« BackUnforgeable Quantum Tokens Delivered over Fiber Networkspectrum.ieee.orgSubmitted by pseudolus 4 days ago
  • amluto 10 hours ago

    Does this have anything resembling details? The press release is here:

    https://www.nec.com/en/press/202411/global_20241118_01.html

    And it has goodies like:

    > Token: A digital certificate indicating certain rights and values, such as digital assets, user information, and access rights.

    That is not much detail.

    > Quantum key distribution (QKD) systems use quantum mechanics to share random secret keys between two communicating parties in order to guarantee secure communication, and then encrypt and decrypt information based on those keys. (Patented (as of November 18, 2024))

    This sounds like rather old technology. What exactly is novel here?

    In any case, the article’s drawing makes it look like the customer’s “token” is some classical information. This cannot work.

    • xyzzy123 4 hours ago

      Is there any projected practical use for QKD apart from being a jobs program for researchers?

      (This is a thing I am fine with, research is research and it doesn't necessarily need a near-term practical outcome, but why is it "sold" to the public as though there is some useful capability coming just around the corner?).

      Who would use dedicated fiber to get secrets between point A and point B? Am I just insufficiently imaginative?

      Whenever I read these headlines I am reminded of how much biological research needs to have a "could one day cure cancer" to give funders and journalists a hook.

      • londons_explore 20 hours ago

        I am worried about the future of quantum tokens...

        Whilst theoretically they are secure, I worry about potential huge side-channels allowing leaking of the key...

        All it takes is a few extra photons emitted at some harmonic frequency for the key to be leaked...

        I would much prefer dumb hardware and clever digital software, because at least software is much easier to secure against side channels, and much easier to audit.

        • Strilanc 18 hours ago

          In principle quantum communication has no side channels because side channels act like measurements, and measurements make it not a functioning quantum channel in the first place. So you need to have already solved side channel issues for basic function.

          That said, wherever you convert the quantum data into classical data there will be potential side channels. For example, there have been attacks based on using a laser down the communication line to track the orientation of the measurement device at the receiver.

          In general, the more you can do while the data stays quantum the better. For example, if you transduce the photon into a qubit inside a quantum computer, then the measurement can be hidden away inside the computer, instead of exposed to the communication line. And the measurement basis can be chosen after transmission arrival, instead of before.

          • robryk 11 hours ago

            The larger issue for most quantum key exchange setups is the transition from classical to quantum: you want not to accidentally generate two unentangled photons in the same secret polarization.

          • UltraSane 17 hours ago

            Isn't the entire security of Quantum Communication predicated on its complete lack of side-channels due to the fact that measuring quantum systems collapses their wave function?

            • TachyonicBytes 17 hours ago

              Yes, in theory. In practice, photon generators won't behave perfectly. There are lots of possible attacks, like photon splitting [1].

              [1] https://onlinelibrary.wiley.com/doi/full/10.1002/qute.202300...

              • gus_massa 12 hours ago

                Once you put error correction, doenn't you lose all the nice properties of the non cloning theorem? If the protocol tolerates 30% of errors, doesn't it tolerate 30% of MITM? (60%??)

                • TachyonicBytes 9 hours ago

                  You don't need error correction for some crypto primitives. There are QKD networks deployed that don't have that kind of error correction, as far as I know.

            • joshmarinacci 12 hours ago

              Security is never about absolutes. It’s about relative costs vs the attacker. It seems like this system adds a strong enough layer of security over the transport that the attacker would switch to going after the endpoints instead.

              • TachyonicBytes 17 hours ago

                With quantum tokens, law enforcement have to crack your physical devices, so they at least have to good-old-fashion bug your devices. With classical schemes, they can intercept on the way.

                I wouldn't say that current side-channels, most certainly enabled by hardware, not software, are easier to audit.

                • Vecr 15 hours ago

                  I don't think that's true. If you're paranoid you can build a very simple and easy to audit device that lets packets through exactly every x microseconds, with a short buffer to prevent timing via dropouts.

                  Works fine for digital, doesn't work for quantum stuff.

                  • foolfoolz 14 hours ago

                    “lawful intercept” can be mandated to be built into anything

                  • tucnak 18 hours ago

                    Hybrids?

                  • yowayb 4 hours ago

                    How does a quantum state travel through fiber? Does it simply maintain state naturally during the journey?

                    • conartist6 3 hours ago

                      I keep thinking the headline says "unforgivable tokens"