Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Your Rights Online

EU To Counter Echelon With Quantum Cryptography? 465

jfruhlinger writes "An article on Security.ITWorld.com seems to outline a coming information arms race. The European Union has decided to respond to the Echelon project by funding research into supposedly unbreakable quantum cryptography that will keep EU data out of Echelon's maw. Leaving aside the question of whether such a thing is possible, the political implications are troubling, indicating a widening rift within the Western world. Interestingly, the UK is part of the EU, but its intelligence services are among Echelon's sponsors."
This discussion has been archived. No new comments can be posted.

EU To Counter Echelon With Quantum Cryptography?

Comments Filter:
  • by Kenja ( 541830 ) on Monday May 17, 2004 @05:19PM (#9177834)
    What I do is send meaningless emails with high encryption to my friends in China. I figure that the NSA may as well spend countless CPU cycles finding out that I just installed the Guild Wars E3 demo rather then on important stuff.
    • by DynaSoar ( 714234 ) * on Monday May 17, 2004 @05:39PM (#9178041) Journal
      "What I do is send meaningless emails with high encryption to my friends in China. I figure that the NSA may as well spend countless CPU cycles finding out that I just installed the Guild Wars E3 demo rather then on important stuff."

      I often enjoy sending such things are core dumps or font files (or maybe plans for a planet-buster nuke, I fergit) compressed twice using two different out dated compression programs (say, ARC on a PC and then ShrinkIt [NuFX] on an Apple II), strip off the archive ID header, UUencode it, strip off the leading cap M's, cut it in half, paste it second half first into an email, and send it with a subject line with likely Echelon trigger words, adding "PS: Call me for the key to decode this." If encryption is outlawed, only
      a8e3 5m0w s3k1 5d9k
      b7f2 7k1l c9r4 3yr5.
      • Better still, send unencrypted streams of data collected from a pure random source (white noise from a microphone placed next to the cooling fan is my favorite). Although, I'm sure they'll be able to decipher this, and find some meaningful message.
      • by Mazzaroth ( 519229 ) on Monday May 17, 2004 @09:04PM (#9179541) Homepage
        I remember using that kind of tactic back then... I was in charge of a research group and we had to produce a huge specification document for friday 17h00. Of course it was not ready on time. So I decided to try something. I first included a few copies of the document (10 or so) in a zip archive, I then encrypted it using PGP, then uuencoded it, performed a shuffling on it and finally zipped-it again and re-PGP it. After removing the heading, I renamed the thing "Spec_1.0.doc" and send it to our customer. Of course we worked all weekend completing the document but at least, it registered, as our contract required, just in time. The customer came back to us one week later saying that they were not able to open the MSWord document. "Oh! (we said), gee! This must be this email thing AGAIN... we've been having this problem lately... let me resend it to you". And I sent the (new, completed and heavily revised) document. The customer were happy because the document were very good, and so were we.

        I think this time-dilatation technique has been called 'Ed's relativistic document delivery' in that company I used to work. I just called it 'creativity by necessity'.
    • Re:What I do is.... (Score:3, Informative)

      by nemesisj ( 305482 )
      I realize this was a joke, etc. but if realistically, it would be your friends in China who would be in trouble in this scenario.

      Encryption is illegal in China, and its use is guaranteed to at least provoke interest by authorities. This is why stegonagraphy has proved to be popular among human rights and anti-Chinese government groups.
  • Uh oh... (Score:4, Funny)

    by ryanvm ( 247662 ) on Monday May 17, 2004 @05:21PM (#9177845)
    The Whitehouse just issued a press release stating that, "Quantum Mechanics is now officially part of the Axis of Evil".
  • by Anonymous Coward on Monday May 17, 2004 @05:21PM (#9177847)
    In other news, a significant minority of people in the EU have already switched to an unbreakable real-time encryption technology, transmissible through the open air. External experts are at a loss; the NSA has made no headway whatsoever against this new threat.

    What is it? It goes by the name 'French'...

    • by cjellibebi ( 645568 ) on Monday May 17, 2004 @05:31PM (#9177947)
      Speaking of which, didn't the US government during WWII translate some of their top-secret documents into one of the languages of the Native Americans? I think they chose that particular language because it had unique properties that made de-cyphering the language almost impossible. I'm not sure if they applied any additional encryption, or what would have happened if the enemy had somehow managed to kidnap a speaker of that language.

