QC Hype Watch: Quantum cryptography gets practical

Tyler Durden camera_lumina at hotmail.com
Thu Sep 30 17:12:08 PDT 2004


What's a "quantum repeater" in this context?

As for "Hype Watch", I tend to agree, but I also believe that Gelfond (who I 
spoke to last year) actually does have a 'viable' system. Commerically 
viable is another thing entirely, however.

-TD



>From: "R. A. Hettinga" <rah at shipwright.com>
>To: cryptography at metzdowd.com, cypherpunks at al-qaeda.net
>Subject: QC Hype Watch: Quantum cryptography gets practical
>Date: Thu, 30 Sep 2004 17:39:24 -0400
>
><http://www.computerworld.com/printthis/2004/0,4814,96111,00.html>
>
>  - Computerworld
>
>
>  Quantum cryptography gets practical
>
>  Opinion by Bob Gelfond, MagiQ Technologies Inc.
>
>
>
>
>
>   SEPTEMBER 30, 2004  (COMPUTERWORLD)  -  In theory and in labs, quantum
>cryptography -- cryptography based on the laws of physics rather than
>traditional, computational difficulty -- has been around for years.
>Advancements in science and in the world's telecommunications
>infrastructure, however, have led to the commercialization of this
>technology and its practical application in industries where high-value
>assets must be secure.
>
>  Protecting information today usually involves the use of a cryptographic
>protocol where sensitive information is encrypted into a form that would be
>unreadable by anyone without a "key." For this system to work effectively,
>the key must be absolutely random and kept secret from everyone except the
>communicating parties. It must also be refreshed regularly to keep the
>communications channel safe. The challenge resides in the techniques used
>for the encryption and distribution of this key to its intended parties to
>avoid any interception of the key or any eavesdropping by a third party.
>
>  Many organizations are advancing quantum technology and bringing it
>outside academia. Research labs, private companies, international alliances
>such as the European Union and agencies such as the Defense Advanced
>Research Projects Agency are investing tens of millions of dollars in
>quantum research, with projects specifically focused on the challenge of
>key distribution.
>
>  The trouble with key distribution
>
>Huge investment in the late 1990s through 2001 created a vast
>telecommunications infrastructure resulting in millions of miles of optical
>fiber laid across the country and throughout buildings to enable high-speed
>communications. This revolution combined a heavy reliance on fiber-optic
>infrastructure with the use of open network protocols such as Ethernet and
>IP to help systems communicate.
>
>  Although this investment delivers increased productivity, dependence on
>optical fiber compounds key distribution challenges because of the relative
>ease with which optical taps can be used. With thousands of photons
>representing each bit of data traveling over fiber, nonintrusive, low-cost
>optical taps placed anywhere along the fiber can siphon off enough data
>without degrading the signal to cause a security breach. The threat profile
>is particularly high where clusters of telecommunications gear are found in
>closets, the basements of parking garages or central offices. Data can be
>tapped through monitoring jacks on this equipment with inexpensive handheld
>devices. This enables data to be compromised without eavesdroppers
>disclosing themselves to the communicating parties.
>
>  Another important aspect of this problem is the refresh rate of the keys.
>Taking large systems off-line to refresh keys can cause considerable
>headaches, such as halting business operations and creating other security
>threats. Therefore, many traditional key-distribution systems refresh keys
>less than once per year. Infrequent key refreshing is detrimental to the
>security of a system because it makes brute-force attacks much easier and
>can thereby provide an eavesdropper with full access to encrypted
>information until the compromised key is refreshed.
>
>  Adding quantum physics to the key distribution equation
>
>Companies are now in a position to use advancements in quantum
>cryptography, such as quantum key distribution (QKD) systems, to secure
>their most valued information. Two factors have made this possible: the
>vast stretches of optical fiber (lit and dark) laid in metropolitan areas,
>and the decreasing cost in recent years of components necessary for
>producing QKD systems as a result of the over-investment in
>telecommunications during the early 2000s.
>
>  Based on the laws of quantum mechanics, the keys generated and
>disseminated using QKD systems have proved to be absolutely random and
>secure. Keys are encoded on a photon-by-photon basis, and quantum mechanics
>guarantees that the act of an eavesdropper intercepting a photon will
>irretrievably change the information encoded on that photon. Therefore, the
>eavesdropper can't copy or read the photon -- or the information encoded on
