Schneier Calls Quantum Cryptography Impressive But Pointless

KindMind writes "Bruce Schneier writes in Wired that quantum cryptography, while an awesome technology, is actually pointless (that is, of no commercial value). His point is that the science of cryptography is not the weak point, but the other links in the chain (like people, etc.) are where it breaks down."

Hard to argue with the general point.

[fuzzyfuzzyfungus]

It is pretty hard to argue that point as long as the world of security is a mass of users who leave passwords on sticky notes under the keyboard(Ultimate Hiding Spot!), accounts whose passwords can be reset with a mother's maiden name, and banks less interested in customer security than WoW is.

My (admittedly layman's) understanding is that, barring dramatic advances in factorization algorithms, or extraordinary advances in the computers running them, classical asymmetric key cryptography is more than adequate(plus the convenient advantages of working over data links that aren't spiffy optical fiber).

Solving the wrong problem

[Checkered Daemon]

Encryption is easy. Authentication is hard. Quantum cryptography is a solution of the wrong problem.

Who are the users?

[SirGarlon]

I have always thought of quantum cryptography more as something for CIA-to-Pentagon or Swiss-bank-to-Swiss-bank kinds of communication, not something for Aunt Tillie. I think the vulnerability of the system depends on who's using it.

Re:Hard to argue with the general point.

[CroDragn]

The problem is that in the next 10-20 years there will be a extrordinary advance in commercial computers. Quantum computers, which are fantastic at breaking present day encryption, have made some major advances in the lab recently, and it wouldn't surprise me to see them operating at the government/corporate level within 20 years or so. Once these are in place, normal security will be very weak and something such as quantum security schemes will be required for most applications. So yes, quantum security is useless now, but hopefully research into it will provide with a practial model about the same time quantum computers make it necessary.

Re:sure...

[moderatorrater]

Quantum crypto does just that, if I remember correctly. Because of the nature of quantum mechanics, you can't intercept the message without simultaneously changing it. Having changed it, you're unable to hide your eavesdropping. The mathematics and science of cryptography is always the strongest thing about security, it's just those darned humans continually screwing things up.

Re:sure...

[theralfinator]

The point of "encrypting at all" is that it makes the transmission "link" of the "chain" stronger. Not extremely ridiculously amazingly stronger, but strong enough that if you really want to break the chain, you'll try breaking the other links. Let's say we have a chain made of wooden link but one of those links is made of steel. It would be pointless to remove the steel link and replace it with a titanium alloy link in order to "make the chain stronger."