Category Archives: Cryptography

The Space-Based Quantum Cryptography Race

Posted on by

Europe and China are gaining the upper hand in the race to bounce perfectly secure messages off satellites in low Earth orbit.

One of the great benefits of quantum communication is the ability to send messages from one point in space to another with perfect security. Not so great is the fact that so-called quantum cryptography is limited to distances of around 100 kilometers.

Thats because over longer distances, photons tend to be absorbed by the glass in fiber-optic cables and by the atmosphere when beamed from one location to another. That causes errors that are too great for perfect privacy.

But there is a potential way around thisto send photons to an orbiting spacecraft, which then retransmits the message securely when it is over another part of the planet. Thats possible because the photons traveling straight up only have to negotiate a few tens of kilometers of the atmosphere before reaching space.

So its not surprising that governments all over the world are keen on exploiting space-based quantum cryptography. Indeed, last year we reported on a Chinese team that had successfully reflected individual photons off an orbiting satellite, to simulate a satellite sending photons to the ground.

The Chinese team said the demonstration was a crucial step toward space-based quantum cryptography. However, the ability to send single photons from orbit and receive them on the ground is not enough.

A key factor is the error rate in this process. If the error rate is above 11 percent, quantum cryptography does not work.

So an important unanswered question is whether the error rate is small enough.

Today, we get an answer thanks to the work of Giuseppe Vallone at the University of Padova in Italy and a few pals. These guys have bounced polarized photons off a number of different satellites and measured the error rate in the photons that return to Earth.

See original here:
The Space-Based Quantum Cryptography Race

Kristov Atlas: Anonymous Bitcoin, Cryptography and Online Safety – #203 – Video

Posted on by


Kristov Atlas: Anonymous Bitcoin, Cryptography and Online Safety - #203
Anonymous Bitcoin, Cryptography and Online Safety Pt. 1 An Interview with Kristov Atlas #203 Links: Gnostic Media: http://www.gnosticmedia.com Kristov Atlas is a network security and privacy researche...

By: GnosticMedia

Excerpt from:
Kristov Atlas: Anonymous Bitcoin, Cryptography and Online Safety - #203 - Video

Fusing physics, cryptography to solve a nuclear inspection paradox

Posted on by

The solution to ridding nations of nuclear warheads may come from a simple puzzle involving marbles.

That, at least, is what lies at the core of a warhead verification protocol designed by a Princeton University team, published this week in the journal Nature.

Physicist Alexander Glaser, who has one foot in the public policy school and the other in the engineering faculty at Princeton, was puzzling over an apparent paradox: How can you authenticate something without revealing anything about it? After all, nobody wants a foreign inspector seeing how a warhead is made.

The standard answer thus far has been to design an electronic gizmo to mask the classified information but still spit out a yes/no answer. Such information screens, however, could be hacked.

Glaser happened to vent his frustration to the right people: mathematicians who tinkered with zero-knowledge proofs.

I said, the challenge is to do it without learning anything, and they said, what about what we call zero-knowledge proofs?

Glaser hadnt heard of such a thing. He reached out to Boaz Barak, a former Princeton associate professor working for MicrosoftResearch, and fellow Princeton plasma physicist Robert Goldston. The trio set out to take zero-knowledge proofs into the nuclear age.

Personally, I just find its a fascinating and counterintuitive statement, that I can prove something is true without revealing why something is true, said Glaser.

A classic zero-knowledge proof involves a secretive marble owner. He has two cups holding the same number of marbles, between 1 and 100, and wants to prove they are equal. But he doesnt want to pour out the marbles for counting. So, the secretive marble owner strikes a deal: Hell prepare two buckets, each holding 100 marbles minus the number of marbles he has in each cup, and then allow an inspector to randomly match an unseen cup and an unseen bucket.

The owner then pours the contents of the chosen cup into the chosen bucket, and hands over the bucket for counting. It should add up to 100. So should the other bucket with the other cup's contents.The inspector has verified what the marble hoarder claimed, but still does not know how many marbles he had.

More here:
Fusing physics, cryptography to solve a nuclear inspection paradox

Stronger Keys and Faster Security with ECC

Posted on by

Anyone who has been involved with security knows there is a balance to providing both security and privacy and performance at the same time. Security is often blamed for performance woes, particularly when cryptography is involved.

SSL and TLS have long addressed this balance by leveraging custom-built hardware to enhance the performance of the most taxing components of these protocols: session setup. The "easy" part of securing communications (if one can use easy with respect to cryptography) is bulk encryption. While certainly more taxing on performance than clear text, relative to the more complex and compute intensive process of the handshaking required to set up such sessions, easy is an appropriate term.

Moore's Law is often cited as providing the increases in computer power necessary to offset the performance tax imposed by secure protocols. Unfortunately while this would be true if all other factors remained constant, the reality is that other factors are also changing and impose additional burdens on the protocol that often negate the gains made by Moore's Law. Key lengths, for example, continue to grow to combat the increase in compute power that makes it easier to brute-force crack a cryptographic key and new challenges with respect to privacy are changing the frequency with which those keys are generated.. There are also occasionally leaps in the mathematic realm that find ways to more quickly compute the hard problem that the cryptographic algorithm uses, but those are rare and dont march at the steady pace that compute power increases do.

PFS (Perfect Forward Secrecy), for example, has been offered as a way to combat potential snooping by third-parties (read: governments) by requiring the generation of ephemeral (short lived) keys for each new session. This has the effect of imposing an extra cryptography tax" on communications over and above the already expensive handshaking process required by secure protocols like SSL.

Accompanying the introduction of PFS has been a move to take advantage of ECC (Elliptical Curve Cryptography). One of the primary benefits of ECC is that it can provide comparable security with shorter key lengths to RSA with longer key lengths. When you're generating ephemeral keys on a per-session or per-message basis, the shorter key length helps reduce the burden imposed by the additional cryptographic functions.

Now, the problem is that cryptography is still compute intense and even leveraging ECC for PFS you're still going to incur performance penalties in setting up the session. Certainly custom cryptographic hardware acceleration would be a boon, but in cases where software-only solutions are desired, this is problematic. So the question is, how do you support enhanced security with PFS and ECC while still achieving blazing fast performance and extreme capacity?

Obviously I'm about to tell you, so read on...

Next-Generation Cryptography

LineRate achieves what sounds like the impossible: really fast, really scalable secure communications in a software solution deployed on commodity hardware.

Read more:
Stronger Keys and Faster Security with ECC