First Secure Quantum Crypto Network Up and Running

John Lam was one of many readers to send in news that on Thursday, "at a conference in Vienna, Austria, as reported by the BBC, a European Community science working group built a quantum backbone using 200-km of standard commercial optical fiber running among seven sites and successfully demonstrated the first secure quantum cryptographic key distribution network. In addition, each of the seven links used a different kind of quantum encryption, demonstrating interoperability between the technologies. To paraphrase, the project focused on the trusted repeater paradigm and developed an architecture allowing seamless integration of heterogeneous quantum-key distribution-link devices in a unified framework. Network node-modules managing all classical communication tasks provide the underlying quantum devices with authentic classical channels. The node-module architecture uses a layered model to provision network-wide, end-to-end, provably secure key distribution."

Teleportation?

[MRe_nl]

from TFA "Albert Einstein, who discovered the quantum properties of photons of light - indeed, discovered the very concept of the photon - always resisted quantum theory's spooky behaviour, "God does not play dice", being among his oft-quoted objections.
But experiments eventually proved that he apparently does, and also laid the technical foundations for today's quantum information revolution - cryptography, teleportation, and computation."

Teleportation? Did I miss something here? Has matter been teleported

Re:Teleportation?

[argent]

http://en.wikipedia.org/wiki/Quantum_teleportation [wikipedia.org]

Re:

[MRe_nl]

Thank you.
I have to go and lie down now for a bit ; ).

Re:

[andruk]

It's actually fairly simple (afaik). Particles bounce between potentials (inside a "well") and create standing waves. These waves die off exponentially in the potentials themselves, and so if you have a potential that is small (thin) enough, there is a non-negligible probability that the particle will be found outside of the well.

Voila, "teleportation".

Re:

[Bolzano-Weierstrass]

It's actually fairly simple (afaik). Particles bounce between potentials (inside a "well") and create standing waves. These waves die off exponentially in the potentials themselves, and so if you have a potential that is small (thin) enough, there is a non-negligible probability that the particle will be found outside of the well.

Voila, "teleportation".

I suggest you compare Quantum Tunneling [wikipedia.org] with Quantum Teleportation [wikipedia.org], as they are not the same thing :)

Re:

[bram]

You must be new here.

Re:

[polar red]

Teleportation? Did I miss something here? Has matter been teleported or is this just speculation?

Yes. But it's only Photons that have been 'tele-ported' at the speed of light even.

Re:

[IceCreamGuy]

it's only Photons that have been 'tele-ported'

It is actually not a particle like a photon, but only information that is teleported. Just in case your next question is "doesn't this mean we can communicate at the speed of light?" you must have a classical information channel as well in order to make sense of the teleported information.

Re:

[itsdapead]

"doesn't this mean we can communicate at the speed of light?"

Actually, it has been possible to communicate at the speed of light for some time using, er, light by (eg) sending up smoke signals or waving. I think you meant "faster than light"...

Re:

[IceCreamGuy]

Good points, I guess that is what I meant.

Re:

[caluml]

Actually, it has been possible to communicate at the speed of light for some time using, er, light by (eg) sending up smoke signals or waving. I think you meant "faster than light"...

Cough... radio waves... cough

Re:

[BungaDunga]

You can communicate at the speed of light with... semaphore. It's not exactly hard.

Re:

[IceCreamGuy]

Heh, whoops, yeah I'm an idiot

Re:Teleportation?

[Zerth]

xkcd is almost always relevant [xkcd.com]

Re:

[PhasmatisApparatus]

No, xkcd is always almost relevant.

Re:

[hitmark]

and even if it isnt, its fun the read ;)

Re:

[mikkelm]

Go back to Alpha Centauri.

Re:

[SMACX guy]

Anonymous Coward, your forces have been spotted in my territory. I demand that you withdraw them immediately.

Re:

[thedonger]

But experiments eventually proved that he apparently does

This is the part I find interesting - "apparently." We still do not fully understand, like when we inherit someone else's spaghetti code and, modify some method and say, "yeah, looks like that fixed the problem." Only, we aren't 100% sure, and then we find out it didn't fix it or it caused another issue, and ultimately we realize it's time to rewrite the whole damn thing.

So the question is, how far will quantum [insert favorite flavor] go before we re

Re:

[argent]

I think we'll discover that the universe really is a mess of hacks and spaghetti code, personally.

By that time we'll be Greg Egan cyberheroes and we'll rewrite the universe as a universal turing machine, and live as strings of code in the quantum foam.

Re:

[Tubal-Cain]

I think we'll discover that the universe really is a mess of hacks and spaghetti code, personally.

Written in Perl [xkcd.com].

Re:

[TwistedOne151]

I think we'll discover that the universe really is a mess of hacks and spaghetti code, personally.

Spaghetti code, perhaps written with a Noodly Appendage?

