Debunking the Hype: The Truth About Quantum Cryptography

In summary, quantum cryptography is not really new or revolutionary. It uses the same mathematical concepts as traditional encryption, and there are some problems with the hardware used in the technology. However, there are enough commercial and military interest to fund to a lot of research in this area, and it is likely that we will see at least some real world applications of this technique in the future.
  • #1
MrGamma
36
0
I am extremely skeptical about quantum cryptography. First all of the articles I have read about the technology use the same mathematical concepts to encrypt and decrypt a message.

Nothing about quantum cryptography actually changes physical characteristics of math. That is obvious.

There have been mentions that the act of eavesdropping could never happen either which is more absolute ********. A man in the middle attack is a man in the middle attack regardless. Relaying a message after interception does not change the physical properties of the message in a public key encryption system.

In fact... I know of no "eavesdroppers" in the current world of encryption/decryption hacks. You cannot watch a message going by without actually intercepting it. There is nothing that I can even begin to accept as a possible reality about this supposed new cryptography.

I think it's total hype and am ready to call it a flat out con. Can anybody tell me otherwise?
 
Physics news on Phys.org
  • #2
It does work in what it claims to do - but the problem it solves isn't really a problem and the things that currently are a problem it doesn't solve!

About the only thing it stops is you bending a fibre to leak some of the signal - which in the real world nobody is going to bother doing.
 
  • #3
MrGamma said:
I am extremely skeptical about quantum cryptography. First all of the articles I have read about the technology use the same mathematical concepts to encrypt and decrypt a message.

Nothing about quantum cryptography actually changes physical characteristics of math. That is obvious.

It is important to understand that QC is not really just a mathematical algorithm: it is a set of methods/techniques that when combined allow us to prevent (well, at least detect) eavesdropping. The methods involve not only the algorithm (of which there are several) but also the "hardware"; i.e. the equipment used to produce/detect single photons, entangle them etc. QC is only 100% safe if both the "software" (the algorithm) and the hardware works (and there is a mathematical proof showing that it IS really 100% secure, unless there is fundamental flaw in our understanding of QM).
At present the main problem is the hardware, mainly problems with the reliability of single photon generators. Hence, the math is not really the problem.

But mgb_phys is right in saying that QC is not really solving a serious problem since current encryption algorithms are very good and optical fibres easy to protect.
That said. there is enough commercial/military interest to fund to a lot of research in this area, and it is likely that we will see at least some real world applications of this technique.

I suspect that the "killer app" will be satellite communication where eavesdropping is obviously an issue; you can protect a fibre but it is not as easy to protect a laser beam that is being used to send/transmit information to a satellite.
Satellite communication using QC was demonstrated a few months ago.
 
  • #4
Even with the correct hardware QC doesn't protect you from man in the middle.
It does stop you detecting leaked radiation from the fibre but it doesn't stop me cutting the fibre and installing the same brand of QC receiver the other party is using.
You then send a perfectly quantum encrypted buy order for MS stock, I intercept using my identical CISCO grunt-meister 4000 and then transmit a perfectly quantum encrypted buy order for Ford stock to the original destination.
To stop this you have to use public key encryption (as in SSL) but if you are suing PKI and strong encryption you really don't the Quantum stuff.

Remember as well that any interaction with the photon destroys the quantum properties so it cannot go through any kind of repeater, booster amplifier or switch - which rather limits it's applications.
 
  • #5
mgb_phys said:
It does stop you detecting leaked radiation from the fibre but it doesn't stop me cutting the fibre and installing the same brand of QC receiver the other party is using.

I assume you are now assuming that the sender has no way of identifying the sender/receiver, i.e. Eve "pretends" to be the receiver/transmitter by faking the contents of the messages; i.e. it is an "active" attack.
Otherwise this would just be a standard intercept/resend attack which all standard QC protocols (BB84 etc) will protect you from; there is no way of breaking a QC protocol by simply "passively" resending information.
 
  • #6
Yes - that's what I was saying, you need to do authentication in exactly the same way as any other comms. The pitch that QC magically protects you from any interception of the message is false.
 
  • #7
I read a little bit of my own, and from what I read what humans can do is only simulate quantum cryptography which will be still classical, eventually it should break to 0 or 1, and not undecided.
 
  • #8
AFAIK the only protection, even in principle, to a man in the middle attack is some form of a shared secret.
 
  • #9
As long as there countries on Earth fighting each other, here is always scope for higher security.
Remember, after the Diffie-Hellman algo was published, the British secret agency announced they had invented in earlier, but it was kept as a classified secret.
 
  • #10
There is always a need for higher security, although the driver is often money rather than military.

QC only protects you against eavesdropping for a particular technical definition of eavesdropping. It doesn't protect you from any real world interception. But it is being sold on that basis to gullible businesses and hopefully less gullible national security agencies. It's like a bank having a problem with forged notes and deciding the solution is to have stronger armored cars.

Ironically keeping encryption algorithms secret is the worst thing to do. GCHQ didn't keep public key secret to stop people cracking it , they kept it secret because the idea was useful and they didn't want anyone else to use it. The actual algorithms used to secure secret data are all published and result from open competition.
 