      Is this just 'security through obscurity', or was there something else involved.

      • by nacturation ( 646836 ) <nacturation&gmail,com> on Monday May 17, 2004 @05:36PM (#9178009) Journal
        You're thinking of Navajo code [google.com]. Should be enough to keep you busy reading for a while. :)
      • by SirWhoopass ( 108232 ) on Monday May 17, 2004 @05:42PM (#9178076)
        The US Marine Corps enlisted members of the Navajo tribe [navy.mil] to act as radio operators in the Pacific. The language had never been written, and it was estimated there were fewer than 30 non-native speakers at the outbreak of World War II.

        Earlier, in World War I, the US Army utilized members of the Choctaw tribe [essortment.com] as operators near the end of the war. This, however, was due to a decision in the field (a captain noted that he had several members of the tribe in his battalion), rather than a formal program.

      • Comment removed (Score:5, Informative)

        by account_deleted ( 4530225 ) on Monday May 17, 2004 @05:44PM (#9178089)
        Comment removed based on user account deletion
      • by chadjg ( 615827 ) <{moc.oohay} {ta} {0002elessegdahc}> on Monday May 17, 2004 @06:37PM (#9178581) Journal
        If I remember the story correctly, Navajo demands very precise pronunciation and accents. getting the nuances just right is supposed to be next to impossible right for a non-native speaker.

        So, even if a few Japanese operators did learn Navajo, they wouldn't be able to spoof their way onto the network. Kinda like trying to read the state of a photon without blowing the secret, maybe.

        Throw in the fact that the Japanese probably didn't care at all about the various tribes, even if they did know what a Navajo was, and you have a tough nut to crack. The war didn't last long enough for them to adapt.

        I remember watching some TV special about the code talkers, and one of the old guys was practically laughing when he was telling his story. Good stuff.
        • by pipingguy ( 566974 ) on Monday May 17, 2004 @09:21PM (#9179624)


          I remember watching some TV special about the code talkers, and one of the old guys was practically laughing when he was telling his story.

          When NASA was preparing for the Apollo project, they did some astronaut training on a Navajo Indian reservation. One day, a Navajo elder and his son were herding sheep and came across the space crew. The old man, who spoke only Navajo, asked a question which his son translated. "What are these guys in the big suits doing?"

          A member of the crew said they were practicing for their trip to the moon. The old man got all excited and asked if he could send a message to the moon with the astronauts.

          Recognizing a promotional opportunity for the spin-doctors, the NASA folks found a tape recorder. After the old man recorded his message, they asked the son to translate it. He refused.

          So the NASA reps brought the tape to the reservation where the rest of the tribe listened and laughed but refused to translate the elder's message to the moon.

          Finally, the NASA crew called in an official government translator. He reported that the moon message said, "Watch out for these guys; they have come to steal your land."
  • by Rosco P. Coltrane ( 209368 ) on Monday May 17, 2004 @05:22PM (#9177861)
    Interestingly, the UK is part of the EU, but its intelligence services are among Echelon's sponsors.

    The UK has its butt sitting on 2 chairs. On one hand they sort of behave like a US state, with Tony as governor, and on the other as a half-willing EU member, in large part thanks to Mrs Thatcher. One of these days they'll have to decide which continent they want to be part of.

