We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

Quantum crypto continues to advance

In what may one day give people a way to keep even GCHQ and the NSA out of their private affairs without them makes a huge effort, quantum cryptography is starting to finally emerge as a useable technology.

I look forward to the day the entire global communications network is a less friendly place for systems like Echelon and Carnivore.

19 comments to Quantum crypto continues to advance

  • —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    “In what may one day give people a way to keep even GCHQ and the NSA out of their private affairs without them makes a huge effort”

    Ah, but it isn’t the technology that prevents this from being the case now; we’ve had the means since the 1970s, with the invention of public-key cryptography. The real problem lies in the fact that the necessary tools aren’t integrated by default into the applications used by most people.

    Worries about government snooping aside, one big attraction cryptographic techniques have is that they make possible the notions of *message integrity* and *non-repudiability* – for instance, anyone bothered enough to check could easily verify that this message was sent by me and me alone, and also that its contents remained unaltered in the slightest. Trolls would likely be far fewer on most weblogs if this sort of thing were more transparently integrated into blogging software.
    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.2.4 (MingW32) – GPGshell v3.10
    Comment: My Public Key is at the following URL:
    Comment: http://www.alapite.net/pgp/AbiolaLapite.txt

    iD8DBQFAxHAbOgWD1ZKzuwkRAsOuAJoCYM6JM50lblziGox25ksZF5HFJgCfflz3
    1eW8tHg+HqFJ19G9aRMJV3M=
    =gf0h
    —–END PGP SIGNATURE—–

  • Ian

    To echo A.L above, it’s quite easy to use encryption strong enough to give even the NSA (or the NSA ten years from now) an insurmountable problem.

    There are two problems: firstly, because nobody does this, anyone who uses encryption sticks out like a sore thumb (as the Abiola Lapite’s post demonstrates 🙂 which makes traffic analysis a serious problem.

    Secondly, encryption today is strong enough that it is no longer the weakest link in the chain. There are other legal, extra-legal and technical measures that will render encryption useless, such as the RIP Act (in the UK, which makes withholding key material from the police illegal (in violation of the ECHR provision against self-incrimination)), keystroke loggers, Van-Eck phreaking, and other methods of electronic surveillance.

  • BBN technologies. Now there is a company with a place in history. (This is the company invented the first routers and made the ARPANet possible in the 1960s. If any organisation did invent the internet, their claim is as strong as anyone’s).

    And I will echo the two people above me. It isn’t hard for me to encrypt a message so that even the NSA and GCHQ can’t read it. The issue is that most people either don’t do it or use encryption tools that are either too weak or too shoddily written if they do. (Of couse, if the NSA have found some technique for factoring very large numbers that we don’t know about this is not necessarily true, but I don’t believe that they have or indeed that they are likely to do so soon. Quantum cryptosystems can theoretically be made immune to this kind of attack, but that’s only a theoretical problem for now).

  • Bill

    Actually, the technology to keep agencies like the GCHQ and the NSA from reading your mail has been around for something like 80 years now*. It is called the “One-Time Pad”. You encrypt your message using a randomly generated key (it could be on a sheet of paper, or a data file). Your correspondent has an indentical key which he uses to decrypt your message. As long as you both destroy the key after it has been used only once, your information is safe.

    This method is unbreakable, both in theory and in practice. If you re-use the keys, however, all bets are off. That is what the Soviets did in WWII, and that is why we were able to decrypt a portion of their diplomatic traffic. Those decrypts are now public and are known by the codeword “Venona”.

    * If I remember correctly, Gilbert Vernam proposed an OTP using his teletype enciphering mechanism sometime in the 1920’s.

  • James

    I’ve heard recently the EU is pumping some cash into this field as well, as a way to overcome Echelon snooping. Only problem is they seem more interested in facilitating Governments and companies to have privacy. No mention of citizens.

    Not sure how likely it is the Cambridge work will reach the public domain, funded by DARPA.

  • The problem is twofold.

    Firstly no one, outside of a small group of people either know or care enough to worry about encryption.

    Secondly for those that do run the risk of attracting attention from the security services on the trawl for pedos and terrorists – because as far as the majority are conserned “if you have nothing to hide, you have nothing to fear.”

    Until crypto enters the public domain and is both secure and easy to use the public will be spied on, and those in the know will fear the RIP act.

  • Ian and Anon John are both correct.

    And Michael, you may well be able to send encrypted messages that the authorities cannot decypher but (and as I have tried to explain to you) so bleedin’ what?

    The powers now vested in the state and its agents mean that they do not have to know or be able to prove what was written in your message. They need only suspect that you have sent an encrypted message, whereupon they can descend upon and demand you tell them what you said in your message and to whom you said it.

