>At 11:31 AM -0400 4/20/10, Perry E. Metzger wrote:
>>I wonder why it is that, in spite of almost universal disinterest in
>>security community, quantum key distribution continues to be a subject
>>of active technological development.

Paul Hoffman wrote:
>You hit it: "almost". As long as a few researchers are interested, and
there is money to be thrown down the drain^w^w^wat them, there >will be
active development.

I too once worked exclusively in the world of classical cryptography and
was sceptical of QKD. I now work in both worlds - classical cryptography
and QKD. I now know that QKD can be a part of a high performance, cost
competitive, highly secure system. I found that having an open mind
about new technologies - and I don't mean just QKD - can and does
provide insights that are useful in not only developing those new
technologies, but also in improving existing ones.
Just because "everyone" who claims to be a crypto expert, or a few of
the more well-known popular experts (often the ones with big egos and
loud voices) say that crypto is not the weakest link, or that QKD is a
bad idea, doesn't mean it's true forever, even if you want to believe
that it's true now.

I don't know what the future holds, but when I think about what
technology might be like in 10, 20, 50 years from now, I think back to
what technology was like 10, 20, 50 years ago. Things change. And they
change a lot. I doubt that public key encryption as we know it will
survive the next 50 years. Maybe it won't survive the next 10 or 20
years. Maybe it will - I just don't know. I believe that it's important
to acknowledge what we don't know, and to do our best to mitigate risks
that may come from not knowing. We can of course identify and mitigate
certain risks, even if we don't know all the facts about the risk

I worry when I see critically secure systems being deployed that rely
exclusively on public key cryptography for key distribution. I'm
disappointed when I read and hear comments from people that reject
outright, even the possibility that QKD might be practical, and have a
place in securing our current and future systems.

To respond directly to Perry's comment quoted at the beginning of this
email, I can assure you that there is actually very strong interest in
QKD in the security community. The interest is not purely academic or
oriented towards research. It has a very sound practical, commercial,
and security basis.

-- John Leiseboer, CTO, QuintessenceLabs

Everything expressed by me in this email is my personal opinion. It is
not necessarily the opinion of my employer.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to