Re:

[itsdapead]

Teleportation? Did I miss something here? Has matter been teleported or is this just speculation?

Its about a trick that lets you transfer the "quantum state" of one particle to another particle (at a distance) without "measuring" it and therefore changing it.

If you want it in Star Trek terms, they haven't invented the transporter, but they have eliminated the need for the fictitious "Heisenberg compensator" which (as any Star Fleet cadet knows) allow the transporter to measure the exact state of every atom in your body without completely scrambling them in accordance with the uncertainty principle.

Do

Re:

[BungaDunga]

I don't think quantum encryption uses teleportation or entanglement, just the Uncertainty Principle. The photons (in a quantum state) are actually physically transferred through fiber-optics.

No teleportation

[Chris Burke]

The wiki article posted earlier will give you more information, but let me tell you the depressing upshot.

Nothing is really being teleported. Nothing can be transported faster than the speed of light using quantum teleportation. Not even information. Especially not information.

There is a quantum interaction between two particles that happens instantly, but the particles themselves, and all the information contained in those particles, was transfered at sub-light speed when you separated them.

It's still u

Re:

[Krabbs]

Actually, it is neither. Teleportation is a bad name. The point is basically that you can transmit qubits using EPR pairs and classical bits. It is information theoretically interesting, but no "beem me up, scotty".

Subspace Encryptions

[Anonymous Coward]

I've always wondered what type of encryption was used in Star Trek episodes when it was announced that there was an encrypted subspace channel for Picard.

Re:Subspace Encryptions

[jellomizer]

You know, Star Trek is fiction, right? Not all the technology in the Star Trek fictional universe is possible, an some others will come out very soon others probably never.

Re:

[Adult film producer]

From "First Contact" -

Data: I have isolated the main computer with a fractal encryption code. It is highly unlikely they will be able to break it."

Re:

[meringuoid]

I've always wondered what type of encryption was used in Star Trek episodes when it was announced that there was an encrypted subspace channel for Picard.

Along similar lines, remember in episode 25 of TOS, where just before beaming down to the planet Captain Kirk opened up a safe in his quarters? I always wondered what the combination was.

Re:

[Emperor Zombie]

1-2-3-4-5

Re:

[ObiWanKenblowme]

1-1A-2B

Wait, that doesn't sound ri... [BOOM]

Re:

[Cajun Hell]

If you can afford to spend billions of (today's) dollars building these ships, you can afford to send 'em out with a few wowzabytes of random pad.

Better than ssl

[sakdoctor]

You'll be able to tell if your web traffic has been snooped by the authorities because all your lolcats will arrive dead!

Rumors of their death has been slightly entagled

[jonaskoelker]

Wanted: Schrödinger's Cat. Dead and alive.

Re:

[jank1887]

or both

Re:

[Tubal-Cain]

Hence the "and"

Re:

[jank1887]

that's what you think.

Re:

[Dishevel]

Only half will, on average.

Wouldn't the encryption when snooped kill half the cats and then the snooper would need to re encrypt the packets. When you decrypt them again wouldn't you get like a 75% dead lolcat ratio and realize somthing was up?

Re:

[arktemplar]

Lolcats and Schrodingers cat together - interesting.

http://abstrusegoose.com/7 [abstrusegoose.com]

Re:

[KGIII]

http://icanhascheezburger.com/2008/05/02/funny-pictures-schrodinger-xperimint/ [icanhascheezburger.com]

(One of my favorites.)

If I recall correctly, not the first

[fwice]

Under DARPA sponsorship, and together with our academic colleagues Harvard University and Boston University, BBN Technologies has recently built and begun to operate the world's first Quantum Key Distribution (QKD) network. The DARPA Quantum Network employs 24x7 quantum cryptography to provide unprecedented levels of security for standard Internet traffic flows such as web-browsing, e-commerce, and streaming video.

The DARPA Quantum Network became fully operational on October 23, 2003 in BBN's laboratories, and has run continuously since.

source: http://bbn.com/technology/information_security/quantum_cryptography [bbn.com]

Re:If I recall correctly, not the first

[Yvanhoe]

And the first attacks are there [hackaday.com] as well...

Stop loading the article!

[Anonymous Coward]

I'm trying to read it, you insensitve clods!

Re:

[KGIII]

You must be new here.

"Story" tag

[Rik Sweeney]

Seriously, can we have this tag blocked or something?

Re:

[Shikaku]

Sure! Block just about everything on Slashdot! You can only read the idle pages now because they are not stories.

Re:

[Ant P.]

I'd prefer to just have the entire thing blocked, since the arrow icon has started overlapping the summary text.
("div.tag-widget-stub { display: none }" goes in the user CSS if you want rid of it)

Re:

[Tubal-Cain]

The appropriate response is to tag it "words"

Re:

[TheRaven64]

Blob Wars now for Windows [parallelrealities.co.uk]

And does it still include copyright artwork and music being distributed without the permission of the authors?

