Interesting People mailing list archives
more on ARMSTRONG LECTURE on Quantum Crypto and Optical Networks (Forwarded)
From: David Farber <dave () farber net>
Date: Mon, 19 Sep 2005 18:34:33 -0400
Begin forwarded message: From: David Wagner <daw () cs berkeley edu> Date: September 19, 2005 6:22:10 PM EDT To: touch () ISI EDU Cc: dave () farber net, smb () cs columbia eduSubject: [IP] more on ARMSTRONG LECTURE on Quantum Crypto and Optical Networks (Forwarded)
The real problem with QKE is that it solves a non-problem, and it does so poorly. QKE is as good as the security of the optical fiber link you have.If that fiber isn't tampered with, and is a straight shot from the sender
to the receiver, then QKE is secure, and you don't need any pre-shared authentication keys. So far, so good. The first problem with QKE is that, as you notice, the above scenario can only be applied to point-to-point links. You can't have routers, switches, bridges, repeaters, etc., because they violate the security requirements (roughly, they are indistinguishable from eavesdroppers). If you have a group of n people who might want to communicate amongst themselves, you need n^2 links, which isn't really workable. Consequently, you can only use QKE for a few point-to-point links. (If you want to avoid point-to-point links, you can try to play thesegames with pre-shared authentication keys, but then the QKE is pointless.
If you had pre-shared keys, you wouldn't need QKE; you'd just use classical cryptography and be done with it.) The other problem with QKE is that it is solving a non-existent problem. Today's VPNs are perfectly good solutions to the problem of securing a point-to-point link. You don't need a $50,000 QKE box; a secure tunnelusing classical cryptography (IPSec, TLS, whatever) is perfectly adequate, and you can get such products for free or for much more cheaply than QKE.
The classical crypto is almost never the weakest point in the system, so even if QKE were more secure than classical crypto, who cares? Basically, today's QKE products are a bad joke. As far as I can tell, they are a way to hoodwink companies with too much money into paying $50k or $100k for a box that doesn't solve a problem they don't have. -- David Wagner In article <6D9F6BAA-0B2E-4FDE-BC73-C84EBE1EAEC1 () farber net> you write:
Begin forwarded message: From: Joe Touch <touch () ISI EDU> Date: September 19, 2005 1:53:41 PM EDT To: dave () farber net Cc: smb () cs columbia edu Subject: Re: [IP] ARMSTRONG LECTURE on Quantum Crypto and Optical Networks (Forwarded) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dave and Steve, So far I've been very curious about all the assertions about quantum comm. supporting key distribution, since quantum comm presumes pre-distributed keys for state verification, at least as a bootstrap. See: Why Quantum Cryptography? Kenneth G. Paterson, Fred Piper, Ruediger Schack (Royal Holloway, University of London in Quantum Physics e-print archive, June 2004 Abstract: Quantum Key Exchange (QKE, also known as Quantum Key Distribution or QKD) allows communicating parties to securely establish cryptographickeys. It is a well-established fact that all QKE protocols require thatthe parties have access to an authentic channel. Without this authenticated link, QKE is vulnerable to man-in-the-middle attacks. Unfortunately this fact is frequently overlooked, resulting inexaggerated claims and/or false expectations about the potential impactof QKE. In this paper we present a systematic comparison of QKE with traditional key exchange protocols in realistic secure communication systems. http://arXiv.org/abs/quant-ph/0406147 I've heard various assertions about 'key amplification', 'padregeneration', etc., but at the end of the day it seems that the quantum system is only as good as the conventional authentication key it startedwith, AFAICT. I'd be interested if any others on IP have thoughts on this... Joe David Farber wrote:is it webcast? Begin forwarded message: From: "Steven M. Bellovin" <smb () cs columbia edu> Date: September 14, 2005 6:35:23 PM EDT To: cryptography () metzdowd com Subject: [Colloquium] ARMSTRONG LECTURE on Quantum Crypto and Optical Networks (Forwarded) Date: Wed, 14 Sep 2005 18:30:22 -0400 (EDT) From: Dan Rubenstein <danr () cs columbia edu> To: colloquium () cs columbia edu The Department of Electrical Engineering at Columbia University invites you to attend THE ARMSTRONG MEMORIAL LECTURE Monday, September 19 - 3:00pm Davis Auditorium (Schapiro/Host) Host: Professor Osgood "Unbreakable Secret Key Distribution? Quantum Cryptography and Optical Networks" by Matthew S. Goodman, Ph.D., Chief Scientist and Telcordia Fellow, Telcordia Technologies & Laboratory for Telecommunications Sciences Red Bank, NJ and Adelphi, MD Abstract: Manifestly quantum mechanical behavior has had tremendously important implications for the development of modern technology. In this talk we explore the impact of recent ideas and new approaches that quantum information is having on future secure communications for high performance optical networks. The talk will concentrate on quantum cryptography, which offers the promise of unconditional security for communications, and complements existing mathematically based cryptography, which is applied at higher networking levels. The talk will review the rapid progress in this field as well as some very recent experimental results from the Telcordia research group and its collaborations. We will describe the impact that this work is having on optical networking research and some early commercial activities and will speculate on its broader commercial implications. Light refreshments will be served. We look forward to seeing you there! _______________________________________________ Colloquium mailing list Colloquium () cs columbia edu http://lists.cs.columbia.edu/mailman/listinfo/colloquium ---------- --Steven M. Bellovin, http://www.cs.columbia.edu/~smb --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo () metzdowd com ------------------------------------- You are subscribed as touch () isi edu To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting- people/-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDLvslE5f5cImnZrsRAjJMAJ44OoJaeo1QQvSOrM+YWKdUcj66YwCeMk30 VTRSVKoHV86zz5Ob4at5YPE= =/quq -----END PGP SIGNATURE----- ------------------------------------- You are subscribed as interesting-people-gate () taverner cs berkeley edu To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on ARMSTRONG LECTURE on Quantum Crypto and Optical Networks (Forwarded) David Farber (Sep 19)
- <Possible follow-ups>
- more on ARMSTRONG LECTURE on Quantum Crypto and Optical Networks (Forwarded) David Farber (Sep 19)