First quantum crypto bank transfer

John Denker jsd at av8n.com
Mon Aug 23 10:55:12 EDT 2004 

Jerrold Leichter wrote:

> ... the comments I've seen on this list and elsewhere have been much 
> broader, and amount to "QM secure bit distribution is dumb, it solves
> no problem we haven't already solved better with classical 
> techniques."

Most of the comments on this list are more nuanced than that.
Examples of sensible comments include:
  -- We have seen claims that QM solves "the" key distribution
   problem.  These claims are false.
  -- _Commercialization_ of QM bit-exchange is dumb, for now
   and for the forseeable future.  I am reminded of a slide
   Whit Diffie showed (in a different context) of an attempt
   to build a picket fence consisting of a single narrow pale
   a mile high ... while the rest of the perimeter remains
   undefended.  That's a dumb allocation of resources.  The
   opposition aren't going to attack the mega-pale;  they are
   going to go around it.  QM doesn't solve the whole problem.
   Sensible research should not be directed toward making the
   tall pale taller;  instead it should be directed toward
   filling in the gaps in the fence.

 > Even if some snake-oil salesmen have attached themselves
 > to the field doesn't say research in the field is worthless.

Be that as it may, there are other grounds for judging the
commercialization projects to be near-worthless.

> Also, there is a world of difference between:
> 
> 	1.  Showing something is possible in principle;
> 	2.  Making it work on the lab bench;
> 	3.  Making it into something that works in the real world.
> 
> For QM key exchange, step 1 goes back maybe 10-15 years, and most
> people thought it was a curiosity - that you could never maintain
> coherence except in free space and over short distances.

That's backwards.  Quantum crypto free in space is hard.  It's
much easier to use a single-mode fiber, over distances such
that there is little total attenuation (which can be a quite
macroscopic distance, since the attenuation is a fraction of
a db/km if you do it right).

> Step 2 is a couple of years back, the first surprise being that you
> could actually make things work through fiber, then through a couple
> of Km of fiber coiled on a bench.

Again, that diametrically misstates the physics.  Propagation
through a couple km of fiber shouldn't have surprised anybody.

> BTW, if we look at QM *computation* in comparison, we've barely made
> it through Step 1.  There are still plausible arguments that you
> can't maintain coherence long enough to solve any interesting
> problems.

Within a year of the invention of quantum computation,
people were working on quantum error correction.  This
is interesting work and has had spin-offs in the form
of changing how people think about error correction even
in non-quantum systems.  And it has had spin-offs
applicable to quantum cryptography, i.e. showing how it
is possible to survive a modest amount of attenuation.

> Some of the papers I've seen solve the problem only in their titles:
> They use a QM system, but they seem to only make classical bits
> available for general use.   

Huh?  The world abounds in QM systems that produce classical
results, including e.g. transistors, lasers, practically all of
chemistry, etc. etc. etc.  Quantum computers produce classical
results because that is what is desired.

> The contrast between this work and QM
> key exchange is striking. 

If the intent is to make quantum cryptography sound better
than quantum computation, the point is implausible and
unproven.

If the intent it so make the best results in quantum crypto
sound better than the lamest parts of quantum computation,
then the comparision is (a) unfair and (b) hardly a ringing
endorsement of quantum crypto.

> after all, transistors were invented to build phone lines, not
> computers!

It's not true that transistors were invented solely for
application to phone lines.  Even if it were true, it would
be irrelevant for mulitple reasons.  For starters, keep
in mind that the big computers built during the 1940s
were built using vast amounts of telecom switch gear.
Bletchley Park relied on engineers from the Post Office
(which was the 'phone company' in those days).

And even if the facts had been otherwise, arguments about
the near-term applicability of one technology are largely
irrelevant to the near-term applicability of another
technology.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list