On 07/01/2007 05:55 AM, Peter Gutmann wrote:
One threat model (or at least failure mode) that's always concerned me deeply
about QC is that you have absolutely no way of checking whether it's working
as required. With any other mechanism you can run test vectors through it,
run
At 5:11 PM -0400 7/2/07, John Denker wrote:
By that I mean:
-- the integrity of DH depends fundamentally on the algorithm, so you
should verify the algorithmic theory, and then verify that the box
implements the algorithm correctly; while
-- in the simple case, the integrity of quantum
Alexander Klimov [EMAIL PROTECTED] writes:
So what kind of threat models does it address, and what does that say about
the kinds of customers who'd want it?
One threat model (or at least failure mode) that's always concerned me deeply
about QC is that you have absolutely no way of checking
At 08:51 AM 6/28/2007, Alexander Klimov wrote:
I suspect there are two reasons for QKD to be still alive.
First of all, the cost difference between quantum and normal
approaches is so enormous that a lot of ignorant decision makers
actually believe that they get something extra for this money.
On Jun 29, 2007, at 10:44 AM, Steven M. Bellovin wrote:
It's very valid to criticize today's products, and it's almost
obligatory to criticize over-hyped marketing. As I said, I don't
think
today's products are useful anywhere, and the comparisons vendors draw
to conventional cryptography
I'm unhappy with the tone of the discussion thus far. It's gone far
beyond critiquing current products and is instead attacking the very
concept.
Today's cryptography is largely based on certain assumptions. You
can't even call them axioms; they're far too weak. Let's consider
RSA. We *know*
I suspect there are two reasons for QKD to be still alive.
First of all, the cost difference between quantum and normal
approaches is so enormous that a lot of ignorant decision makers
actually believe that they get something extra for this money.
If you tell a lie big enough and keep repeating
On Jun 26, 2007, at 10:10 AM, Nicolas Williams wrote:
This too is a *fundamental* difference between QKD and classical
cryptography.
What does this classical word mean? Is it the Quantum way to say
real? I know we're in violent agreement, but why are we letting
them play language games?
On 6/25/07, Greg Troxel [EMAIL PROTECTED] wrote:
1) Do you believe the physics? (Most people who know physics seem to.)
For those who would like to know a little more about the physics, see:
http://www.icfo.es/images/publications/J05-055.pdf, Quantum Cloning,
Valerio Scarani, Sofyan
On Tue, Jun 26, 2007 at 02:03:29PM -0700, Jon Callas wrote:
On Jun 26, 2007, at 10:10 AM, Nicolas Williams wrote:
This too is a *fundamental* difference between QKD and classical
cryptography.
What does this classical word mean? Is it the Quantum way to say
real? I know we're in violent
Victor Duchovni [EMAIL PROTECTED] writes:
Secure in what sense? Did I miss reading about the part of QKD that
addresses MITM (just as plausible IMHO with fixed circuits as passive
eavesdropping)?
It would be good to read the QKD literature before claiming that QKD is
always unauthenticated.
On Fri, Jun 22, 2007 at 08:21:25PM -0400, Leichter, Jerry wrote:
BTW, on the quantum subway tokens business: In more modern terms,
what this was providing was unlinkable, untraceable e-coins which
could be spent exactly once, with *no* central database to check
against and none of this well,
On Mon, Jun 25, 2007 at 08:23:14PM -0400, Greg Troxel wrote:
1) Do you believe the physics? (Most people who know physics seem to.)
Yes.
2) Does the equipment in your lab correspond to the idealized models
with which the proofs for (1) were done. (Not even close.)
Does QKD address a
On Mon, Jun 25, 2007 at 08:23:14PM -0400, Greg Troxel wrote:
Victor Duchovni [EMAIL PROTECTED] writes:
Secure in what sense? Did I miss reading about the part of QKD that
addresses MITM (just as plausible IMHO with fixed circuits as passive
eavesdropping)?
It would be good to read the
On 06/25/2007 08:23 PM, Greg Troxel wrote:
1) Do you believe the physics? (Most people who know physics seem to.)
