Category Archives: Cryptography

Nanowire photonic chip detects single photons

Posted on by

Researchers at the Massachusetts Institute of Technology (MIT), IBM and NASAs Jet Propulsion Laboratory have built an array of light detectors on a photonic chip that can efficiently record single photons. Such devices will be essential elements of future quantum technologies, such as quantum cryptography and optical quantum computers.

We would like to one day build a photonic quantum processor on a chip, and single-photon sources and detectors are crucial components for such a chip, explains team member Faraz Najafi at MIT.

While classical computers store and process information as "bits" that can have one of two states ("0" or "1"), a quantum computer exploits the ability of quantum particles to be in "superposition" of two or more states at the same time. While a single quantum bit (qubit) can be in two states simultaneously, two qubits can be in four states simultaneously, and so forth, explains co-team leader Dirk Englund of MIT. What is more, the number of states that the 'quantum registers' occupy simultaneously grows exponentially with the number of qubits in it.

Information processing based on such quantum devices could, in principle, outperform classical computers at certain tasks, such as simulating inherently quantum mechanical processes in nature, breaking cryptographic codes or implementing highly parallel machine learning, he adds. Another important aspect of such quantum systems is that the quantum particles can also become entangled. Entanglement allows particles to share a much closer relationship than classical mechanics allows, so data is transferred instantaneously between entangled particles regardless of how far apart they are.

Photons could be ideal for information processing because they can easily be entangled (compared with other physical particles) and because they can be moved around easily. Photons also travel great distances through optical fibres or even air without losing their quantum nature.

Real-world quantum computers will require up to hundreds of qubits to work because they need to go through numerous controlled quantum operations. To scale up such systems, the single photons would ideally need to be supplied deterministically that is, one by one and detected individually too. These photons also need to be detected efficiently.

Superconducting nanowire single-photon detectors (SNSPDs) are one of the most promising single-photon detectors available today. However, they are very sensitive to nanoscale defects, and only a few out of every 100 deposited on a chip using standard manufacturing techniques function properly.

Now, researchers led by Englund and Karl Berggren, also of MIT, have developed a technique in which they can build these detectors separately and then integrate functioning detectors into an optical chip. The optical chips can be fabricated separately using standard chip manufacturing techniques. Englund and Berggren teamed up with Solomon Assefa of IBMs TJ Watson Research Center in New York for this part of the work. Their technique can be used to not only build denser and larger detector arrays, but the finished devices are also more sensitive to incoming photons. Indeed, the team succeeded in building detectors that could register 20% of incoming photons this was an improvement of about 10times compared with previous approaches.

Our process is about bringing two components together: the high-speed SNPSD and a photonic waveguide that channels the light onto our photonic chip, Najafi tells nanotechweb.org. We fabricate the SNSPD and the waveguide separately that way, we are able to use processes routinely employed in the semiconductor industry to obtain a good waveguide.

The researchers made hundreds of SNPSDs on thin micron-sized membranes and tested every detector individually to find out which worked the best. They then picked up these good devices and transferred them onto a waveguide under an optical microscope.

Link:
Nanowire photonic chip detects single photons

Trojan horse attacks threaten the security of practical quantum cryptography – Video

Posted on by


Trojan horse attacks threaten the security of practical quantum cryptography
Video abstract for the article #39;Trojan-horse attacks threaten the security of practical quantum cryptography #39; by Nitin Jain, Elena Anisimova, Imran Khan, Vadim Makarov, Christoph Marquardt...

By: NewJournalofPhysics

The rest is here:
Trojan horse attacks threaten the security of practical quantum cryptography - Video

Malware Could Steal Data from iPhones Using Siri

Posted on by

A pair of computer scientists based in Europe have found a security vulnerability in the iPhone 5 series of smartphones that could be exploited by malicious software and compromise a users personal information. And the gatekeeper that makes this possible is Siri, they report in the January issue of IEEE Computer.

The security flaw relies on steganographythe practice of hiding a message within another message. Its related to cryptography (and oftentimes used jointly), but whereas cryptography is the concealment of a messages contents, steganography hides the fact that a secret message is being sent at all. Classic examples include embedding a message in a digital photo. But the computer scientists involved in the iPhone exploit have also found ways to hide messages using the network protocols of Skype calls, Google searches, Bit Torrent, and Wi-Fi.

For steganography in computer systems explains one of the Siri steganography inventors, Warsaw University of Technology computer scientist Wojciech Mazurczyk, its important to take and embed secret data into a carrier in such a way that it will look like it was not modified. It needs to look like normal network traffic.

Smartphones could be a prime target for a steganographic attack. They are bloated with personal and sensitive information and increasingly targeted by malware. Whats more, steganographic threats are bigger in instances where applications offload data to a cloud server, such as voice-based applications like Siri, says Mazurczyck.

So he and his colleague Luca Caviglione, from the National Research Council of Italy in Rome, decided to see if they could create a steganographic attack on the iPhone or iPad. Mazurczyk says their goalthe latest in a string of other steganography projects he has worked onwas to get the attention of the security community. Current security systems are not able to counter steganography very well. The result is called iStegSiri.

Its especially difficult in communications networks, he says, because there are different types of traffic, different types of protocols. Each different service is related to one or a number of protocols, and each of them can be used for information hiding.

