Hacker News new | past | comments | ask | show | jobs | submit login
Researchers show how to break quantum cryptography (arstechnica.com)
25 points by llambda on Nov 11, 2011 | hide | past | favorite | 13 comments



When I developed a RSA based application I was worried about quantum computers breaking it (which proved false, I should had worried more about marketing). Now it seems that there is a flaw in quantum cryptography itself, which actually is not a cryptography in classical meaning, but rather a way of securely transmitting data.


Actually you would worry more about incorrectly implemented padding or a side channel attack or something similarly stupid destroying your cryptosystem. Sad, but true.


Side-channels are just another way to "see" what is going on, whether it is on a keyboard, hard-disk, display, videoboard, CPU, bus, controller, etc.

You've got execution time (latency), sounds, radio frequencies, electromagnetic fields, etc. just to cite the 'accidental' leak channels that act as a side-effect of the intended infrastructure.

we're not secure.


You're conflating two different things (quantum computers and quantum cryptography) which just happen to share a basis in quantum effects. An attack on quantum cryptography has nothing whatsoever to do with whether a quantum computer could be used to break conventional encryption.


That's a completely misleading article. They haven't "broken quantum cryptography", nor have they claimed to. Yet again, journalists have mislead the public by claiming overly dramatic things that aren't true in order to sell copy.

Quantum cryptography is completely and fundamentally secure in theory. However, real world devices don't behave quite like their theoretical counterparts, and this can create flaws in real world systems. The idiot journalist did get at least that much right.

A big part of research in quantum crypto these days is finding holes in real-world implementations so that we can build future systems without those holes. Kurtsiefer's group had done just that. He hasn't broken quantum cryptography, he's helped make the real-world implementations of tomorrow more secure. This evolutionary improvement of a technology in its infancy has happened again and again, and idiot journalists insist on reporting that "QUANTUM CRYPTO HAS BEEN BROKEN" every bloody time.

Now, for those of you wondering what good QC is if we can't trust real world implementations, here's the gist of why, even though we'll probably never finish making them better, they're still worth using.

If you send a message via conventional factoring based crypto, like RSA, that message must be viewed as being made public with an undefined delay. Even without quantum computing on the horizon, decryption algorithms are improving at a steady pace and making it possible to crack messages encoded in this way.

For example, look at crypto algorithms like DES that, ten years ago, people thought would take thousands of years to crack given Moore's law growing computational resources. Wide freakin' open now, thanks to improved cracking algorithms. Any message sent via classical channels can be copied without your knowledge, so any message you sent via DES ten years ago could be decrypted and in anyone's hands without your knowledge. The same thing is true of anything you send via public key encryption today. Fortunately for most of us, the information we usually send is only sensitive for a limited period of time. Who cares if your credit card number is decoded in ten years? You'll have a new one.

Anyone with long-term sensitive transmissions to make has to look at other methods of encryption. That's why quantum crypto has early adopters. Now, say a hole is found in one of these early adopters systems. Are they screwed? Is the cat out of the bag? No. Thanks to how quantum cryptography works, there is no possible copy of the transmission that could be cracked with technology developed later in time, as is the case with public key encryption. Attacks on quantum systems have to work at the time the message is sent. If a flaw in the system was not known and an eavesdropper not present and taking advantage of it at the time a message was sent, it will be secure for all time. That's the difference. Public key encryption is secure for a while. Quantum encryption is secure for all time.


_For example, look at crypto algorithms like DES that, ten years ago, people thought would take thousands of years to crack given Moore's law growing computational resources._

Whitfield Diffie proposed triple DES in 1975 (even before the FIPS was published), because it was obvious even then that a 56 bit key would not be sufficient for long term security against attackers with serious financial/technological resources. EFF's Deep Crack broke a DES key in less than a day 13 years ago. The AES selection process started in 1998, and a winner finalized in 2001. I'm not sure where you're getting your history from here.


Also, I believe a good portion of the cryptosystems around DES's time were intentionally crippled to meet export restrictions so that they were not classed as munitions. So it would not be so much to say that the cyphers were weak insomuch as they were defective by design.


For example, look at crypto algorithms like DES that, ten years ago, people thought would take thousands of years to crack given Moore's law growing computational resources. Wide freakin' open now, thanks to improved cracking algorithms. Any message sent via classical channels can be copied without your knowledge, so any message you sent via DES ten years ago could be decrypted and in anyone's hands without your knowledge.

I think your history is incorrect. See this: http://en.wikipedia.org/wiki/Key_size#Symmetric_algorithm_ke...

People were unhappy with 56 bits right off the bat in 1977. There were export-control restrictions. Some people believed NSA had on purpose degraded the key-size. People were thinking of getting around DES in the early 90s itself. First triple DES (for backwards compatibility) and now AES.


Very interesting, i'd like to see what physics hacks they end up using to patch this.


You can say it even louder, but I fear people won't hear. I heard it almost a half year ago, but the real news that Quantum Cryptography "can" be broken is a lot older.

Adding more randomness doesn't add more security, but just another shadow layer.

We know SSL and TLS are broken as well as the Certificate Authorities have been invaded long time ago, even if most people don't accept the truth yet.

Could happen in your Startup too:

a: Let's use SSL!

b: Why?

a: Because people trust us more then.

b: Isn't that a lie? I mean SSL isn't secure.

a: But it works! People believe it, when we believe it.

"c: Live in your Dreamworld, until it collapses! :( Sad."

RSA/DSA/MD5 and other hashing and encryption algorithms are broken or unreliable. We know that increasing the time needed to crack something doesn't make it more secure, but obscures security and reliance on that technology.

You still see large scale websites getting hacked, just because of stupid code injections or exploits. The experience is even worse in the crypto side, you'd cry, if you knew how bad the situation actually is.

One thought. Develop your own, if you can. But that puts you into the radar of Curious Goverments.


"One thought. Develop your own, if you can. But that puts you into the radar of Curious Goverments."

I know this tone is discouraged on Hacker News, but if anything deserves it, this does.

You have no clue what you're saying. I know shit all about cryptography, but knowing shit all is a far cry better than thinking it's even remotely possible to be secure when you design your own crypto-sytem. That doesn't put you on the radar of Curious Governments. It puts you in the sight of script-kiddies.


Are you insane?


I think that was written by an experimental robot, like the automated sports coverage that StatSheet generates.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: