Taken from the Guardian Unlimited:

Anyone who sends an email or bids on eBay with a niggling fear about privacy may soon be able to relax. Programmers have made a major breakthrough in their quest for a totally secure computer network by turning to Star Trek-style physics that would bamboozle the sharpest hacker.

Quantum cryptography is the ultimate example of small-is-beautiful technology: information is encoded at the subatomic level on individual photons, the smallest known units of light. They can then be sent on optical fibre networks from one computer to another. To snoop on such messages undetected, a hacker would have to defy the laws of quantum mechanics.

'Any attempt by the hacker to read the message causes errors that show up. This results from a proven law of nature,' said Dr Andrew Shields, leader of Toshiba Research Europe's quantum information group.

Previous experiments with quantum cryptography foundered because photons are so sensitive to fluctuations in the hardware that the tiniest change in temperature or movement of the fibre wrecked the process.

But Toshiba Research Europe in Cambridge has devised a system that prevents fluctuations and keeps light particles flowing precisely. A recent trial sent information automatically and uninterruptedly for nearly a week.

Toshiba predicts the technology will become commercial within three years, and is looking to begin further trials with financial organisations. Shields said: 'It means quantum cryptography can be used by anyone. The first users are likely to be in the financial and public service sectors. It might take a while before it is used by your home PC.'

Quantum cryptography encodes each photon to represent a standard bit, 0 or 1, and these in combination form a secret key. In today's typical optical communication system, each bit is carried by a million photons, and an eavesdropper could split off some photons and determine the information they were carrying without being detected. But with the quantum technique the theft of a single photon is immediately apparent to the sender and receiver of the message.

---

:clap:

there will be a way round it... there always is ;)

Quantum cryptography is nothing new in the news anyways, they've been doing it for years, theres even a degree on quantum cryptography and quantum computation, I think it even includes theories on how teleportation would be possible...

I know because I was going to do it, but then I messed up my A levels and also I decided I didn't want to go to Loughborough cus it's mega expensive and full of posh people that wouldnt take a yorkshire lad seriously :P

anyways, if someone wants to find a way round this problem, they will... people are always coming up with new sets of security and stuff and it always gets beat... look at DVD's they were cracked before they even went commercial... lol

its a never ending struggle, some one invents something, people want to prove their intelligence by defeating it... it's called a challenge... nobody wants to break into the pentagon, but the fact that its a challenge attracts SO many people :P

it sounds like they've mixed several ideas up in the article.

Quantum entaglment allows you to send a signal and whether it's encrypted or not it cannot be intercepted without alerting the receiver. This is a phsyical fact, there is no way anyone will be able to figure out a way around it.
Cryptography on the other hand is always theoretically open to attack. It just becomes increasingly improbable that someone could crack it in the lifetime of the universe. Although as quantum bits are used to create the encryption they will be open to attack by other quantum computers, so it probably won't be that much more secure than today.
Saying that it is currently unfeasible to crack any decent length key based on a secure algorithm.

Most hacks that take place today do not rely on the breaking of encryption or anything so sophisticated. They are either socially engineered tricks where a user gives up his password to a 3rd party, or software bugs that are exploited to circumvent the encryption and authentication.

When the info travels from A to B it is expected to get there in a pre calculated time... any form of tapping the line will have an effect on the speed the data gets send. My guess is they will have a system in place which detects any loss of speed, even if we're talking ms... and will shut down the data stream or encrypt the code again during transmission.

If the above is possible then the only way to access the data is either at the root or the receiver... which is impossible unless you're physically on the inside and behind the terminal.

Originally posted by Cyclone
Saying that it is currently unfeasible to crack any decent length key based on a secure algorithm.


Not true, Kevin Mitnick managed to break a large number of secure algorithms using large numbers of state funded university computers. As have many others...

Originally posted by J-Blaze
If the above is possible then the only way to access the data is either at the root or the receiver... which is impossible unless you're physically on the inside and behind the terminal.

or you exploited the software/OS and gained external access to the system?

why be a sitting duck packet sniffing in a company when you can socially engineer a password onto the system and then work your way through some exploits to get overall access of the system?

as I said, where there's a will, theres a way... theres always a way... things like distributed computing have proven that even large encryption keys can be cracked eventually with enough power... and theres more and more faster CPU's every day... how long has 128bit SSL encryptiong been the standard? too long is my recconing

Originally posted by xafier
or you exploited the software/OS and gained external access to the system?

Thus being impossible as only traffic encryped in the required manor will be able to communicate with the desired computer.

why be a sitting duck packet sniffing in a company when you can socially engineer a password onto the system and then work your way through some exploits to get overall access of the system?

What do you mean by this? Phone them up and ask for the passwords? What's it got to do with packet sniffing? You simply cannot gain "overall" access to the system.


as I said, where there's a will, theres a way... theres always a way... things like distributed computing have proven that even large encryption keys can be cracked eventually with enough power... and theres more and more faster CPU's every day... how long has 128bit SSL encryptiong been the standard? too long is my recconing

One day there may be, but for now it's rock solid.

Originally posted by J-Blaze
When the info travels from A to B it is expected to get there in a pre calculated time... any form of tapping the line will have an effect on the speed the data gets send. My guess is they will have a system in place which detects any loss of speed, even if we're talking ms... and will shut down the data stream or encrypt the code again during transmission.

If the above is possible then the only way to access the data is either at the root or the receiver... which is impossible unless you're physically on the inside and behind the terminal.

what they are talking about is to do with quantum states, not to do with the length of time things take to travel a known distance.
if a quantum bit (qbit) is encoded with spin, it is possible to measure that spin later on. But the act of measuring the spin destroys it. It is impossible to re-entangle the photon with the original (because that's somewhere else), so the information that the hacker got (from what's known as a man in the middle attack) never reaches the intended target. So they know that there is an attack taking place.

128 bit SSL hasn't been cracked, and it's trivial to start using 256, 512, 1024 bit keys.
The only way it can be cracked is if the algorithm fails, not to brute force.

Technology has no effect on the weakest point of any system, the users.