Who's been reading sales literature?

[L4t3r4lu5]

"...seamless integration of heterogeneous quantum-key distribution-link devices in a unified framework."

My buzzword alarm just core dumped.

what did he say?

[FornaxChemica]

"To paraphrase..."

More like: to make the subject even more unintelligible...

Secure Key exchange.

[locofungus]

I heard something about this on the radio last night (wasn't paying full attention).

But they were talking about quantum key exchange. Assuming that they're then using a standard symmetric key to encrypt the link it's still theoretically breakable, just the key exchange that isn't.

If they're quantum encrypting all the data then that's pretty astonishing - they were talking about video-conferencing so they need a reasonable bit rate and the fidelity rate has to be above 5/6[1] otherwise the link might be vulnerable to a quantum cloning attack.

[1] Assuming the best attack is a universal quantum cloning machine. The maximum theoretical fidelity isn't known for most non-universal quantum cloning machines (but is trivially known for some - e.g. 3/4 for a naive measure and retransmit). I don't know whether it's possible to prove that the 5/6 is a sufficient lower bound on the fidelity.

Tim.

Re:

[Bengie]

"[...]Assuming that they're then using a standard symmetric key to encrypt the link it's still theoretically breakable[...]" depends on what you mean by "theoretically". According to my cousins professor in his Computer Science Encrption course, if you had a *perfect* 256bit symmetric key encryption, if you counted just bit flips and no other inefficiency of the system, on average it would take more energy to break the key than there is usable energy in the known universe. and from what I've read about q

Re:

[locofungus]

Hmmm, not sure I agree with that assessment.

if you had a *perfect* 256bit symmetric key encryption, if you counted just bit flips and no other inefficiency of the system, on average it would take more energy to break the key than there is usable energy in the known universe

A perfect computer can have no entropy change provided it never forgets anything.

Storing all 2^256 keys would require 2^264 bits. There are estimated to be roughly 10^80 particles in the universe ~ 2^265. It's not immediately obvious to m

Re:

[meringuoid]

But they were talking about quantum key exchange. Assuming that they're then using a standard symmetric key to encrypt the link it's still theoretically breakable, just the key exchange that isn't.

Let the key be at least as long as the message itself; then you have a one-time pad, which is unbreakable.

Re:

[locofungus]

Yes. Exactly. But your key generation has to have the same bandwidth as your data channel.

When I said standard symmetric key I meant key much shorter than message.

If they can generate a key at a bit rate sufficient to support video conferencing with a fidelity of no less than 5/6 over standard fiber optic cable then I'm very impressed.

If their fidelity is lower than that then an attack may be impossible currently but it's not theoretically impossible for someone with a perfect (as far as allowed by the rule

Re:

[UnHolier than ever]

The fidelity necessary for QKD to be provably secure depends on the axact protocol used. BB84, the most common protocol, can withstand a 11% error rate. Quantum cloning is one of the most obvious attacks, but not necessarily the best one. Also, as other commenters said, quantum cryptography is only secure if the key is used in a OTP.

Quantum this, Quantum that

[jonaskoelker]

So, we have quantum computers with quantum networks doing quantum cryptography. What's next, buying music with quantum DRM, i.e. the song is both there and not there until the sound card observes it? ;)

Re:

[internerdj]

Don't worry. I'm sure its coming. Which will finally lead to the Recording Industry Association of America versus the People of the United States of America, where we are all sued for the music we both have and don't have on our computer...

Re:

[Belial6]

We already have that. When you make a purchase from the MAFIAA, you both own it and don't own it at the same time.

Re:

[Bishop Rook]

"Provably secure" means exactly that, for the same reason a one-time pad is provably secure.

Not so sercure then

[marcosdumay]

If it rellies on the concept of "trusted relays", it is not really secure. Point to point cryptography can be secure, but when you start to depend on third parties, how can you be sure?

Re:

[Bishop Rook]

...when you start to depend on third parties, how can you be sure?

http://en.wikipedia.org/wiki/Digital_signature [wikipedia.org]

Re:

[david_thornley]

Yeah, but the same crypto that allows digital signatures also allows secure key exchange.

In other words, although this is an impressive achievement, it isn't clear to me that there's any practical application as yet. Particularly when we consider that modern crypto is almost certainly secure, so that intercepting the bits en route is pointless, and that you don't need crypto over a physically secure route.

Quantum computation and communications may well be very useful some year, but 2008 isn't it.

Re:

[Chris Burke]

Yeah, but the same crypto that allows digital signatures also allows secure key exchange.

In other words, although this is an impressive achievement, it isn't clear to me that there's any practical application as yet. Particularly when we consider that modern crypto is almost certainly secure, so that intercepting the bits en route is pointless, and that you don't need crypto over a physically secure route.

