digg

Facebook Connect Join Digg About

Can there be "unbreakable" encryption? NIST says they've done it

scientificblogging.com In the internet age, when 120,000,000 smart people on Digg can see an article about your technology, it takes some real courage to use the term "unbreakable", but the guys at NIST are doing just that. They say they have a system that can perform an unbreakable encryption, transmission and decryption of a video signal in real time over long range

Who dugg this? Made popular Jun 10, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

134 Comments

show profanity settings
expand all
  • robbh66, on 10/11/2007, -8/+129not just 120,000,000 people on digg, but *smart* people?

    The author obviously hasn't been around here long...
  • tyler9xp, on 10/11/2007, -4/+71120 million smart diggers? Obviously the author of this article isn't one of them.
  • fkr3, on 10/11/2007, -7/+63"In the internet age, when 120,000,000 smart people on Digg"

    So we've got 20 years to wait?

    At the moment there's probably only 20,000 active members, and only 11 are smart. The casual visitors may seem smarter but judging by the retards who eventually join, they may be dumber than they appear.
  • cactus476, on 10/11/2007, -9/+64If by "unbreakable" they mean will take trillions of years to crack, then yes.

    But if "unbreakable" means unbreakable, then they are stupid as *****.
  • mazza558, on 10/11/2007, -7/+49Digital Fortress anyone?
  • tbo0, on 10/11/2007, -0/+38Disclaimer: I'm a physicist who studies quantum key distribution.

    There are two key things going on here:

    1) Secure distribution of a key (string of binary bits) via quantum key distribution (QKD).
    2) Encryption of a message (a video signal, in this case) using one-time pad (OTP) encryption with the key from (1).

    What the NIST team is announcing is QKD with a much higher key rate than before, which, since OTP requires the key to be the same length as the message, means essentially faster encryption throughput.

    Of those, (2) is completely and provably unbreakable, as long as you keep the key safe, the key is random, and you never re-use it. The reason for this is that, given a particular n-bit ciphertext, there are just as many possible keys (2^n) as there are potential plaintexts (2^n). If you try to brute-force it, you'll get every possible n-bit string and have no way of knowing which one was the real plaintext.

    QKD (1) is "unbreakable" only if the basic principles of quantum mechanics are more or less correct. Before you jump on this and say that we've been wrong before about the laws of physics, keep in mind that past "wrong" theories are usually actually approximately right, whereas we'd have to be very wrong about some of quantum mechanics' most basic principles for QKD to not work. Quantum mechanics is perhaps the best-tested theory known to mankind, so this is a much safer thing to base a cryptosystem on than, say, the difficulty of factoring large numbers.

    A few other posters have tried to explain how QKD works. The basic idea is that you generate and send a random* bit string encoded in photons or some other "quantum bits" (qubits). The laws of quantum mechanics guarantee that you can detect any attempt by an eavesdropper to measure those bits. You discard the "overheard" bits, and the remaining bits form your key. One thing others left out is that you need a way to authenticate the traffic over your classical channel (which need not be secret, but must not be altered), or else an attacker can interpose himself on both the classical and quantum channels, and perform a man-in-the-middle attack. Authentication can be performed with a small shared secret key. This sounds like a big problem for a key distribution system, and it is, but the point of all this is that you can start with a small key, and, using QKD, generate an exponentially-larger key with perfect security (assuming correctness of quantum mechanics).

    * (for those who realize the difficulty of generating truly random numbers, you'll be happy to know quantum mechanics can also help with that)

    All this is great--theoretically perfect security--but are there any attacks that can be performed against imperfect real-world devices? Yes: if your single photon source generates two photons when it should have only made one, an attacker might be able to perform a "photon number splitting attack" and read the state of one without disturbing the other. Another trick is for an attacker to shine probe light back down the fiber into the sender's optical hardware, and look for reflections off of optical elements to learn about the internal state of their key generation system. Both of these attacks can be defended against, and there's now some research showing how to obtain perfect security even with imperfect hardware.

    In short, it really is unbreakable.
  • honkaform, on 10/11/2007, -1/+36hmm... root password...

    Oh, hi Fluffles!
  • laplacian, on 10/11/2007, -2/+29A simple and extremely low-tech one-time pad is "unbreakable". http://en.wikipedia.org/wiki/One-time_pad
  • beni, on 10/11/2007, -0/+26...and people wonder why I won't tell them my cat's name.
  • blindwisdom, on 10/11/2007, -8/+34Oh my god, never remind of me of the horror that was that book.
  • matt0507, on 10/11/2007, -3/+28"..120,000,000 smart people on Digg"

    buried as inaccurate.
  • elnerdo, on 10/11/2007, -2/+26Of all of the things wrong with that statement, you're arguing with the NUMBER?