On an iPhone, Siri digitally records what the user is saying in the microphone, forms it into packets, sends the packets off to a remote cloud server operated by Apple, and receives a text response thats relayed to the user. iStegSiri converts a secret messageperhaps data that some bit of malware on your phone has gleanedinto an audio sequence that mimics the alternation of voice and silence found in a typical spoken directive. When the message is sent to the cloud server, a third party unbeknownst to the user or to Apple could inspect the conversation and apply a decoding scheme to extract the data.

The researchers acknowledge that there are plenty of limitations to this trick. For one, in its current iteration, iStegSiri requires deep access to Siri so it only poses a risk to jailbroken iOS devicesthose iPhones and iPads in which standard proprietary constraints have been removed, giving the user access to the operating systems root kit. It also requires access to network traffic that Siri sends to Apples cloud servers.

The researchers have withheld the specifics about iStegSiri to keep it out of the criminal hands. Mazurczyk emphasizes that the aim is to bring attention to the vulnerabilities inherent in voice-based applications. (He and Caviglione have not confronted Apple directly with iStegSiri.) The researchers suggest the best way to counter this kind of security hole are solutions that act on the side of the server, such as dropping any connections to the server that involve suspicious audio patterns that deviate from typical language behaviors.

Advertisement

Read more from the original source:
Malware Could Steal Data from iPhones Using Siri

No Country For Any Business: Imagining Britain Without Encryption

Posted on by

Its January 2018, just less than threeyears after David Cameron secured a second-term as Prime Minister largely thanks to a Labour Party bereft of a true leader, variousgaffescommitted by the far right UK Independence Party, and an almost non-existent showing from the Liberal Democrats. But the polls have turned against Cameron. Though the recent return of Tony Blair as Labour leader has brought his party back from the brink, its theeconomy tilting back into recession and a general sense of social unease that are causing many to call for Camerons resignation.

The economic strife has partly been brought about by a general decline in business activity. Many foreign firms have fled the country due to the speedy introduction and enactment of the Anti-Terror Communications Act 2016, which was spawned shortly after the Charlie Hebdo attacks in Paris and implicitly outlawed the use of encryption in modern communications technologies. As many businesses use such comms systems, this has perverselyopened up more corporatedata to criminals and intelligence agents from countries seeking to establish digital espionage operations inside organisations across industries. Technology providers, including Apple Apple, Google Google, Facebook and Microsoft, have been asked to either make the algorithms that generate encryption keys more predictable and therefore weaken their offerings with backdoor access, or grant governments access to those keys. Some have decidedto close their respectiveUK shops in protest. Others are simply being as uncooperative as they can.

Even native companies are looking for new homes. The worst impact has come from the rapidly diminishing finance industry of the capital, where banks, who rely on off-the-shelf encryption technologies as much as terrorists do, have decided to move operations to less repressive environments.The once-burgeoning technology industry has been eviscerated, as the UK is deemed a backwards country afraid of secure systems, meaning more significant job cuts across London, Manchester, Cambridge and other tech hubs. Property is one of only a few industries left unharmed by the Act, thanks to the continuing foreign investment in flats and homes that remain uninhabited.

The government has refused to say whether any terrorist plots have yet been foiled thanks to the introduction of the law, such has been the blanket reticence of the Cameron regime in recent months. Freedom of Information requests have revealed the strengthened Regulatory and Investigatory Powers Act (RIPA) has been used more than 12,000 times in the last year by the Metropolitan Police alone, but in a third of cases those on the receiving end were journalists and human rights activists. Again, theres no information on the number of extremist plots uncoveredby police or agents using the laws. Its believed the few terrorists who are planning attacks continue to use open source encryption toolsstill available to those with the wherewithal to employ them. For what has citizens privacy has been obliterated?

Meanwhile, cyber crime has spiralled out of control, as hackers have repeatedly uncovered the governmentbackdoors installed in servers across UK data centres. Data loss has grown 100 per cent in just a year. Almost every server is now considered compromised by malicious hackers and government spies

Prime Minister David Cameron

All this, in early 2015, does not seem like an impossible future, though the return of Blair to the political classes might be a prophecytoo far. But this isthe nightmare Cameron appears willing to coax into existence with his bizarre, technologically-illiterate insistence the government should be able to circumvent all protections on general communications so that every message sent inside the country can be read by the state. Outside of the obvious detrimental effects on freedom of speech and privacy, and the questionable impact itwould have on real-world terrorism, its apparent the British economy would also suffer greatly.

Take the word of a company that provides web encryption and security services for a number of UK government websites, CloudFlare. Its CEO Matthew Prince told Forbes finance firms would have good reason to relocate if Cameron got his quasi-Orwellian state. If youre a large financial institution working out of the City and all of a sudden youre not able to use strong crypto, then thats a reason to locate less of your infrastructure in the City, Prince said.

Tech firms, especially those in the US, will either push back or pull out of the UKaltogether. Britain has no effective sovereignty. Most online services are run by US startups who frankly dont give a toss about Cameron thinks. Instagram, for example, had only 11 employees when Facebook bought them; they already had hundreds of millions of users. Firms like that dont answer the phone, not even to users, and certainly not to foreign policemen, said professor Ross Anderson, from the cryptography team at the University of Cambridge.

Fundamentally, Google, Apple or CloudFlare are about securing users trust if were ordered to do something which is inherently about weakening the technical protection of that trust, that is anathema to what were trying to do, Prince added. Its safe to say tech companies would push back fairly strongly. Whilst there wouldnt be a mass exodus, there would likely be a diaspora who relocated to countries where they have better guarantees around their civil liberties and the security of their operations.

See original here:
No Country For Any Business: Imagining Britain Without Encryption