>it -- without modifying it, which makes it possible to detect the security
>breach. In addition to mitigating the threat of optical taps, QKD systems
>are able to refresh keys at a rate of up to 10 times per second, further
>increasing the level of security of the encrypted data.
>
>  Not for everyone
>
>Quantum key distribution systems aren't intended for everyday use: You
>won't find a QKD system in the home office anytime soon. One reason is that
>a QKD system requires a dedicated fiber-optic line. Also, because the loss
>of photons over longer distances, these systems have current distance
>limitations of approximately 120 kilometers (nearly 75 miles) which is
>common with optical infrastructure equipment. Quantum repeaters are under
>development to extend that range much farther. Finally, the end points of
>these QKD systems must reside in secure locations. However, since they are
>tamper-proof, if attempts are made to compromise them, they will stop
>running or fire off an alarm, thus ensuring ultimate information 
>protection.
>
>  The practical development of QKD systems has made them applicable for a
>number of industries such as financial services, biotech and
>telecommunications along with government sectors such as intelligence and
>the military. They don't require a physicist or an engineer to administer
>them. These appliances fit in standard racks, plug into existing networks,
>and are reliable around the clock. QKD systems interoperate with security
>standards such as IPsec-based VPNs providing an added layer of security to
>networks.
>
>  Ask the right questions
>
>As you look for better ways to protect your company's most important
>information, QKD may be an option. However, be sure you understand the
>strengths and drawbacks of quantum key distribution by asking the right
>questions:
>
>	1.  	 What does your organization's security policy say about the
>threat profile for high-value assets?
>
>	2.  	How frequently are your encryption keys changed and by what method?
>
>	3.  	What is the total cost of ownership for QKD products? Are there
>additional costs in support and training?
>
>	4.  	Are your competitors implementing QKD systems?
>
>	5.  	What infrastructure requirements must be met?
>
>	6.  	What personnel/staffing levels are required?
>
>	7.  	How does this QKD system work with existing cryptography systems?
>
>	8.  	What are the distance limitations of this system?
>
>QKD isn't an everyday desktop tool, but the technology makes sense for
>those organizations that have the resources and the capacity to use it
>effectively.
>
>  Bob Gelfond is founder and CEO of MagiQ Technologies Inc., a vendor of
>quantum information processing services and products in New York.
>
>
>
>
>
>
>
>
>
>Additional Content
>
>  White Papers
>
>
>  Read up on the latest ideas and technologies from companies that sell
>hardware, software and services.
>
>
>View all whitepapers
>Research Report
>
>  This IDC white paper demonstrates growth in value of distributed
>applications accessed over the Web, especially for eCommerce applications,
>and analyses the requirements needed for performance management of
>distributed applications in today's complex heterogeneous environments.
>  Distributed Applications Performance Management: The VERITAS i3 Approach
>
>
>Featured Webcast
>
>
>Network Computing Web Event
>  See the latest innovations, including Sun servers and workstations based
>on AMD Opteron[tm], new Sun StorEdge[tm] solutions, and breakthrough
>technologies in Solaris[tm] 10.
>
>
>
>
>
>Sponsored Links
>
>A smart plan for assuring application quality:    New webcast from 
>Compuware
>Distributed Applications Performance Management: The VERITAS i3 Approach
>   Download this free white paper from IDC
>
>
>
>Enterprise Solutions for Federal Government     An IT infrastructure starts
>with robust technology.
>
>
>
>
>The IP migration    A wake-up call
>
>
>
>Enterprise Grid Alliance    Helping make grid computing work for you
>
>About Us Contacts Editorial Calendar Help Desk Advertise  Privacy Policy
>
>
>
>
>
>
>
>  Copyright ) 2004 Computerworld Inc. All rights reserved.  Reproduction in
>whole or in part in any form or medium without express  written permission
>of Computerworld Inc. is prohibited. Computerworld and Computerworld.com
>and the respective logos are trademarks of International Data Group Inc.
>
>
>
>
>--
>-----------------
>R. A. Hettinga <mailto: rah at ibuc.com>
>The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
>44 Farquhar Street, Boston, MA 02131 USA
>"... however it may deserve respect for its usefulness and antiquity,
>[predicting the end of the world] has not been found agreeable to
>experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

_________________________________________________________________
Dont just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/





More information about the cypherpunks-legacy mailing list