There's an application: Distribution of the public keys that make digital signatures and secure priva

Re:

[Sique]

Modern crypto can't warranty the non observation of the signal by a third party.

Re:

[jonaskoelker]

2009: the year of quantum computation and communication on the desktop!

Re:

[marcosdumay]

Ok, that link is so far off that I had to check it in order to know that there isn't some relevant info hidden in it. Turns out that it doesn't.

If you have a cryptography algorithm that depends on thrid parties decoding and reencoding your text, you can't be sure that those third parties won't eveasdrop your plain text. That is simply not secure.

QUantum physics says so.

[jotaeleemeese]

If you try to measure something at quantum level then you mess up with the state of that something.

Or something like that.

Re:

[marcosdumay]

If you try to RTFA, and understand a bit of quantum physics (that part is easy*) you'd have some less vague things to say. In meantime, please, don't relay on qauntum cryptography for anything important, ok.

*That part of quantum mechanics is quite easy to deal with, it is just some trivial algebra. Not to say that quantum mechanics is easy, there are plenty of hard things in it, just not quantum cryptography.

Still vulnerable to MITM

[ThreeGigs]

..." trusted repeater paradigm "...

Okay, so basically you're only 'secure' up to about 30 miles, and that's only if you have a real, honest to goodness, point to point fiber link. Otherwise they're still converting photons to electrons, and making new photons, at the repeaters.

It's no more secure than current fiber, except that you've limited the attack vector and locations to known points, namely the repeaters.

"no cloning" theorem dictates how repeaters work

[Cordath]

Quantum key distribution (QKD) relies on the fact that a single measurement can only reveal partial information about its state. i.e. The same fundamental physical property that makes QKD work also makes it impossible to "read" a photon at a trusted repeater station and then resend an identical copy. This would violate the "no cloning" theorem. Instead, the trusted repeater would have to exchange a key with both the sender and receiver. This obviously requires trust and slows things down, but it's not unreasonable in a European bank network where many banks that both trust each other are physically located within a short distance of each other. (Current QKD is limited to links of distances of about 150 km due to loss in fiber, and the secret key bitrates at these distances are not good.)

End point to end point QKD is possible with what are called quantum repeaters. In this scheme, the repeater station creates single photon pairs and sends them to the adjacent links in the chain. At each link, bell state measurements are performed that create a daisy-chain of entanglement swapping until, ultimately, the sender and receiver at the two ends of the chain are left with an entangled pair that they can use to create a key. In this scheme, the repeaters actually gain no information about the entangled pair that the sender and receiver wind up with, and the sender and receiver are able to detect tampering just as they can with other forms of QKD. The result is a repeater network over which secure communication is possible even if the repeaters are untrusted. The worst case scenario, theoretically, is that the eavesdropper just cuts the line so that communication isn't possible.

This technology works experimentally, but will not be practical until quantum memory (i.e. light storage) becomes practical. The problem is that, without memory, each link in the entanglement chain has to receive photons at the same instant in time. With loss happening randomly in all the links, the probability of this happening is no greater than the probability of a photon traveling directly from the sender to the receiver. Ergo, you gain nothing.

Quantum memory is a hot field of research and several experimental groups have shown promising results using a variety of approaches. In short, QKD will not be limited to trusted relay networks for long.

Re:

[ustolemyname]

Yup, I can see ISP's all over investing money to keep them from doing things with your data.

Brilliant defense against that NSA submarine!

[PolygamousRanchKid]

That NSA submarine that spliced all those cables in the Middle East will never be able to navigate to Vienna. So no taps.

Or do you think the NSA might say: "NSA can't tap cable. NSA smash cable!"

Crypto what?

[gsgriffin]

I fro oen ndo't ese hwta ehty rea klatnig bouta. If hwta ehyt ysa is tuer, hent I cna itrew a emssgea in my nwo ayw dna ouy anc daer it stuj infe. iDd ouy teg tish? Is htat thaw ehty reew yrtnig to sya?

Re:

[DrVomact]

isbor, uor ykes vhae eben ewnz0rd. Efle!

This is old news!

[paniq]

I read about it in a CS paper from a while ago [mit.edu].

GG

[kingsteve612]

all IT professionals now required to have a degree in quantum mechanics. lol at the concept. lol at the BBC. lol at my post because it's rather stupid. good day.

Big milestone

[Vadim Makarov]

I have been there, and can give my impresson. I think, this is a big milestone for quantum cryptography. This has been the most massive and convincing demonstration of the technology up to the date, nothing like any before. Yet, it seems to have received relatively little press attention.

The demonstration was a conclusion of an European project [secoqc.net] in which several tens of research groups collaborated. The main thing it produced are network protocols for a quantum cryptography network. Several months ago, th