  • #11
mgb_phys said:
Even with the correct hardware QC doesn't protect you from man in the middle.
It does stop you detecting leaked radiation from the fibre but it doesn't stop me cutting the fibre and installing the same brand of QC receiver the other party is using.

QC would only be used to transmit the key, hence if you cut the fibre and try and transmit false data as you suggest your encryption will not match what the recipient expects (the result will be garbage) and this will be detected.

Similarly even if you manage to acquire the data by cutting the fibre and listening it will be meaningless to you as it will be encrypted.

It is not true to say that QC is trying to solve a problem that "Isn't there". Key transmission is the major issue with security today and QC eliminates it, hence 100% secure.
 
  • #12
The problem with key exchange is knowing that the person sending you their public key is knowing that they are who they claim they to be.
Alice transmits her public key to Bob over quantum fibre, Carol is in the middle.
Carol received a perfectly quantum encrypted public key from Alice, and sends her own to Bob who assumes it comes from Alice. Must be valid 'cos it's quantum!

There are ways around this with web-of-trust etc, but they work just as well if you comms channel is carrier pigeons.
 
  • #13
Can't you get around that with synchronization? if Alice transmits to Bob at an agreed time, for carol to receive and retransmit causes a time delay.
 
  • #14
How would you agree the timing between Alice and Bob without Carol intercepting the message and telling Bob the wrong time?
 
  • #15
Via the classical channel..

Clearly if Carol intercepts both the classical and quantum channels and completely pretends to be Bob then yes, QC will not work. However this seems like an unlikely scenario. Nowadays keys are often carried by channels such as courier, which is the major risk.
 
  • #16
I think it's very obvious that Quantum Cryptography should be renamed Quantum Communications or Transmission.

Encryption is mathematical. To call it anything else is a gimmick which borders fraudulent. Jmo

How would you agree the timing between Alice and Bob without Carol intercepting the message and telling Bob the wrong time?

That would require sync. I am not entirely sure you could achieve synchronized transmission with the internet. It was never designed to be that way. Everything is relayed through any number proxies, caches or hardware devices which are ready to drop the transmission and "retry" should a packet drop.

If synchronization is the key component to the security technology in question the connection would have to be non-susceptible to any sort of natural interference in order to "detect" an eavesdropper. The connection would have to be 100% reliable and secure at all times to "catch" somebody otherwise you would spend all your days chasing ghosts...

This technology does not rely on the Quanta... it relies on a new system of cables, hardware devices, ect... the benefits are still questionable after all the money is spent too. The real problem isn't with encryption.

What about "man in the middle" keystroke recorders?
 
Last edited:
  • #17
Agreed!

I think it's a stretch to call it a "flat out con" as the OP has done. Certainly it is safer than using courier to transmit keys and has the potential to be cheaper if used in economies of scale.

Also, a lot of the research done in this field has the potential to be used in other areas.

So my (moderately informed) view: yes, possibly too much hype, but far from a con.
 
  • #18
jbunten said:
I think it's a stretch to call it a "flat out con" as the OP has done.

If I began selling solar powered cars which were instead batteries that were manufactured and charged independent of the car, a new fuel cell being required to be purchased from the manufacturer after each battery was expended.

Would you call it a con?

Encryption is mathematical. It is a poor choice of terminology which very deceptively attempts to use another technology to solve a problem which it doesn't.

If I sold cars and called them non-rechargeable battery powered cars. Then would you accept it for exactly what it is and look to spend your money elsewhere?

Maybe calling it a con is too harsh. In any event... no advancements in cryptography have been made. It should be renamed to a communications/transmissions technology as that is what it is. jmo...

For real world purposes... highly impractical as well. For the Pentagon? I would think otherwise if British civilians hadn't recently breached their security by means of the internet. If the Pentagon needs a "closed circuit" security system, make one. You don't need to re-engineer the planet as the security system itself, as a whole, would by no means be more secure. It's transmission might be more reliable however.

http://www.betanews.com/article/Bri...Pentagon_may_finally_be_sent_to_US/1217449901

This appears to be another non-related attack...

http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article1972216.ece

Debatable if this attack is a true statement...

http://www.ft.com/cms/s/0/9dba9ba2-5a3b-11dc-9bcd-0000779fd2ac.html

Additional proof that security does not lie in the quanta, but within all the in-between steps. ;)
 
Last edited:
  • #19
It's difficult to say what breakthroughs will be made and how the practicality will evolve but yes I agree that in it's current state the applications are limited.

I'd expect banks to be more interested in this to be honest. If a multi-billion dollar organisation was given the opportunity to add a tiny bit of security for a few millions they certainly would.

I'm not surprised that the pentagon has lax security by the way ;)
 
  • #20
jbunten said:
I'd expect banks to be more interested in this to be honest. If a multi-billion dollar organisation was given the opportunity to add a tiny bit of security for a few millions they certainly would.
Only if they are losing money because of intercepted communications by somebody that has broken AES.
It would cost a lot more than millions because you need a single point-point link, no switches/routers etc. It would have been useful for TJMAX losing all those credit card numbers from the wifi link between it's buildings - but turning on the WPA option on a $20 Dlink would have been enough.
I'm not surprised that the pentagon has lax security by the way ;)
It's not clear what 'hacked into pentagon' means - the web site, the payroll, the 100s of contractor/service systems.
Generally systems are classifed for secure work or connected to the internet but not both. You have to have two machines on your desk. Of course this doesn't stop directors taking secure laptops home and letting their kids play online games on them.
 