    You can either co-operate and tell them what they wish to know (in which case, what bloody good were your encryption skills?) or you can refuse to co-operate and have your entire life royally f*cked up.

    Technology per se cannot change the basic power relationships between citizen and state. It can only re-inforce or cement the power relationships that already exist.

    Libertarians who are depending on technological whizz-bangs to bring about a more liberal order are pissing in the wind.

  • Guy Herbert

    What we have to do first then is not persuade the public to use encryption nor use it ourselves, but suggest to spammers that their messages are much more likely to be read if they do.

  • David Gillies

    Good points all. David Carr: there are algorithms for anonymous remailers, for example, that are immune to rubber-hose cryptography (I know – I wrote one). The basic idea is that the remailer handles the public key encryption and then throws the keys away. Even if the cops subpoena the servers, there’s no way to get the plaintext. There are also steganographic techniques that can embed a so-called subliminal channel into an innocuous message such that it is impossible even in principle to demonstrate that the message contains hidden information.

    In general, however, David is correct: horror-show laws like RIPA reduce the utility of cryptography considerably. Further to the discussion of expats below, this is another reason why I left the UK.

  • Perry,

    Unfortunately as soon as this sort of technology becomes viable you can be sure that the government will impose ‘licensing restrictions’ on ownership and use of the necessary equipment, if not an outright ban on its use on penalty of imprisonment.

    Other commenters here have already mentioned the RIP Act, which exists to effectively render current encryption technology useless for Britons and perhaps to stem the growth of widespread use of e-mail encryption in the future and you can be sure that GCHQ monitor which people regularly send encrypted e-mail to each other and how often and what subjects their e-mails use (if they’re silly enough to include plain text subject lines). This problem can only be tackled with more advanced technology such as that mentioned above by David Gillies.

    Britons at large do tend to believe that ‘if you’ve nothing to hide, you’ve nothing to fear’ and they might no doubt welcome legislation outlawing encryption outright, which HMG would jump at the chance to implement if not for the widespread distribution of encryption technology around the world made possible by the Internet and folks like Phil Zimmerman. Blunkett is probably just waiting for what he feels is the right moment at which to announce that ’90 percent of people encrypting their e-mail are plotting acts of terrorism’ or that ‘encryption technology is primarily used by paedophiles trading photos’.

  • David

    Technology per se cannot change the basic power relationships between citizen and state. It can only re-inforce or cement the power relationships that already exist.

    Libertarians who are depending on technological whizz-bangs to bring about a more liberal order are pissing in the wind.

    When technology becomes cheap enough to be all-pervasive, the state cannot do anything to stop it, and this does empower individuals. The printing press broke the monopoly power of the medieval guilds and spread education to the masses. Mr. Colt was the great equalizer. It might be argued that technology made slavery inefficient, and this had as much to do with ending slavery as liberal ideas did. Governments are impotent to stop transnational data flows. Freedom of speech is more secured today by technology, not the First Amendment. The next time libertarians try to start a new society on some unknown pacific island, they’ll take some nukes with them, and tinpot govts will be more than reluctant to attack them as in past such experiments.

    When cryptography creates a user-friendly anonymous digital cash protocol and when entrepreneurs make it easy enough for the common man to use, the ability of governments to tax will be severly limited.

    I have to disagree with your conclusion. Technology is individually empowering to those that embrace it.

  • Jonathan,

    When technology becomes cheap enough to be all-pervasive, the state cannot do anything to stop it, and this does empower individuals

    You will be sure to let me know when that has happended, won’t you.

    The printing press broke the monopoly power of the medieval guilds and spread education to the masses.

    The trouble now is not that the masses have no information but that they are drowning in it.

    Mr. Colt was the great equalizer

    Provided you are allowed the RKBA and use them in your defence. By the way, I cannot help but notice that RKBA in the USa has not stopped the enormous growth of the Federal State and such horrors as asset-forfeiture, Patriot Act etc.

    Governments are impotent to stop transnational data flows.

    Governments are not threatended by this.

    The next time libertarians try to start a new society on some unknown pacific island, they’ll take some nukes with them, and tinpot govts will be more than reluctant to attack them as in past such experiments.

    Oh Lord!! Jonathan, there have been several attempts at creating a ‘Galt’s Gulch’ and they have all collapsed amid acrimony, in-fighting and widespread fraud. Not going to happen. Besides, if you fondly imagine that the major powers are just going to sit idly by while a bunch of nerdy libertarians try to drag some H-bombs off to the South Pacific then, with respect my friend, you need your head tested.

    And what are you going to do with them thar’ nukes anyway? Not much help if you’re being starved out.

