on the laws of physics, an easy way to start breaking it would be to take what you're trying to break and put it somewhere where either the laws of physics do not apply or the laws of physics can be broken (think computer simulations).
4) Anything that is supposedly unbreakable only seems that way since the newest technology is in the hands of the code writers first and not the hackers. As soon as the hackers catch up your encryption is worthless.
5) Go read Digital Fortress by Dan Brown, you wankers.
Digital Fortress was the second worst book I have EVER read. And I've read a lot of horrible books. I have very low standards. As for your point number 3? Hello, this isn't Tron. This is reality. Simulations are great and all, but at some point you have to reach the application stage.
While particular implementations of this type of security may range from easily compromised to nearly impossible to compromise, the underlying principle cannot be defeated.
Think of it this way - I write a very important message on a piece of paper. This piece of paper is *extremely* flammable. I place this paper above a lighter, and the entire apparatus is placed into a sealed room. If this room is compromised, the lighter ignites, burning the paper and destroying the message. I could say that my method of securing the data is impossible to defeat, because if you get into the room to read the message, the act of doing so will destroy it.
Except that there are any number of ways the room might be compromised which would lead to a failure of the lighter to ignite. The odds are that the more easily I want to have access to the piece of paper to read the message, the more easily the room can be compromised without destroying it. But no-one can deny that if that lighter does go off and the paper burns, the message is destroyed.
Of course, the easiest way to get around it is probably just to give me some money, and I'll tell you what the message is :) The goal with a system like this, as with any security method, is to make bypassing it sufficiently daunting such that what is gained by bypassing it isn't worth the effort. If a system like this is implemented correctly, it would be awfully difficult to defeat.
As for the stories published about this method already being hacked? It would probably help their credibility if the devices needed to successfully hack it actually existed (aka the 'quantum non-demolition box' from the linked engadget article), or if you weren't required to be in the same room as the receiver to pull it off.
1) Actually, either way is fine.
2) Well. If someone sends something cryptographically secure and the posts it on his public facebook page, then clearly it is not secure. However claiming it is the fault of the cryptographic protocol is absurd.
3) Whoever is communicating has to agree to go to this magical place where the laws of physics don't apply. (Think: they probably wont)
4) All hackers out there: Read J.J. Sakurais Modern Quantum mechainics, and Nielsen and Chuangs Quantum Computation and Quantum Information.
And now we wait to see if they can do what Albert Einstein tried for 40 years, to disprove quantum mechanics.
5)
Go read the books above you selfwanker :)
@Engadget
You really shouldn't make fun of stuff you don't understand, it makes you look pretty silly. QKD has been around for more than 20 years and nobody has broken it yet.
2) """ EVERY MEASURE OF SECURITY IS BREAKABLE """. PERIOD. If not mathematically/laws of physics than there's social engineering.
/Blog.
2) Well. If someone sends something cryptographically secure and then posts it on his public facebook page, then clearly it is not secure. """ However claiming it is the fault of the cryptographic protocol is absurd."""
Inflammable means Flammable??? What a country!!!
I love how easily people think encryption can be broken. AES is widely used and has never been broken, ever. The only ways AES can be defeated is with a massive, I mean massive, computer and several hundred or thousands of years to spare to guess every key possibility hoping you stumble on the correct one. The only other weakness of AES (really a weakness of most types of encryption) is the the encrypter can use a weak and easily guessable key.
Heck, even a simple "one time pad" is a form of perfect encryption if the one time pad is never used twice and is sufficiently random which is easily doable. And a one time pad doesn't require fancy quantum techniques. A properly used "one time pad" is unbreakable. Most modern industrial encryption techniques are loosely based on this idea of combining a random pool of data with a bit stream to encrypt it. The main variation is how the pool of random data is generated and combined with the bit stream that is to be encrypted.
Encryption is usually circumvented, not broken, by attacking bad implementations of encryption routines and not the encryption itself.
..and the Titanic is unsinkable
... and entropy in a closed system can never decrease
You naysayers don't understand physics. When they say these things are unbreakable, what they mean is that cracking them would violate the laws of physics and the universe. It is not a technical challenge and they do not mean "practically unbreakable." They mean the encryption can and never will be broken, under any circumstances, ever, in a billion trillion years, even with a computer as big as the universe. And here I'm understating things a bit. Unless you want to explain how hackers (or anybody) can violate the laws of physics.
maybe we can just entice the key out with a hot lady at the bar, who just happens to be an international spy!
at least that's how it works in the movies.
Quantum encryption was broken because massive quantities of entangled elements were sent. This gives a probabilistic threshold for determining tampering with a given entangled key (until signals are on the per electron level). Just like quantum uncertainty ruling the underlying constituents of matter and yet despite such uncertainty no one ever appears then disappears spontaneously. So the larger your physical data packet (in electrons), the less directly entangled it becomes, as the uncertainties composite is probabilistically more certain. The reason that the researchers did this is required for any reliable communication via normal channels, (super conductors maybe?). So its a known flaw that the original researchers knew and thus they developed a threshold (bandwidth/security) . The hack which is not all very clever is to simply to stay below the threshold, and only tamper with a few electrons over time. Theoretically the key is not unbreakable, rather its immune to mitm attacks. As an attacker would be detected by the sender, as perturbations to their entangled key.
U. of Cincinnati is hosting the 2nd interntl. post quantum cryptography conference in next week -- http://math.uc.edu/~aac/pqcrypto2008/
as far as I am aware, the reason it is unhackable is down to the fact that (in theory) when you try and hack it, you disturb it, and disturbing it changes it somehow and there for the data you are trying to receive is lost. There is much more to my very loose grasp of this theory.