  • #21
mgb_phys said:
Only if they are losing money because of intercepted communications by somebody that has broken AES.

But in that case QC would be completely useless! It still relies on AES/other standard down the classical channel.

No actual encrypted data will be transmitted via the quantum channels as photons/entangled pairs.

The whole point is that the private key being used is secure, presentley leak of the private key is the major security risk. If the point-to point communications become viable financially then banks would be interested, A bank like HSBC with branches all over the place: the possibility of transmitting keys securely across the Atlantic is appealing.

Your original point of the attacker intercepting and transmitting down the classical channel and also intercepting and transmitting down the Q Channel is theoretically possible but represents several increments in order of magnitude of the attack.

We shall have to wait and see.
 
  • #22
MrGamma said:
What about "man in the middle" keystroke recorders?

That is not a concern of the protocol. The protocol (ie something like BB84) promise that if Eve is trying to eavesdrop on the transmitted data, this will be known to Alice and Bob. There are a million things that can be done OUTSIDE the protocol (like keystroke recorders, blackmailing Alice, and so on) but those are other concerns.

k
 
  • #23
kenewbie said:
That is not a concern of the protocol. The protocol (ie something like BB84) promise that if Eve is trying to eavesdrop on the transmitted data, this will be known to Alice and Bob. There are a million things that can be done OUTSIDE the protocol (like keystroke recorders, blackmailing Alice, and so on) but those are other concerns.

k
Yes... Looking back I realize that was a rather stupid remark. I still think it is unfair to label the technology with the term encryption. It is a transmission technology.

It is not so much an algorithm but rather a technique to transfer information.

To me... it is the equivalent of setting up two microwave towers which communicate with each other, and then saying "hey look... the data uses special microwave encryption technology"

If a bird fly's in front of the two towers and some drop out occurs... call it is eavesdropping detection and abort the transmission. Start Over...I found this article however... Seems like the experts have similar doubts...

www.vnunet.com/vnunet/news/2228487/schneier-quantum-cryptography[/URL]
 
Last edited by a moderator:

1. What is quantum cryptography?

Quantum cryptography is a method of secure communication that uses the principles of quantum mechanics to encrypt and decrypt messages. It involves the use of quantum bits (qubits) to transmit information in a way that is virtually impossible to intercept or decipher without being detected.

2. How does quantum cryptography work?

Quantum cryptography works by exploiting the principles of quantum mechanics, specifically the phenomena of superposition and entanglement. In this method, the sender (Alice) and the receiver (Bob) use a shared encryption key made up of entangled qubits. Any attempt to intercept or measure these qubits will cause them to change, alerting Alice and Bob to the presence of an eavesdropper. This ensures the security of the communication channel.

3. Is quantum cryptography completely secure?

No encryption method is completely secure, including quantum cryptography. However, it is currently considered the most secure method of communication available. The use of quantum mechanics makes it extremely difficult for an eavesdropper to intercept or decipher the encrypted message without being detected.

4. Can quantum cryptography be hacked?

It is highly unlikely that quantum cryptography can be hacked. The use of quantum mechanics and the detection of any attempted interception make it extremely difficult for an eavesdropper to successfully hack into the communication channel. However, as with any technology, there is always a possibility of vulnerabilities being discovered and exploited.

5. What are the potential applications of quantum cryptography?

Quantum cryptography has the potential to revolutionize secure communication in various fields. Some potential applications include secure communication for government, military, and financial institutions, secure transmission of sensitive personal information, and secure data transfer in the field of healthcare and research.

Similar threads

I Hossenfelder: Delayed Choice Quantum Eraser, Debunked?
    • Quantum Physics
Replies
3
Views
1K
I Questions about QFT and the reality of subatomic particles
    • Quantum Interpretations and Foundations
Replies
6
Views
1K
Physics Opinions about a career path in quantum computing
    • STEM Career Guidance
Replies
11
Views
706
Implications of communication through quantum entanglement
    • Sci-Fi Writing and World Building
Replies
3
Views
2K
I Physical Universe vs. Simulated Universe
    • Quantum Interpretations and Foundations
Replies
3
Views
972
Quantum entanglement and communication
    • Quantum Physics
Replies
18
Views
3K
B QFT & QM Questions (about time, locality, gravity, etc.)
    • Quantum Physics
Replies
6
Views
1K
I Black Hole Fire Walls, Brick Walls, and the Casimir Effect
    • Quantum Physics
Replies
6
Views
767
A Loophole-free test of local realism via Hardy's violation
    • Quantum Interpretations and Foundations
2
Replies
37
Views
1K
How to debunk new age Quantum physics crankery
    • Quantum Physics
Replies
12
Views
4K

Hot Threads

Recent Insights

Back
Top