First quantum cryptography network unveiled

[InfoSec News <isn () c4i org>]

http://www.newscientist.com/news/news.jsp?id=ns99995076

Celeste Biever
04 June 04 
NewScientist.com
  
The first computer network in which communication is secured with
quantum cryptography is up and running in Cambridge, Massachusetts.

Chip Elliott, leader of the quantum engineering team at BBN
Technologies in Cambridge, sent the first packets of data across the
Quantum Net (Qnet) on Thursday. The project is funded by the
Pentagon's Defense Advanced Research Projects Agency.

Currently the network only consists of six servers, but they can be
integrated with regular servers and clients on the internet. Qnet's
creators say the implementation of more nodes in banks and credit card
companies could make exchanging sensitive data over the internet more
secure than it is with current cryptography systems.

The data in Qnet flows through ordinary fibre optic cables and
stretches the 10 kilometres from BBN to Harvard University. It is
encrypted using keys determined by the exchange of a series of single,
polarised photons.

The first money transfer encrypted by quantum keys was performed
between two Austrian financial institutions in April 2004. But Qnet is
the first network consisting of more than two nodes to use quantum
cryptography - a more complex challenge.

"Imagine making a phone call. If you just have one possible receiver,
you wouldn't even need buttons," explains Elliott. "But with a network
you need a system that will connect anyone on the network to anyone
else." In Qnet, software-controlled optical switches made of lithium
niobate crystals steer photons down the correct optical fibre.


Intruder detection

Quantum cryptography guarantees secure communications by harnessing
the quantum quirks of photons sent between users. Any attempt to
intercept the photons will disturb their quantum state and raise the
alarm.

But Elliott points out that even quantum cryptography "does not give
you 100 per cent security". Although quantum keys are theoretically
impossible to intercept without detection, implementing them in the
real world presents hackers with several potential ways to listen in
unobserved.

One example is if a laser inadvertently produces more than one photon,
which happens occasionally. An eavesdroppper could potentially siphon
off the extra photons and decrypt the key, although no one has
actually done this.

"However Qnet is more secure than current internet cryptography," says
Elliott, which relies on "one way functions". These are mathematical
operations that are very simple to compute in one direction, but
require huge computing power to perform in reverse.

The problem is, according to Elliott, that no one has actually proved
that they cannot be solved in reverse. "So who's to say that someone
won't wake up tomorrow and think of a way to do it?"


Large and expensive

At the moment computers capable of quantum cryptography are large and
expensive, because they are custom-made. Elliott imagines a Qnet-like
system may first appear in banks, for whom these factors might be less
of a problem.

Another limitation is that, for distances over 50 kilometres, the
photon signal is degraded by noise, and it is unclear as yet how this
problem will be overcome.

However, quantum keys can potentially be exchanged over much larger
distances through the air. Tiny, aligned telescopes can send and
detect single photons sent through the air.

The distance record for this form of transmission is currently about
20 kilometres. But calculations suggest that photons transmitted
through the air could be detected by a satellite, which would enable
data to be sent between continents.
 


_________________________________________
ISN mailing list
Sponsored by: OSVDB.org