First quantum crypto bank transfer

Jerrold Leichter jerrold.leichter at smarts.com
Sun Aug 22 09:32:29 EDT 2004 

| Not quite correct, the first bank transfer occurred earlier this year,
| in a PR event arranged by the same group:
|
|   <http://www.quantenkryptographie.at/rathaus_press.html>
|
| However, I still don't believe that quantum cryptography can buy you
| anything but research funding (and probably easier lawful intercept
| because end-to-end encryption is so much harder).
Not to attack you personally - I've heard the same comments from many other
people - but this is a remarkably parochial attitude.

Quantum crypto raises fundamental issues in physics.  The interaction of
information and QM is complex and very poorly understood.  No one really knows
what's possible.  This is neat stuff, and really nice research.  New results
are appearing at a rapid pace.

Will this end up producing something new and useful?  Who can say?  Right now,
we're seeing the classic uses for a new technique or technology:  Solving the
old problems in ways that are probably no better than the old solutions.  If
the new technique or technology is really good, it will solve *new* problems
we haven't even thought of yet.

The press will always focus on things people understand, and which seem to
have short-term relevance.  If you're objecting to researchers blowing their
own horns ... well, that's the way the world works.  It's certainly been the
way physics has had to work since it became impossible for an individual, and
ultimately even an institution like a university. to be able to fund the
experiments necessary to move forward.  Without public support, research will
starve to death.

Anyone raising objections to work on quantum crypto today might ask themselves
why they had no objection to work on traditional crypto when DES seemed, as a
practical matter, to be unassailable except by brute force that was then 15
years in the future (by which time the same "sources" who provided DES could
provide something new).  As a practical solution to practical problems, there
was no need to go further.  And all this stuff about bit commitment protocols
and BBS generators and all that impractical stuff - why bother?

Alternatively, how anyone can have absolute confidence in conventional crypto
in a week when a surprise attack appears against a widely-fielded primitive
like MD5 is beyond me.  Is our certainty about AES's security really any
better today than was our certainty about RIPEM - or even SHA-0 - was three
weeks ago?
							-- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list