    And I have a feeling that, if the population has a say, they'll embrace the EU eventually. Of course, the population rarely has a true say in any country though...
    • by JamesKPolk ( 13313 ) on Monday May 17, 2004 @05:27PM (#9177906) Homepage
      The British population would like to be able to develop close ties without giving up their own national sovereignty. Whether the EU allows that will determine how close the UK gets to the rest of western Europe.
      • by nickos ( 91443 ) on Monday May 17, 2004 @05:33PM (#9177964)
        I'm a pro-European, but we have to make the EU more democratic. The fact is that the members of the EU have already given up large amounts of their national sovereignty (because EU members must implement EU directives). This in itself is not necessarily a bad thing, as long as EU law is created by democratically elected representatives at the European supra-national level.
        • by jsebrech ( 525647 ) on Monday May 17, 2004 @06:43PM (#9178636)
          There is a EU parliament with democratically elected representatives. The problem is that the council, which isn't elected, can overrule it on a lot of issues. Like how the council reverted the software patent draft to a version that seems written by a microsoft lawyer, despite an explicit voting record in parliament that goes directly against that.
      • One incentive for British workers to become more integrated with the EU is that the 'EU working hours directive' will be better enforced. One of it's features is that nobody should be forced to work more than 48 hours per week. At the moment, the UK has manged to agree an opt-out clause, where an employee may sign away their right not to work more than 48 hours per week. The result is that the bosses are putting preassure on employees to sign away their right. If UK was closer integrated with the EU, could
        • by Space cowboy ( 13680 ) * on Monday May 17, 2004 @05:55PM (#9178204) Journal
          And yet you look at the employment rates within the UK and the rest of Europe (3% vs 12% approx) .... The UK is hardly a panacea but if you're willing to go for a lower paid job than you think you deserve, you'll prosper. It's always easier to get another job when you already have a job....

          Personally given the fact that the UK is the driving force behind software patents in the EU, I wil be voting against the government and against anything EU-centric in the upcoming elections. I don't see that it's at all democratic for the EU parliament (I think) to decide amendments need to be made, then the EU Council of ministers to ride roughshod over the whole thing. Go Germany, I wish the UK government had half the cluebat you wield....

          I wonder if the UK gets a net gain from being in Europe, I really do. Consider if we *did* become the 51st state. The real problem would be that the US people would never accept it - we have 56 million people, the US has 260 million. If the Uk became a state, it would represent 1/6 the population of the USA, never mind the influence the commonwealth brings in... The Whitehouse would have to be relocated to 10 Downing St. Can't see it myself... Empire by default - never happen, given our history...

          Simon
          • And yet you look at the employment rates within the UK and the rest of Europe (3% vs 12% approx) ....

            Apples and oranges, unless I missed the part where half the UK was recently repatriated after decades of Communist rule and mismanagement. On second thought....

          • by Malc ( 1751 ) on Monday May 17, 2004 @11:33PM (#9180372)
            "And yet you look at the employment rates within the UK and the rest of Europe (3% vs 12% approx)"

            Where did you get those numbers? According to this week's Economist, the rate is 4.7% in Britain and 8.8% in the Euro area. The UK rate is still extremely low, but not as exaggerated as you stated.
    • by patrick_jones ( 95543 ) * <azurlune&gmail,com> on Monday May 17, 2004 @05:34PM (#9177987) Homepage
      I have a feeling, if the population get a say, we will be out of Europe completely, the gates of the country will be shut, and the key thrown away. The British public is controlled by the gutter press (Mail, Times, Express, Sun) who are all vehemently Euro-sceptic. Well, controlled is too strong a word, but all the stories in those papers are anti-EU, anti-immigrant, anti-everything except good ole British values, like taking over half of the world.
      And calling Britian the 51st state is just wrong. For a start, most of us object to the US, and so do most of the Foreign Office. The sympathy to the US is due to long standing ties, like us running you, and the fact we speak the same language. We try and imagine ourself as a bridge between the two continents. Not that that really works...
      • However, the British public is at least as anti-US, and increasingly so. There is mounting evidence that close ties to Bush are hurting Blair badly in the polls, and remember all those protests before the war?

        If they had to choose one or the other, I suspect that most people in the UK would rather be European.
    • by ShadeARG ( 306487 ) on Monday May 17, 2004 @05:42PM (#9178070)
      Wikipedia has some interesting information on ECHELON [wikipedia.org] .
    • Half-willing? (Score:5, Interesting)

      by pjt33 ( 739471 ) on Monday May 17, 2004 @05:47PM (#9178122)
      Tony wants to be at the centre of the EU, and so do the Lib Dems. I've no idea what the official Tory line is this week, nor how many of them support it, but there's a very solid majority in the House of Commons pushing a pro-EU agenda.
    • by T-Kir ( 597145 ) on Monday May 17, 2004 @06:19PM (#9178440) Homepage

      Mrs Thatcher was distinctly anti-Euro, apart from free trade and good relations which follows the last referendum the UK had. It was the Major years (Maastricht treaty and in then out of the ERM) followed by Blair who pursued the closer ties.