    The biggest error that I saw was the word 'smart.'
  • miles01110, on 10/11/2007, -5/+28Unbreakable encryption.... kind of like the unsinkable Titanic?
  • wonderchemist, on 10/11/2007, -2/+25I can come up with unbreakable encryption... just don't ask me to decrypt it later.
  • elnerdo, on 10/11/2007, -1/+20http://en.wikipedia.org/wiki/One-time_pad

    Yes, yes there can be unbreakable encryption.
  • anitab83, on 10/11/2007, -1/+16Hmmm ... maybe he meant to say 100,000. I've never heard of a story getting more than about 100-150K visits from digg.
  • hanksname, on 10/11/2007, -3/+17At the quantum level you can't measure/view it without altering it, so it would be unbreakable in that sense. I don't know that they have done this, and messages would still be susceptible to the most common form of break in, namely someone using their friggin' cats name as the password.
  • Ajajadude, on 10/11/2007, -0/+14Hmmm, the reason why they're having to come up with an "unbreakable" encryption is because, eventually, every other form of encryption is somehow compromised. So, eventually, they'll be devising a new "unbreakable" encryption once this one becomes, well, breakable.
  • mercurysquad, on 10/11/2007, -0/+12Well, if you XOR the source data with a truly random bitstream (say, radio noise converted to a bitstream), then that is theoretically unbreakable encryption. You need to store the bitstream also to decrypt the message, so essentially the key is as long as the data being encrypted (as opposed to fixed size 1024 bit keys which are currently state-of-the-art, if you encrypt a CD's worth of data, you already have a 5600 megabit key).

    So, in short, quantum encryption is entirely different, but it's not really that necessary to find other theoretically 'unbreakable' encryption algorithms/keys either. And no, they are not stupid.
  • catalysis, on 10/11/2007, -1/+13I've always found it funny seeing people with obviously no background in mathematics, much less cryptography, say things like "if it can be encrypted, it can be broken." Just because you heard somebody else say it, doesn't make it true. This is a typical example of groupthink.

    There are a number of ways to achieve theoretically unbreakable encryption. Issues involved in the implementation just make it limited in its application.
  • inactive, on 10/11/2007, -3/+15Rule #1 of cryptography, never trust the guy who claim his encryption is unbreakable. He's either a liar or a newbie who missed a nasty bug which could render his encryption breakable within minutes.
  • jmonty1000, on 10/11/2007, -11/+22In other news, Bill Gates says 640K should be more than enough memory for any application.

    Unbreakable now, okay - maybe. Unbreakable 20 years fromw now? I don't believe it.
  • listrophy, on 10/11/2007, -0/+11In summary, using a key as long as the message itself, ensuring that it is used only once, is unbreakable. Simple as that.
  • mstrebe, on 10/11/2007, -1/+11One-time pads are unbreakable, because all possible plain texts are equally likely. So, if this is truly what's going on, then it's truly unbreakable.
  • fkr3, on 10/11/2007, -1/+11Being able to click a link doesn't mean the person is intelligent. My cat's clicked links and she's still working out the basics of crapping in the kittie litter.
  • DivisibleByZero, on 10/11/2007, -0/+9Article is about a secure quantum key delivery system for, you guessed it: one time pads. It's about tackling the problem of making sure that only the right two people have the pad.
  • rhnet, on 10/11/2007, -4/+12it's called a one time pad, its unbreakable (provided completely random data) http://en.wikipedia.org/wiki/One_time_pad
  • inactive, on 10/11/2007, -1/+9@cactus476
    The guys that dugg you up (and will digg me down) are the same zombified idiots that firmly believe that in the future:
    time traveling will be possible; the speed of light can be surpassed; the Heisenberg Compensator will be built etc.

    They are the guys that don't know ***** about physics but think of themselves as "tech enthusiasts". And as such, they have a strong belief that "science & technology will not let them down"; "nothing is impossible"; "if you can dream it, you can do it".

    The statement of the NIST scientists, which probably do not vote on Digg.com, is based on everything we currently know and have been unable to disprove in 80 years of countless experiments. Maybe our future holds yet the biggest surprise humanity will have ever encountered, but right now we cannot take that surprise for granted; we cannot foresee that quantum physics is completely WRONG and already incorporate that assumption into all our statements.

    I'll just end this post with George Carlin: Just think of how stupid the average person is, and then realize half of them are even stupider!... And they all vote."
  • DigitalJester, on 10/11/2007, -0/+8I don't think people have really tried though. They have better things to work on. Like cracking this.
  • jwegan, on 10/11/2007, -1/+9clearly you know nothing about cryptography. One Time Pad cryptography which is what they are using in the article is PROVABLY unbreakable
  • EatingPie, on 10/11/2007, -5/+12As I understand it, the AACS crack did not break the encryption per se. It was a key sniff. And I believe DVD was the same.

    In that sense, the most famously "cracked" encryption algorithms weren't *cracked* in the sense strict sense of the word. So robh66's comment about "120,000 *smart* people on Digg" sparks heavily of pretense.

    -Pie
  • tbo0, on 10/11/2007, -0/+7Disclaimer: I am a physicist studying quantum information.

