back to article Quantum crypto pitches for data centre links

The quantum crypto business is hardly crowded, but ID Quantique is hoping to set itself apart with a 100 Gbps-capable unit. This is hardly consumer kit, however: the target market for the QKD-plus-crypto-engine kit is outfits running multiple high capacity links, either at 1 Gbps or 10 Gbps. Think of inter-data-centre …

COMMENTS

This topic is closed for new posts.

Don't forget one-time-pads are secure

If you really want something secure, generate your own one-time-pad (OTP) by sampling signal noise, and install it at either end in person, and use that for encryption. You then don't need to run multiple rounds, simply Xor the garbage-like key onto the data to make random garbage.

The important thing is to make the key bigger than all the data for the next few years, and to never use the same part of the key twice, so that it never repeats.

[If that is not possible, then you can make an initial key, validate decrypted messages and then send updates to the OTP over the, now, secure link.]

This is an engineering not a crypto solution, it does no rely on the strength of a crypto algorithim and does not become more breakable as the power of computers increase. It is insanely fast, and easy to implement.

So, regardless of what other crypto solutions are used on the network, if you are dealing with trusted-end to trusted-end communications, add the extra OTP layer onto it.

So for example, if there is an internal Parliament communication system between Parliament and UK Cabinet, then that data can be seen by GCHQ and in turn the NSA/CIA/Obama etc. If you were the tech in charge of that link, you could easily add the extra layer of OTP security to that to protect it. Then if it turns out the 'crypto' algo has been backdoored, the link is still secure.

1
1
Silver badge
WTF?

Re: Don't forget one-time-pads are secure

Cute. Now, considering this is a multi. giga. bit. per. second. link, do please detail further how you intend to continuously procure and distribute that amount of high quality OTP data to both ends of the link. Station vagon full of tapes, maybe...?

1
0
Anonymous Coward

Re: Don't forget one-time-pads are secure

An excellent idea. A 10Gbps link should only require 39 Petabytes of key material per year. Where do I sign?

1
0

Re: Don't forget one-time-pads are secure

Simply install another link in parallel and send the OTP data from the generator to the other end. Don't forget to subtract 17 from the numbers to prevent snooping.

2
0
Silver badge

How have they implemented the back door that the NSA required them to include?

1
0
Bronze badge

"How have they implemented the back door that the NSA required them to include?"

As their very first customer was the NSA, I doubt it.

0
0
Silver badge

Listen up, although there will be more, with much more to come

The only virtual security for metadata base management and protection worth anything at all, is the one which offers and cast iron guarantees to cover one's losses with a excessively punitive financial settlement.

Money talks without crooked tongue, Kemo Sabe.

Anything else offered without such a sensibility is applied vapourware in fields of ethereal exploitation.

0
0
Bronze badge

Another misleading title

(see also ``evolution [in] doubt'': http://www.theregister.co.uk/2013/12/05/ancient_human_dna/)

While quantum RNGs are very interesting, and it will be a Good Thing for them to be cheap enough to buy a USB dongle containing one (no more PRNGs?), this is not quantum crypto.

Quantum crypto involves quantum-entangled pairs of particles (``spooky action at a distance'') which require no RNG, and cannot even be intercepted without alerting the endpoints.

If you'd like a fact-checking editor for headlines, you've got my address.

0
0
This topic is closed for new posts.

Forums