digg

Facebook Connect Join Digg About

Quantum cryptography is hacked

nature.com Simulation proves it's possible to eavesdrop on super-secure encrypted messages. A team of researchers from MIT has, for the first time, hacked into a network protected by quantum encryption.

Who dugg this? Made popular Apr 29, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

53 Comments

show profanity settings
expand all
  • phjr, on 10/12/2007, -4/+74Security is never 100%.
  • edzieba, on 10/12/2007, -1/+43So this quantum cryptographer walked into a bar. He also didn't. But in the act of observing him, you have indicated to him the fact of your observation...


    Yeah, I'll stick with the old Heisenberg's Uncertainty Principle jokes.
  • delta013, on 10/12/2007, -1/+35Ok, so, two cryptographers walked into a bar...
  • blubloblu, on 10/12/2007, -2/+31Well, a one-time pad can be 100% uncrackable.http://en.wikipedia.org/wiki/One-time_pad#Perfect_secrecy . It's a very simple method and can't be cracked as long as the key is: kept secret, truly random, used only once, is longer than the message.
  • samadam, on 10/12/2007, -1/+19see, the strange thing is that quantum cryptography was supposed to be perfect due to the nature of quantum information. as the article mentions, if the user simply increased his key system to require every bit to be correct out of some several thousand key bits, there would be no way for the attacker to hack the link.

    that, and the data would still be encrypted the standard way, possibly with something like a 1024bit rsa, which, with only 40% of the bits correct, is nigh impossible. I will end up taking that back eventually, but in the near future it is perfectly safe.
  • Archon810, on 10/12/2007, -2/+18ATTENTION: Please do not attempt to produce any more jokes on this subject, they're just not working out.
  • Mirag3, on 10/12/2007, -0/+14One day, Heisenberg is pulled over by a cop for speeding. The cop pulls him over and asks him, "Do you know how fast you were going?!" Heisenberg answers with a smile, "No. But I can tell you exactly where I am."
  • wvannus, on 10/12/2007, -1/+13While working a process in his head, a quantum cryptographer walked into a bar. His friend ducked.
  • ultimatekiwi, on 10/12/2007, -0/+9Edgar Allen Poe said:
    "It may well be doubted whether human ingenuity can construct an enigma - which human ingenuity may not, by proper application, resolve."
  • TeatimeGrommit, on 10/12/2007, -0/+8@edzieba

    Actually, it is quite possible for it to be 100% secure. The idea is that there is no longer any 1 plaintext that is more probable than any other plaintext. A quantum computer set on such a task would give a superposition of all the possible plaintexts. If, as an attacker, I can't tell the difference between "Mary had a little lamb" and "Bomb Korea with everything," along with millions of other possible pad / solution sets then the security can be said to be perfect. There are pseudo-random number generators good enough for the purpose, given a decent seed of truly random data (cosmic ray detector, for instance)
  • bIuebonics, on 10/12/2007, -3/+11leave it to that wacky bunch at mit. it doesn't really surprise me that quantum encryption has been (partially) cracked at the place where hacking originated.
  • squaredUP, on 10/12/2007, -0/+6@ mnemonix

    Be case just by observing the photon you change its physical properties. The problem with hacking these systems is that just by LOOKING at the transmission you disrupt it. MITM attacks would simply destroy the communications. It is 'thought' to be possible to do a MITM attack with technology that doesn't exist yet by.. in theory.. reading the photons faster than light. Thus, leaving them intact. That, however, is another story..
  • edzieba, on 10/12/2007, -6/+12How do you generate a truly random one-time-pad? Unless you're using atomic decay or some similar obscenely complicated true-random generator, you're using an (admittedly very complex) algorithm to generate psuedo-random sequences. Given a quantum computer (and as we're talking quantum cryptography here that's not out of the question) the algorithm governing this sequence could eventually be found and reversed, allowing the key to be found, and the message decrypted.