      Despite being promised a referendum on the EU constitution (which is a woeful hack of previous revisions), the British public hasn't been given a date on it... and the trust (read as 'lack of') I have in Blair is as such that he would do the referendum after the point of no return (sorry people if you voted 'no', it's too late now!).

      I for one would like the closer ties with Europe (i.e. what we have now), but what is proposed I think is too much too soon... and there are too many problems which really need sorting first (red tape, beaurocracy, politicians voting in new laws when they have no clue as to what they are, etc etc). Added to that the majority of the British public need to know exactly what is going on, and what will happen before we're even semi happy with it.

      I've always been of liberal views and what you would call a floating voter, but I wouldn't trust the Lib Dems (almost wanting to powershare with Labour, no real manifesto), I definately don't trust Blair.... but despite his previous convictions I think the Conservatives are in a much stronger position with Howard (especially regarding party unity).

      Maybe the biggest problem that'll hit us in a couple of years is the national debt (where the conservatives saved a crap load of money by taxing the country half to death - mind Labour were happy to add to that) and the housing prices/issues, add to that the amount of money being literally thrown at the NHS is a nice little ticking time bomb that I'm not looking forward to going off.

      Anyway, most opinion/info in this post is AFAIK and is open to correction/counter viewpoints... as they say (damn this zippy led US keyboard), just my 0.02 UK Sterling (yes I do know about character map, I just can't be arsed!).

      T-Kir

    • Given that their commerce with the EU is 4X larger than with the US, it's a given that they will have to choose Europe.

      At that point they will adopt the euro, which will cause serious reverberations on Wall Street. Remember that the balance of trade deficit in the US can only be sustained as long as capital from Asia and Europe keeps flowing into the US at a rate of $1 B / day. The US ought to create a strategy to hold Britain else a huge amount of British capital is going to flow into European markets when

  • One has to wonder why we call it Quantum Encryption when it really has nothing to do with Encryption. From the article:

    The aim is to produce a communication system that cannot be intercepted by anyone

    If I understand their intent, they plan to use concepts like Quantum Entanglement to ensure that communication is shared only between the entangled particles. This is a very different concept from using the properties of Quantum Mechanics to scramble information in a reversible manner or creating computers capable of super-fast calculations.
    • by necama ( 10131 ) on Monday May 17, 2004 @05:29PM (#9177920)
      The point isn't to use the quantum entanglement to directly pass information back and forth; rather it is to distribute a key for a one time pad. And one time pads are provably secure, since every different one time pad gives you a different (and equally plausible) decryption of the message.

      Hence, if you really want to gripe about the name, I suppose you could call it quantum key distribution.

      • The point isn't to use the quantum entanglement to directly pass information back and forth; rather it is to distribute a key for a one time pad.

        There is no such things as "a key for a one time pad". The one time pad is the key. The needed part of the pad is also as long as the message itself, so you can't save anything by transmitting the pad excerpt instead of the message itself.
        • by mivok ( 621790 )
          What you would save is the content of the message. As I understand it, quantum encryption (or whatever you want to call it) doesn't prevent what is transmitted from being intercepted, it just guarantees that the interception is detected. So if you transmit the key, and it is intercepted, then don't use the key, and nothing is lost. However, if the message itself was transmitted, then it could be discovered, and knowing that the message was intercepted probably wouldn't help much.
    • by rokzy ( 687636 )
      um, what does encryption mean on your planet then?

      encrypt ( P ) Pronunciation Key (n-krpt)
      tr.v. encrypted, encrypting, encrypts

      1. To put into code or cipher.
      2. Computer Science. To alter (a file, for example) using a secret code so as to be unintelligible to unauthorized parties.

      according to this it seems like a perfect name to me. you are coding the information into quantum states so it can't be intercepted by people you don't want it to.
      • Encryption implies manipulating the information content of a message in order to obscure its meaning, not altering the physical representation of said message. To give an analogy: Writing my secret letter using a substitution cipher would count as encryption, since I have manipulated the information (which could be represented in any number of ways). Writing my secret letter in my patented disappearing-reappearing ink does not count as encryption, because I have merely manipulated the physical form of the
    • by Karhgath ( 312043 ) on Monday May 17, 2004 @05:33PM (#9177965)
      Nope, quantum entanglement isn't used in Quantum Encryption.

