Quantum Cryptography

Ivan Krstić krstic at solarsail.hcs.harvard.edu
Thu Jun 28 20:08:15 EDT 2007

On Jun 22, 2007, at 11:04 AM, Perry E. Metzger wrote:
> This brings up another issue.  Quantum crypto is exceptionally
> expensive, and is virtually undeployable. To provide security that, in
> a practical sense, is no better than what you can get from high key
> length conventional ciphers, you spend vast amounts on end system
> equipment, rent a dedicated dark fiber link between two locations that
> can't be arbitrarily far apart, and in the end, you have two machines
> that can talk securely in a world where one needs thousands or
> millions of machines to talk securely to any one of the other
> machines.

I wrote a reply agreeing violently with your sentiments, and then  
realized I sent the same e-mail to this list two years ago:

"I have to agree with Perry on this one: I simply can't see a compelling
reason for the push currently being given to ridiculously overpriced
implementations of what started off as a lab toy, and what offers - in
all seriousness - almost no practical benefits over the proper use of
conventional techniques. Besides, any of the ultrasecret applications
that *might* (I remain very skeptical) call for such a level of
confidentiality - things like military communication or diplomatic
message exchange between a country and its ambassadors - are all too
likely to be out of the range currently offered by these QC setups (last
I read, if I'm not mistaken, it was about 50 km or ~30 miles). Fine, the
range might improve - but I doubt that the amount of money and hassle
required to set these up will."
  -- from http://permalink.gmane.org/gmane.comp.encryption.general/4526

Later in the thread, I opined that:

"[t]he way I see this is that there are two options: consumers can  
the security of their data to physics they don't understand, or
mathematics they don't understand. One of the fundamental differences is
that the former *no one* understands, and its price reflects that. With
the latter, well - quite a few people understand the math behind crypto,
and silicon is cheap these days. So what are people waiting for? Why
doesn't everyone concerned for their link security have a pair of cheap
strong crypto devices at both ends?"

I can't say I understand this fascination with photons for any  
practical cryptographic purpose any better now than I did back then,  
but I'm certainly more amused by it. May I coin "quantum  
craptography" as a better expansion of the abbreviation QC?

Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list