    When cryptography creates a user-friendly anonymous digital cash protocol and when entrepreneurs make it easy enough for the common man to use, the ability of governments to tax will be severly limited.

    Another pipe dream, I’m afraid. There have been several attempts to create ‘anonymous cash’ and they have all failed for the simple reason that anonymity is useless. What you need for any tokens of exchange is widepspread acceptibility. Try and pay for your groceries in e-gold, see how far that gets you.

    Jonathan, I love your enthusiasm but I have heard all of this before. The availability of lots of shiny whizz-bangs does not mean ’empowerment’. It just means a better quality of bread-and-circuses. True empowerment is always De Jure not De Facto

  • Doug Collins

    The comment was made earlier that there was no practical need for quantum cryptography because public key encoding cannot be decoded without having to factor a very large number – a nearly insurmountable problem for conventional computing.

    Ironically, that is one of the strengths, at least theoretically, of quantum computing. Algorithms to factor large numbers already exist even though the hardware to run them does not.

    At least I think it does not exist. However I have to wonder what was used to encode and transmit the quantum encrypted messages? I think this is a less hardware intensive process than factoring a large number, but I’m still trying to understand this stuff and could very well be wrong.

  • Guy Herbert

    Unfortunately as soon as this sort of technology becomes viable you can be sure that the government will impose ‘licensing restrictions’ on ownership and use of the necessary equipment, if not an outright ban on its use on penalty of imprisonment.

    Actually they tried that already… until they realised it wasn’t necessary, and might even be counterproductive. The only survival in the UK is a vestigial power to regulate for key escrow for digital signatures on commercial documents to be valid. As far as I know its never been actioned. (I’ve a feeling it would fail at law if anyone could be bothered.)

  • Guy Herbert

    Oh, and:

    Governments are impotent to stop transnational data flows.

    Governments are not threatended by this.”

    Well some are. When they are (China, Saudi Arabia, Cuba, Burma) they work hard to stop it, and often succeed.

  • Richard Platt

    Doug Collins is correct. In particular, one algorithm to factor large numbers is designed to run on a quantum computer. This exists only on paper so far, but if practical quantum encryption is likely in the future, I think quantum decryption methods making public key cryptography useless may not be far behind.

  • David Gillies

    The ‘quantum’ in quantum cryptography and quantum computing is referring to two different animals (although they do both depend on the bizarre quantum mechanical property of ‘entanglement’). The technical challenges behind a quantum computer capable of implementing Shor’s factorisation algorithm are utterly huge. Quantum cryptograhy is trivial by comparison. And Shor’s algorithm will still only work for public key ciphers – the underlying symmetric key ciphers are unaffected. Apart from that, it becomes exponentially harder to build a quantum computer as the number of qubits goes up. If everyone switches to 16384-bit primes for their RSA modulus then the problem becomes nearly intractable.

    David Carr: digital cash systems have failed in the past because of their insistence on being regarded as a medium of exchange, But cash is not merely a medium of exchange – it is a store of value.

  • Doug Collins

    “But cash is not merely a medium of exchange – it is a store of value. ”

    But must it necessarily be both? Certainly there are things (like real estate) that are stores of value but not mediums of exchange, why not the reverse?

    In fact, if I read Von Mises correctly, he makes the argument that money is only a medium of exchange – unless you hide it in the mattress. If you bank it, you will get bank credit, but your money is loaned out to someone else, who will spend it and pass it on again. The credit is a store of value, but I think the argument can be made that the money itself -the coins or the banknotes- are largely a medium of exchange. If you do not allow it to circulate, you will receive no interest income from anyone for it. A non interest paying account is merely a more secure sort of mattress.

    In fact the term ‘medium’ in one sense is very apt. Other mediums, such as air, water or the mythical luminiferous ether, transmit waves and in so doing can transmit information. Money itself is dumb, like a drop of water. But in the course of its exchange, the price information that is impressed on it is transmitted to anyone who cares to receive it.

  • Secret Squirrel

    David Carr: “There have been several attempts to create ‘anonymous cash’ and they have all failed for the simple reason that anonymity is useless.”

    Having followed most of the attempts to create anonymous digital cash, I think none of them failed due to the uselessness of anonymity. In fact, anonymity is so useful for those who wish to avoid coercion in their transactions, that the State is rather keen to use other techniques to prevent their success.

    If anonymity was so useless, why the need to rabidly create identity legislation, particularly in an attempt to control money laundering.

    How can anonymity be useless, when it allows truly free speech, speech disconnected from the physical realm, and thus cannot be coerced.

    If you’ve heard it all before, I conclude that you have some killer, but unspoken, reason that anonymity is of no use to those who wish to avoid State coercion. Or perhaps you just failed to understand why it was useful.

    I suspect the latter.