Well, I do happen to know a thing or two about physics. I know
-- there is quite a lot you can do with quantum physics, and
-- there is quite a lot you cannot do with quantum
On Jun 22, 2007, at 10:44 AM, Ali, Saqib wrote:
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
Victor Duchovni wrote:
Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?
- Quantum Cryptography is fiction (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
I do not really agree on this statement. There are ongoing
- Quantum Cryptography is fiction (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
Well that is a broad (and maybe unfair) statement.
Quantum Key Distribution (QKD) solves an applied problem of secure key
distribution. It may not be
On Thu, Jun 21, 2007 at 01:20:35PM -0400, Victor Duchovni wrote:
Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?
- Quantum Cryptography is fiction (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
- Quantum
On Thu, Jun 21, 2007 at 10:59:14AM -0700, Ali, Saqib wrote:
- Quantum Cryptography is fiction (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
Well that is a broad (and maybe unfair) statement.
Quantum Key Distribution (QKD)
Massimiliano Pala [EMAIL PROTECTED] writes:
Victor Duchovni wrote:
Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?
- Quantum Cryptography is fiction (strictly claims that it
solves
an applied problem are fiction, indisputably interesting Physics).
I do not really
| - Quantum Cryptography is fiction (strictly claims that it solves
|an applied problem are fiction, indisputably interesting Physics).
|
| Well that is a broad (and maybe unfair) statement.
|
| Quantum Key Distribution (QKD) solves an applied problem of secure key
|
At 10:59 AM -0700 6/21/07, Ali, Saqib wrote:
- Quantum Cryptography is fiction (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
Well that is a broad (and maybe unfair) statement.
Quantum Key Distribution (QKD) solves an applied
On Fri, Jun 22, 2007 at 11:33:38AM -0400, Leichter, Jerry wrote:
| Secure in what sense? Did I miss reading about the part of QKD that
| addresses MITM (just as plausible IMHO with fixed circuits as passive
| eavesdropping)?
|
| Once QKD is augmented with authentication to address MITM, the
Leichter, Jerry [EMAIL PROTECTED] writes:
| - Quantum Cryptography is fiction (strictly claims that it solves
|an applied problem are fiction, indisputably interesting Physics).
|
| Well that is a broad (and maybe unfair) statement.
|
| Quantum Key Distribution (QKD)
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
But key exchange is the toughest part. That is where
At 10:44 AM -0700 6/22/07, Ali, Saqib wrote:
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
No,
On Fri, Jun 22, 2007 at 10:44:41AM -0700, Ali, Saqib wrote:
Paul: Here you are assuming that key exchange has already taken place.
But key exchange is the toughest part. That is where Quantum Key
Distribution QKD comes in the picture. Once the keys are exchanged
using QKD, you have to rely on
At 10:44 -0700 2007/06/22, Ali, Saqib wrote:
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
But
Ali, Saqib [EMAIL PROTECTED] writes:
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
But key
On Tue, Jun 19, 2007 at 09:10:12PM -0700, Aram Perez wrote:
On a legal mailing list I'm on there is a bunch of emails on the
perceived effects of quantum cryptography. Is there any authoritative
literature/links that can help clear the confusion?
Quantum Cryptography or Quantum Computing
On Wed, 2004-10-06 at 06:27, Dave Howe wrote:
I have yet to see an advantage to QKE that even mildly justifies the
limitations and cost over anything more than a trivial link (two
buildings within easy walking distance, sending high volumes of
extremely sensitive material between them)
But
Dave Howe wrote:
I think this is part of the
purpose behind the following paper:
http://eprint.iacr.org/2004/229.pdf
which I am currently trying to understand and failing miserably at *sigh*
Nope, finally strugged to the end to find a section pointing out that it
does *not* prevent mitm attacks.
R. A. Hettinga wrote:
http://www.net-security.org/news.php?id=3583
Quantum cryptography finally commercialized?
Posted by Mirko Zorz - LogError
Tuesday, 16 September 2003, 1:23 PM CET
For the onlookers, this article is misinformed and should
not be relied upon for evaluating quantum
34 matches
Mail list logo