    New Scientist's coverage of quantum information-related topics (and many other topics) is awful, and you shouldn't read it unless you want to get dumber. Measuring a quantum bit in an arbitrary state without disturbing it would violate the No Cloning theorem, which is provable directly from the fact that quantum mechanics is linear. If quantum mechanics were in fact non-linear, all sorts of crazy things would happen (e.g., causality violation), so I'm confident in saying the New Scientist article is crap.
  • ToadLeg, on 10/11/2007, -0/+6As laplacian said, this is only unbreakable because it uses a one-time pad. The real news is not that it is unbreakable, but that the one-time pad is created in realtime by encoding it in quantum properties that can only be read once. While this has been theoretical for a long time, they have finally created a device that actually does it.
  • Dylan16807, on 10/11/2007, -0/+6that's not breaking the encryption. that's guessing the entire message.
  • Unnngh, on 10/11/2007, -0/+6The core encryption is just a one time pad, nothing special, this is usually what "unbreakable" means. Theoretically speaking if the pad is truly random it should be unbreakable. Practically speaking the problem is in the distribution of the key itself - each side needs the "pad" to encrypt/decrypt successfully and if anyone else gets the key they can easily decrypt the message. The quantum aspect of this should ensure that the key transmission is not intercepted. It actually looks at a first glance that this may be a practical OTP implementation.
  • ricree, on 10/11/2007, -0/+5@leetdood

    No, it's seriously unbreakable. As long as the key itself is truly random, and the attacker does not have the key, then there is no way to decrypt it. Even if you brute forced it for a trillion years, all you would have is a list of every single n-bit string. Good luck figuring which one it actually is.
  • Jugalator, on 10/11/2007, -0/+5Of course, but when security people speaks of "unbreakable" encryption, they usually mean that the only restort is brute-forcing it, and/or that it will be detected when someone try to crack it, like with quantum encryption.
  • tbo0, on 10/11/2007, -0/+4You're describing a man-in-the-middle attack, which is possible unless the classical channel used in quantum key distribution is authenticated. The channel can be authenticated using a small shared secret key, and then used as part of QKD to produce an exponentially-larger key. In some sense, QKD is really a perfectly-secure key amplification protocol.
  • inactive, on 10/11/2007, -9/+13The book didn't make any sense at all. Dan Brown's worst book out of the four.
  • TheIneffableBob, on 10/11/2007, -2/+6100 trillion decades.
  • djh816, on 10/11/2007, -4/+8would be ironic if it was the AACS key that could crack it.
  • ariez84, on 10/11/2007, -0/+4I bet Jack Bauer can break the encryption.
  • oneminuteago, on 10/11/2007, -0/+4@mercurysquad:

    Exactly, it's called "one-time pad" and it is the only cypher about which it has been theoretically proven that it's unbreakable.
  • S1ngular1ty1, on 10/11/2007, -1/+5What the hell does Windows NT 4 have to do with encryption or this article?
  • S1ngular1ty1, on 10/11/2007, -0/+4You can't brute force one time pads. They are unbreakable.
  • thorseth, on 10/11/2007, -0/+4If the creator used a quantum random generator to "one time pad" his message then no amount of time would allow anyone to extract the message again. Both the encryption method and key distribution has been proven mathematically, so stop making unwarranted claims - unless you can disprove quantum mechanics.
  • thorseth, on 10/11/2007, -2/+6please read up on one time pads and quantum key distribution before spewing your BS!
  • mmacmu1, on 10/11/2007, -0/+3Unbreakable is probably not the best description. I think they mean no one can "listen in."

    Heisenberg uncertainty principle: at the subatomic level we can never actually see what goes on because we must use photons (for sight), or some other particle, which alters its natural state.

    Tapping in on a subatomic signal would disrupt the end signal, thus they would stop transmitting.
    Thats my understanding at least
  • ArthurSucks, on 10/11/2007, -4/+7Unlike the last few unbreakable DRMs?
  • MatthewWilkes, on 10/11/2007, -0/+3The only way a cryptosystem can be "unbreakable" is if it offers what's called "perfect security". Seems obvious, but the term "perfect security" is defined as P(M=m | C=c) = P(M=m), in other words the probability of a message being "Hi" is equal whether you can see the ciphertext or not.

    The way the one time pad works is you use a completely random key which is distributed securely in advance. The only real way of doing this is to get two parties in a secured room and throw a ***** of fair dice, as well as ensuring the keys are never found afterwards. The ciphertext is then XORed (or added depending on what implementation you're using, look up the Vernam Cipher, for example) with the random key.

    Now it's been XORed with random, the ciphertext and the key are equally random, so on their own convey no information. Only combined do the random bits cancel eachother out to reveal the message. As nobody else knows the key the ciphertext is indistinguishable from randomness. Clever, huh?
  • Fetching more discussions...
    Show 51 - 100 of 134 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.