Unbreakable

|

In our December issue (on newsstands now), we finger Phil Zimmerman, the inventor of the encryption program PGP, as one of our "35 Heroes of Freedom." We wrote: "By inventing and distributing Pretty Good Privacy, a free, easy, and damn-nigh uncrackable e-mail encryption program, [Zimmerman] gave dissidents everywhere the ability to communicate without fear–all while challenging his own government's attempt to control that ability. He's living proof that a single individual with a good idea can make a huge difference."

Now comes news reports of the next great (or more precisely, quantum) leap forward in enryption technology:

After 20 years of research, an encryption process is emerging that is considered unbreakable because it employs the mind-blowing laws of quantum physics.

This month, a small startup called MagiQ Technologies Inc. began selling what appears to be the first commercially available system that uses individual photons to transfer the numeric keys that are widely used to encode and read secret documents.

Photons, discrete particles of energy, are so sensitive that if anyone tries to spy on their travel from one point to another, their behavior will change, tipping off the sender and recipient and invalidating the stolen code.

"There are really no ways (of) cracking this code," said Lov Grover, a quantum computing researcher at Bell Laboratories who is not involved with MagiQ.

Whole story here.

Advertisement

NEXT: The State of the States

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. I’ve read a little about this. It seems this technology won’t work with repeaters, so the utility is limited right now (quantum encryption was once successfully performed over several miles, using an optical link draped across the bottom of Lake Geneva, but then who goes to Switzerland this time of year?)

    But if they can somehow solve that repeater problem, then quantum encryption becomes something truly remarkable. It’s not just quote-unquote “impossible” to crack (meaning impossibly hard). It’s literally a violation of the laws of physics to break them. You’d be a moron just to try – it is a theoretical impossibility.

    Of course, then you begin to think, “Suppose I take that guy’s daughter hostage – then he’d tell me the code.” There’s always a way around anything if you’re motivated enough.

  2. I’ve read a little about this. It seems this technology won’t work with repeaters, so the utility is limited right now (quantum encryption was once successfully performed over several miles, using an optical link draped across the bottom of Lake Geneva, but then who goes to Switzerland this time of year?)

    But if they can somehow solve that repeater problem, then quantum encryption becomes something truly remarkable. It’s not just quote-unquote “impossible” to crack (meaning impossibly hard). It’s literally a violation of the laws of physics to break them. You’d be a moron just to try – it is a theoretical impossibility.

    Of course, then you begin to think, “Suppose I take that guy’s daughter hostage – then he’d tell me the code.” There’s always a way around anything if you’re motivated enough.

  3. Exposing my almost invincible ignorance about this topic, I recall that there was a movement afoot several years ago to (1) prohibit private encryption of e-mail, etc. and (2) to promulgate a government approved encryption program (for which the government kept the key, natch).

    It occurred to me then that this government approved encryption program, if widely used, would be a godsend to those who wished real privacy under the theory that an already encrypted message would be less discernable as being encrypted if it was subsequently encrypted by the government approved program.

    Can anyone tell me if this is so (or even makes sense)? My dumb-guy common-sense notion is that an unencrypted file would evince paterns which made it more recognizable as, say, text or an MP3 file or whatever, but that the type of an encrypted file would be less easily identified from its bit-stream. If that is so, then an encrypted file would be noticible by virtue of its greater ‘randomness’ and more likely to call attention to itself to our watchers.

    However, if the encryption masks such markers, then wouldn’t terrorists, pirates or even ordinary folks like you and me be less detected in our use of unauthorized encryption underneath the approved encryption program?

    Sorry for the long winded question. I’d probably have been able to make it shorter if I understood the technology better.

  4. The real irony of this is that it may stymie research into quantum computing.

    The biggest promise of quantum computing is a fast algorithm for factoring very large numbers (the difficulty inherent in factoring very large numbers is one of the key aspects of many common encryption algorithms). But with this sort of unbreakable encryption those old algorithms will eventually become obsolete. Obviously it will take time to replace them, but over time it will happen and so quantum computation will become less interesting, at least from a practical perspective.

    Then again, at some point Google might finance quantum computation research as the amount of data becomes so huge that they need a quantum computer to sort it. To find a record in a database of N files takes an average of N/2 tries (sure, sometimes you get lucky and find it on the first try, other times you get unlucky and need all N tries). But a quantum computer can speed it up to Sqrt(N) tries. Pretty cool.

  5. I’m completely unqualified to make any remark about this subject, whatsoever.

  6. D. A. Ridgely:
    You’re right that an encrypted file has more “randomness” to it than an unencrypted one. But so does a compressed, unencrypted file such as a ZIP file. There are lots of the latter around, and if you put a ZIP header on an encrypted file, it would be difficult to tell the two apart just by measuring data entropy.

  7. This has been coming for some time. It doesn’t mean much to the average computer user, though, since key transfer requires a direct optical connection. The technique physically can’t be used over any kind of repeater or relay.

    Also, if just one key is found to be changed, that wouldn’t really prove intrusion, since data transfer at the single-photon level is inherently error-prone. (Presumably error-checking code is used to catch such problems.) It just means that a new key has to be transmitted, since the previous one might be compromised. If too many keys show errors, that would be a tip-off that someone might be tapping into the fiber optics — or maybe just that they’ve got a defective line.

  8. Even with perfect encryption, the knowledge that two people are communicating *something*, the time of communication, the location of the people communicating, and the size of the message are all valuable pieces of information. A sudden increase in encrypted traffic between people in NYC and Yemen is sure to indicate something is happening.

    To be really secure, you need to constantly engage in encrypted traffic with everyone in the world at the same time (or possibly just a large number of random people at random times) with really big junk messages.

  9. I’ve suggested that friends use encryption before, but they usually say “Why would I want to encrypt anything? I have nothing to hide.”

    Funny, a friend from the UK once said “Why would I want the right to free speech? I have nothing important to say?”

    Anyway, here’s an interesting page about how to set up email security that just about anyone can verify without downloading plugins and keys and all of that nonsnense that prevents everyone and their mom from using PGP.

    Best of all, S/MIME is built into most email clients already.

  10. On the other side, knowing that someone is listening can be very valuable.

    My bet is that _someone_ will try to make this a controlled technology, but give up on the idea after it’s too bad for business. On the other hand, I can also see this being built into the repeaters to guard against everybody _else_’s taps.

Please to post comments

Comments are closed.