      As a matter of fact, you probably couldn't communicate reliably with quantum-based communication, much less quantum encryption or using quantum entanglement to communicate securely, as you hinted.

      Also, I want to add a note that I personally think it shouldn't be called Quantum Encryption but "Quantum Key Distribution"(QKD), as it is a much better name for it. They use the property of quantum mechanics to exchange a key which allows them to use the one-time pad method to encrypt the message, which MUCH less logistical problems, and no way to intercept the key. The encryption algorithm is purely classical and not quantum-based. This makes QKD in such a way that it allows 2 people to communicate without anyone being able to intercept the keys with any known attacks/methods(timed, man-in-the-middle, etc.), they can only prevent them from exchanging a key and thus communicating(which in some case might be worst tho).
    • by Jerf ( 17166 ) on Monday May 17, 2004 @05:52PM (#9178165) Journal
      I agree. It ought to be called Quantum Intrusion Detection, because that's what it is. It doesn't encrypt, nor does it protect anybody from intercepting the message.

      All it can do is tell you if your message is being intercepted. Now, this is useful information, since you might decide to quickly stop transmitting, and if you're fast enough on the draw and using conventional encryption on top of your Quantum Intrusion Detection, then you'll probably not give enough data to the intruder for them to feasibly decrypt anything.

      But note that if you want the protection of encryption so the intruder doesn't get plaintext, you still need to use conventional encryption.

      Also note that some wild-eyed Slashdot types who's understanding of technology is buzzword-deep sometimes make the claim that Quantum Computing might crack Quantum Encryption. Nope, because "Encryption" isn't. And the very nature of the Intrusion Detection is that you can't get around it, no matter how clever you are.

      The worst part of this stupid naming is that some day we probably really will have some sort of encryption that uses QM, and then what we will call that?

      Anyways, it is apparently far too late to do anything about this misnomer, but it's one of the most pernicious misnomers I've seen in modern times. Whoever named this technology should have their relevant degrees stripped.
      • by Karhgath ( 312043 ) on Monday May 17, 2004 @05:58PM (#9178224)
        Sorry to disapoint you: you are wrong. Let me explain a bit.

        First, it's not Quantum Intrusion Detection. It's Quantum Key Distribution. It allows 2 people to exchange a randomly generated key as long as the message, used in a one-time pad scheme.

        They trick is that the exchange of the key is unconditionally secure. Not only does it tells you when part of the key is intercepted, it also 'aborts'. The only thing an eavesdropper can do is to prevent you from communicating. If the communication is successful, then no one eavesdropped or got enough information on the key to jeopardize the exchange.

        This is the beauty of it.

        So no, it's not Quantum Encryption per see, as the encryption is done in classical term using one-time pad method, but it's not Quantum Intrusion Detection either. It's a very ingenious mix of both quantum and classical method which results in an unconditionally secure method of encryption.

        And, I'd have to talk about Gilles Brassard(he teaches at the "Universite de Montreal" where I study). about stripping his degrees, as he's the co-inventor of quantum encryption and computing in general. I think he'd laugh but agree that Quantum Encryption is the resulting solution, not the means. "Encryption using quantum principles" might be more revelent, but quite longuer. Quantum Key Distribution is my personal favorite.
  • by rokzy ( 687636 ) on Monday May 17, 2004 @05:23PM (#9177875)
    that the US spies on its "friends" in the first place.

    It may be naive, but if you want respect you have to give respect.
    • by GauteL ( 29207 ) on Monday May 17, 2004 @05:30PM (#9177939)
      True, it can't possibly be disturbing that the EU does not want the US spying on them after the US misused the trust completely during incidents like the Airbus/Boeing scandal.

      You can't possibly question the motives of a country trying to protect against spies from friendly countries, when those friendly countries actually ARE spying on them.
    • by Zak3056 ( 69287 ) on Monday May 17, 2004 @05:39PM (#9178037) Journal
      that the US spies on its "friends" in the first place.
      It may be naive, but if you want respect you have to give respect.


      There's no "may" to it, it's incredibly naive. Yep, the US spies on it's allies--but if you believe that those allies are not spying on the US in turn, you're dreaming. Charles de Gaulle once said that nations do not have friends--only interests. That's as true today as it was then.

