Commercial quantum crypto product - news article

Arnold G. Reinhold reinhold at world.std.com
Wed Jun 5 21:15:41 EDT 2002 

At 5:23 PM -0400 5/31/02, Steven M. Bellovin wrote:
>In message <2F1A38DC0413D311A7310090273AD527042023F8 at dthrexch01>, 
>"Kossmann, Bi
>ll" writes:
>>Anybody familiar with this product?
>>
>>
>>A Swiss company has announced the commercial availability of what it says
>>are the first IT products which exploit quantum effects rather than
>>conventional physics to achieve their goals. (05/31/2002)
> >http://itworld.ca/rpb.cfm?v=20021510001
>
>A fascinating article.  It raises an interesting point:  how does one
>validate such a system?
>

I think that is a very good question. All quantum crypto claims to do 
is insure that someone who accesses the fiber optic cable between the 
end points can't recover your secret data. You still have to verify 
that the quantum transceivers are doing quantum crypto properly and 
don't contain any malware that records and leaks keys.

According to the article, the Swiss vendor claims to be able to send 
1000 bits of quantum secured info per second over short distances. 
By contrast, a pair of ordinary CD-Rs filled with random bits can 
supply 1000 unique bits/sec for over 20 years. The problem of getting 
the duplicate disk to the other end point without being compromised 
is no harder than the problem of getting the quantum transceivers to 
the endpoints without being tampered with.

The quantum approach does offer forward security (assuming the 
hardware can be trusted). This can also be done with CD-Rs by 
shipping a box of them and destroying them as used. A one year supply 
of weekly CDs (or 5 year supply of monthlies) fits in a shoe box. 
Another approach is to xor the CD-R derived key with a nonce 
exchanged using public key techniques, e.g. D-H. Then you are only 
depending on PKC technology to provide forward security for a week or 
month. One other advantage of the CD-R approach is that it is immune 
to an obvious denial of service attack against the quantum method: 
cutting the fiber optic cable.

Not only do random CD-Rs cost far less than laying a fiber optic 
line, the process of creating them can be understood and implemented 
by the organization that wishes secrecy using off the shelf hardware, 
without reliance on outside vendors. In cryptography, complexity only 
multiplies risk.

Arnold Reinhold

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list