    Though it would be incredibly, ludicrously, mind bogglingly difficult, it would be possible. Quantum computers can do strange and difficult tasks with ease, like reversing AES keys (thought to be impossible with conventional mathematics in a reasonable amount of time i.e. less than the predicted lifespan of the universe).
  • pizzatsf, on 10/12/2007, -2/+7Not perfect but off to a good start.
  • lazyeyesam, on 10/12/2007, -0/+5Data doesn't need to be 100% secure. So long as the cost to decrypt the data is greater than the value of the data itself, it is classed as 'secure'.
  • sotopheavy, on 10/12/2007, -1/+5MIT black hat strikes again.
  • lopla, on 10/12/2007, -3/+7Quantum encryption can be easily broken. It just takes a gun and some convincing of the key holder.
  • phlux, on 10/12/2007, -0/+4Well at least this makes way for "quantum obfuscation security"

    So long as you arent looking at the data - its still secure.

  • delta013, on 10/12/2007, -2/+6Nurse: Ok MisterFlaut, time for your meds.
  • spiffytech, on 10/12/2007, -1/+5@ Timmmm- I understand that, in WWII, the military would try to get around the key transmission issue by giving officers a packet of labeled keys before sending them off. A letter would indicate which key to use. Not perfect, since the keys were sent months in advance of the letter, it worked out OK.
  • RckmRobot, on 10/12/2007, -0/+4A one-time pad is proven to be unbreakable, and the purpose of quantum cryptography (QC) is not to send messages, but rather to create one-time pads.

    This article is inaccurate in that it says that QC's purpose is not to send the message, but to create the pad. Once the pad is created, the encrypted message can be sent through any medium.
  • squaredUP, on 10/12/2007, -0/+3Sources:

    Before some digg scientist debunks me with a smartass comment.

    http://en.wikipedia.org/wiki/Photon_polarization#Uncertainty_principle

    http://en.wikipedia.org/wiki/Uncertainty_principle
  • BitwiseMcgee, on 10/12/2007, -0/+3"Given a quantum computer (and as we're talking quantum cryptography here that's not out of the question) ... "

    Quantum Computer != Quantum Cryptography!!! They are two different things, the power of the quantum computer is that different things can be effectively computed at the same time, allowing very difficult problems to be computed quickly. It's still very theoretical, where as quantum cryptography is do-able.
  • maehem, on 10/12/2007, -0/+3Every time a photon is entangled, God kills a kitten.
  • FAT_PIGGY, on 10/12/2007, -1/+3CIA ?
  • tehnico, on 10/12/2007, -0/+2Well of course it can be hacked, the encryption ceases to exist when you examine it.
  • agentf, on 10/12/2007, -0/+2No fair! They changed the outcome by observing it
  • Timmmm, on 10/12/2007, -7/+8Everyone always says "But... a one time pad..!!!"

    A one time pad is an extremely simple, secure and useless method of encryption.

    For general use you have to securely transmit a key as long as the message. Not only is this extremely expensive, but if you are capable of it, why not just send the message?

    Of course there are instances where it is useful, but generally they just aren't worth it. I'd be interested to know if anyone knows of any instances where they were used effectively.
  • miles01110, on 10/12/2007, -4/+55/10 for originality, 2/10 for humor.
  • cjhandley, on 10/12/2007, -2/+3Didn't Scott Bakula already do this? Buried as inaccurate.
  • defrab, on 10/12/2007, -0/+1In fact, there is no such thing as Quantum Cryptography, only Quantum Key Distribution. With QKD, you transfer a key to Bob (receiver) who then "decrypts" it with a 50% chance of getting it wrong, then, he has to distill it with alices (sender) polarization. Then, Eve has to compare her polarizations with bob and alice. Due to this, Eve will only have a minuscule amount of information. Then, Alice and Bob perform privacy amplification which almost guarantees that eve will be out of the loop entirely. Then, Alice encrypts her message with the key using the vernam cipher (one time key pad) and sends it to bob using the classical channel. It should be noted these random photons as the key, as long as the key is kept safe at both ends, it is not possible to decrypt it, because this key is perfectly random.
    All that MIT has done is to be able to intercept 40% of the photons, this is actually quite negligible. Sorry MIT, better luck next time.
  • dlsspy, on 10/12/2007, -1/+2@Timmmm

    I had a friend in from another continent and burned a CD full of /dev/urandom and wrote a little OTP tool. I've never used it, but I've got 650MB or so of key just in case.