    • by spun ( 1352 ) <loverevolutionary&yahoo,com> on Monday May 17, 2004 @05:40PM (#9178049) Journal
      Australia admitted the existence of Echelon, and it's part in the global surveilance network some years ago. The reason? The US demanded access to all data from Australia, whereas Australia wanted to remove the names of Australian citizens and businesses not under investigation. They would provide the details when asked, just not up front, to protect against the US using the info for corporate espionage. The Australians refused, the US said "Oh yeah, what are you gonna do?" and the Aussies responded, "Tell the world."

      Here's a link, [heise.de] but you can google 'echelon australia' for more info
    • by j. andrew rogers ( 774820 ) on Monday May 17, 2004 @06:09PM (#9178340)
      The majority of espionage conducted against the US is by our friends, largely from Europe. UK, France, and Germany being the major active players from Europe as I seem to remember. While it doesn't get wide press, the US catches (and then deports) several hundred European spies every year. How spies are treated depends on what country they are from.

      I remember over a decade ago when I actually worked in a business in which we were espionage aware, that the number one espionage problem in the US was the French (followed by the Chinese, and then a laundry list of European countries -- including the UK), the French being primarily interested in stealing US weapons technology and listening in on business deals they were competing with. Which was primarily a business move; along with the Russians and the US, the French are one of the world's major arms exporting countries and they have to compete with US designed weapons on the open market.

      Everyone spies on everyone, and for varying reasons. The French actually used to have one of the most aggressive intelligence services on the globe, disproportionate to their size and geopolitical importance, which some people find surprising. I don't know if it as large today, though. But this is nothing new, and all the governments understand that this goes on. As long as it doesn't get out of hand, it is tolerated between countries that are nominally friendly.

  • by Saint Aardvark ( 159009 ) * on Monday May 17, 2004 @05:25PM (#9177887) Homepage Journal
    I beg your pardon? Why the fuck are the implications of taking up cryptography to stop shady, shouldn't-be-happening-in-the-first-place eavesdropping by so-called friends and allies "troubling"?

    If there is a "growing rift" in the Western hemisphere, who the fuck do you think is responsible for this -- the ones who are pissed off about the eavesdropping and are trying to do something to stop it (and think for a moment about the fact that they're trying encryption rather than attempting to convince the US et al. that it's a Bad Thing...what does that tell you about their chances of actually convincing anyone to stop anything?), or the countries and intelligence agencies that decided this was acceptable in the first place?

    Sorry for the shouting, but this intellectual coyness does not become you.

    • Do you really think that European intelligence agencies don't spy on the US (or at least haven't tried to do so)?

      In international politics, allies have a way of becoming enemies when it serves their purposes; as long as the tiniest possibility of a conflict exists, countries will always look after their own interests first, and those of their (current) allies second.
  • by Noose For A Neck ( 610324 ) on Monday May 17, 2004 @05:25PM (#9177888)
    While I'm sure it sounds well and good to a legislator in the EU when they hear about supposedly "unbreakable" quantum cryptography, this sounds like another case of someone mistaking it for some kind of panacea for eavesdropping. The real truth of the matter is that, of course, quantum crypto is only effective at the line level, i.e. as soon as it leaves the medium it was transmitted on, the cryptographic effect is lost. So it's entirely impractical for anything but a point to point connection.

    Also, I don't think people realize how strong cryptography is today. There are cryptographic methods available to the public at large (such as RC5 and PGP) that are proven to require more computing power than is theoretically possible in the universe. Not just more computing power than is possible with current hardware, but the theoretical limits of computation given the entire resources of the universe. So really, it seems that a lot of ignorance is at play here, and I would hope someone clueful in the EU informs their EU government before they go off and waste a whole lot of taxpayer money on such a foolish project.

