"R.A. Hettinga" <rah@shipwright.com> wrote:
Kish and his collaborators at the University of Szeged in Hungary say this can be used to securely pass information, or an encryption key, down any wire, including a telephone line or network cable. In their device, both the sender Alice and the receiver Bob have an identical pair of resistors, one producing high resistance, the other low resistance. The higher the total resistance on the line, the greater the thermal noise.
Both Alice and Bob randomly choose which resistor to use. A quarter of the time they will both choose the high resistor, producing a lot of noise on the line, while a quarter of the time they will both choose the low resistor, producing little noise. If either detect a high or a low amount of noise in the line, they ignore any communication.
Sounds like a practical secure implementation of this will be very difficult. Consider that if Alice and Bob do not perfectly synchronize the resistor transitions, there will be a window in which an attacker will see a line that is unterminated at one end. It's trivially easy in this case to determine the resistance that has already been connected to the line, and with proper equiment (e.g., TLP) it would also be possible to determine which end of the line is unterminated. Those two pieces of information uniquely determine one bit of the key. Or how about this: if the resistors are not perfectly matched, there is a difference in resistance when Alice chooses low versus when Bob does, leaking key information. Beyond that, resistor properties change over time, which requires that Alice and Bob calibrate their resistors to one another on a regular basis. Any such calibration step gives Mallory yet another way of corrupting the protocol. I'm sure that at least some of these concerns are addressed, but I'd be gravely concerned about a system where at the end of the day you're relying on the hope that you have timed and calibrated everything to better than the enemy's sensing noise floor. -=rsw