Oops. You're right. It's been a while. Both photons are not utilized, but there's a Private channel and a public channel. As for MITM attacks, however, it seems I was right more or less by accident, and the collapsed ring configuration seen in many tightly packed metro areas (where potential customers of Quantum Key Exchange reside) does indeed make such attacks much easier. Come to think of it, an intruder that were able to gain access to a CO without having to notify the public (Patriot Act) should easily be able to insert themselves into a QKE client's network and then do whatever they want to (provided, of course, they have the means to crack the 'regular' encryption scheme used to encode the bits--NSA). Which means that, should a $75K/year NSA employee want to strike it really, really rich, they'd be able to procure advanced notice of any mergers/acquisition deals. -TD
From: Dave Howe <DaveHowe@gmx.co.uk> To: Tyler Durden <camera_lumina@hotmail.com> Subject: Re: Quantum cryptography gets "practical" Date: Wed, 06 Oct 2004 11:26:32 +0100
An interesting thing to think about is the fact that in dense metro areas, you pretty much have a "star" from the CO out to a premise (which is the cause of deployment of "Collapsed SONET Rings"). This means the other photon of your encrypted pair might easily pass through the same CO somewhere, which would make the system suscpetible to a sort of man in the middle attack. Or at least, your fancy quantum crypto system has defaulted back to standard crypto in terms of its un-hackability. Unless I am mistaken as to the Quantum Key Exchange process, only one
Tyler Durden wrote: photon is ever transmitted, with a known orientation; the system doesn't use entanglement AFAIK. I note also that, as QKE is *extremely* vulnerable to MitM attacks, a hybrid system (which need only be tactically secure, not strategically secure) can be used to "lock out" a MitM attacker for long enough that his presence can be detected, without having to resort to a classical but unblockable out of band data stream. I think this is part of the purpose behind the following paper: http://eprint.iacr.org/2004/229.pdf which I am currently trying to understand and failing miserably at *sigh*
Moral of this story is, even if this thing is useful, you'll probably have a very hard time finding a place it can be deployed and still retain its "advantages". I have yet to see an advantage to QKE that even mildly justifies the limitations and cost over anything more than a trivial link (two buildings within easy walking distance, sending high volumes of extremely sensitive material between them)
-TD
From: Dave Howe <DaveHowe@gmx.co.uk> To: Email List: Cryptography <cryptography@metzdowd.com>, Email List: Cypherpunks <cypherpunks@al-qaeda.net> Subject: Re: QC Hype Watch: Quantum cryptography gets practical Date: Tue, 05 Oct 2004 17:48:30 +0100
R. A. Hettinga wrote:
Two factors have made this possible: the vast stretches of optical fiber (lit and dark) laid in metropolitan areas,
which very conveniently was laid from one of your customers to another of your customers (not between telcos?) - or are they talking only having to lay new links for the "last mile" and splicing in one of the existing dark fibres (presumably ones without any repeaters on it)
_________________________________________________________________ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
_________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee. Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963