    That's pretty much the trick. Hand the key over in person when you don't need to move lots of encrypted data. Securely informing the other that the key has been compromised is a pretty easy problem.
  • addicted68098, on 10/12/2007, -0/+1My soloution would to pack it in a place where anyone can get at it, but no one would suspect it anywhere near their. During the Cold War the soviets used the media to send messages to one another, obviously it was only a matter of time it was discovered since you would have to use an odd language structure to mask the messages. But the internet can better mask things, like in large images. Say you got a key from patterns of colors in image in flickr, then went to digg, and applied that key to the awesome digg t-shirt logo at the bottom.
  • diggometer, on 10/12/2007, -0/+1it couldn't get worse than that, could it?
  • SenatorPenguin, on 10/12/2007, -0/+1Interesting point logik3x... they could just encode the data by altering the speed of light. Nothing special at all.
  • winmac96, on 10/12/2007, -0/+1Where there's a will...

    100% secure cryptography would not be very practical because it would be unusable even to the creator.
  • inactive, on 10/12/2007, -4/+4It hasn't even been developed yet, but it's already been cracked? Bull.
  • co1dfus1on, on 11/05/2007, -0/+0Physics is reality. Not man-made.
  • RoflMyWaffle, on 10/12/2007, -2/+2as long as SOMEONE has access to it, ANYONE can get access
    this being said, the only way to lock something down and away from anyone is locking it down and away from yourself too...
  • sunamiebob, on 10/12/2007, -1/+1Anything made by man, can be broke by man
  • digitalranger, on 10/12/2007, -4/+3Quantum entanglement has been my day job - breaking quantum encrypted data is a physical impossibility.

    The actual article here says that what they've done wouldn't work in the real world, which is why I've buried the story. It's pointless.
  • inactive, on 10/12/2007, -4/+2even god has a shadow
  • logik3x, on 10/12/2007, -3/+1uh... it's not really anything special... they could find some application as using not only polarization but momentum and double the data sent but I don't think they can set momentum and polarization... so it is pretty useless.. unless you actually work for that bank and installed the equipment...
  • mnemonix, on 10/12/2007, -4/+2It's potentially susceptible to a man-in-the-middle attack too, this is as it sounds where the attacker intercepts the transmission, records it and then re-sends the data to the unknowing recipient. I'm not sure if there are any limitations from the Physics involved in polarising a photon but I can't see why that isn't possible. So I guess I'm not really sure what the added advantage is; other than you can't listen into the photon stream without affecting it.
  • Enelysios, on 10/12/2007, -5/+1This is going to be big! Its just a start, but it proves a concept that a lot of people thought was impossible. Looks like the art of hacking isn't going to die anytime soon, screw you physics!
  • fredxor, on 10/12/2007, -17/+13@DarkDragon
    That is why SETI is so important.
  • inactive, on 10/12/2007, -6/+1YOU GET IT? ANOTHER DIMENSION.

    LAWLS!

    This joke will also make you pregnant.

    Oh it was original and funny. Where is your humor?

    When you speak about Quantum anything, all is fair game.
  • nationalist, on 10/12/2007, -8/+2lol
  • inactive, on 10/12/2007, -10/+3I cracked Quantum Cryptography 5 million years ago using a tree and a piece of tape.

    ...just not in this dimension.
  • Snitzel, on 10/12/2007, -8/+0"Not perfect but off to a good start". How the hell are you? Have you even achieved anything close to this in your life time?
  • Fetching more discussions...
    Show 51 - 53 of 53 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.