Quantum cryptography gets "practical"

[Tyler Durden]

Oops. You're right. It's been a while. Both photons are not utilized, but 
there's a Private channel and a public channel. As for MITM attacks, 
however, it seems I was right more or less by accident, and the collapsed 
ring configuration seen in many tightly packed metro areas (where potential 
customers of Quantum Key Exchange reside) does indeed make such attacks much 
easier.

Come to think of it, an intruder that were able to gain access to a CO 
without having to notify the public (Patriot Act) should easily be able to 
insert themselves into a QKE client's network and then do whatever they want 
to (provided, of course, they have the means to crack the 'regular' 
encryption scheme used to encode the bits--NSA).

Which means that, should a $75K/year NSA employee want to strike it really, 
really rich, they'd be able to procure advanced notice of any 
mergers/acquisition deals.

-TD






>From: Dave Howe <DaveHowe at gmx.co.uk>
>To: Tyler Durden <camera_lumina at hotmail.com>
>Subject: Re: Quantum cryptography gets "practical"
>Date: Wed, 06 Oct 2004 11:26:32 +0100
>
>Tyler Durden wrote:
>>An interesting thing to think about is the fact that in dense metro areas, 
>>you pretty much have a "star" from the CO out to a premise (which is the 
>>cause of deployment of "Collapsed SONET Rings"). This means the other 
>>photon of your encrypted pair might easily pass through the same CO 
>>somewhere, which would make the system suscpetible to a sort of man in the 
>>middle attack. Or at least, your fancy quantum crypto system has defaulted 
>>back to standard crypto in terms of its un-hackability.
>   Unless I am mistaken as to the Quantum Key Exchange process, only one 
>photon is ever transmitted, with a known orientation; the system doesn't 
>use entanglement AFAIK.
>   I note also that, as QKE is *extremely* vulnerable to MitM attacks, a 
>hybrid system (which need only be tactically secure, not strategically 
>secure) can be used to "lock out" a MitM attacker for long enough that his 
>presence can be detected, without having to resort to a classical but 
>unblockable out of band data stream.  I think this is part of the purpose 
>behind the following paper:
>http://eprint.iacr.org/2004/229.pdf
>which I am currently trying to understand and failing miserably at *sigh*
>
>>Moral of this story is, even if this thing is useful, you'll probably have 
>>a very hard time finding a place it can be deployed and still retain its 
>>"advantages".
>I have yet to see an advantage to QKE that even mildly justifies the 
>limitations and cost over anything more than a trivial link (two buildings 
>within easy walking distance, sending high volumes of extremely sensitive 
>material between them)
>
>
>>
>>-TD
>>
>>
>>>From: Dave Howe <DaveHowe at gmx.co.uk>
>>>To: Email List: Cryptography <cryptography at metzdowd.com>,        Email  
>>>List: Cypherpunks <cypherpunks at al-qaeda.net>
>>>Subject: Re: QC Hype Watch: Quantum cryptography gets practical
>>>Date: Tue, 05 Oct 2004 17:48:30 +0100
>>>
>>>R. A. Hettinga wrote:
>>>
>>>>Two factors have made this possible: the
>>>>vast stretches of optical fiber (lit and dark) laid in metropolitan 
>>>>areas,
>>>
>>>which very conveniently was laid from one of your customers to another of 
>>>your customers (not between telcos?) - or are they talking only having to 
>>>lay new links for the "last mile" and splicing in one of the existing 
>>>dark fibres (presumably ones without any repeaters on it)
>>
>>
>>_________________________________________________________________
>>On the road to retirement? Check out MSN Life Events for advice on how to 
>>get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>>
>>
>

_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfee. 
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963