    • by skifreak87 ( 532830 ) on Monday May 17, 2004 @05:38PM (#9178032)
      Sorry to nitpick, but it takes "more computing power than is theoretically possible in the universe" assuming no better algorithm for breaking the encryption is developed. If someone creates a polynomial time algorithm for factoring large numbers (such as Shor's algorithm for quantum computers), this is no longer the case for RSA or any other factoring vs. multiplying/generating primes system. Similarly for other systems. It's not that the system cannot be broken, it's that we don't know of a way in which it can be done using current algorithms. The only informationally secure encryption system (afaik) is a never re-used one-time pad because it makes all decryptions equally likely and thus you gain NO information about the cleartext from the encrypted text except possibly length. The problem is, this requires a truly random key at least as long as the length of the message and the key cannot be reused.
    • by ca1v1n ( 135902 ) <snook.guanotronic@com> on Monday May 17, 2004 @05:41PM (#9178058)
      This is only true using a full-keyspace brute force attack. The NSA was at least 20 years ahead of the academic world in discovering linear cryptanalysis. This is why they asked IBM to change the sboxes in DES, but wouldn't say why. The result was that DES was using an sbox from a fairly small subset of possible sboxes that resist linear cryptanalysis, but we didn't know it for another couple decades. Imagine for a minute that the NSA had a technique that cut the effective key size by a factor of 4. You can brute force attack that. There might even be polynomial algorithms for it, taking advantage of mathematical properties that only the largest employer of mathematicians in the world knows about.

      We can't even be certain that the NSA doesn't have quantum computers, although this is less likely. When your attacker has a non-deterministic computer, you're fairly screwed on finding an algorithm that can be efficiently encoded and decoded on deterministic machines while taking extraordinarily long to decrypt without the key. The only saving grace here is that a quantum computer may not be a general non-deterministic machine, so there may be some things that a non-deterministic machine can do that a quantum computer cannot. To my knowledge, the equivalence between quantum computers and non-deterministic machines has not been proven either positively or negatively. I'm sure the NSA knows though.
    • There are cryptographic methods available to the public at large (such as RC5 and PGP) that are proven to require more computing power than is theoretically possible in the universe.

      No such proof exists. The best publicly known attacks may be computationally infeasible, and we may be given confidence based on our experience trying (and failing) to find more effective attacks. they are computationally infeasible to break. But noone has a proof of their strength, and it's always possible that dramatic adv

    • While I'm sure it sounds well and good to a legislator in the EU when they hear about supposedly "unbreakable" quantum cryptography, this sounds like another case of someone mistaking it for some kind of panacea for eavesdropping.

      Well, this is just wrong. QKD(Quantum Key Ditribution) isn't 'supposedly' unbreakable, it is unconditionally secure and as been proved so many times. I hate to use this argument, but it is true to some extend: you'd have to break the rules of nature to break it.

      However to say th
    • Also, I don't think people realize how strong cryptography is today. There are cryptographic methods available to the public at large (such as RC5 and PGP) that are proven to require more computing power than is theoretically possible in the universe. Not just more computing power than is possible with current hardware, but the theoretical limits of computation given the entire resources of the universe.

      Oh dear, fallen into own trap have you. PGP and the public key crypto it's based on is in no way proven

  • by nickos ( 91443 ) on Monday May 17, 2004 @05:27PM (#9177911)
    As someone who lives in the UK, I think our stance on this is ridiculous, and a legacy of WW2. We're an important and influential member of the EU, and the last couple of years should have made it obvious that a close relationship with the US damages our relationship with the rest of Europe (and the wider world) and only benefits the Americans. In the post Empire world, Britain's role is as a democratic and decent European nation. We should not support pre-emptive war or the Israeli's mistreatment of the native Palestinians.

    Oi, Blair! Sort it out.
  • Terrorists (Score:3, Interesting)

    by Leffe ( 686621 ) on Monday May 17, 2004 @05:29PM (#9177924)
    Monyk believes there will be a global market of several million users once a workable solution has been developed. A political decision will have to be taken as to who those users will be in order to prevent terrorists and criminals from taking advantage of the completely secure communication network, he said.

    And exactly how are they going to tell terrorists from normal workers at a company where they installed this crypto thingy? Of course, the admins could monitor the users, but that would kind of defeat the purpose of the encryption in the first place.

    Also, how are they going to implement this? Will they have to replace/addparalell all the current infranetstructure with new photon-cables or something?!
  • I don't get it ... (Score:5, Insightful)

    by vlad_petric ( 94134 ) on Monday May 17, 2004 @05:32PM (#9177961) Homepage
    RSA 2048 is pretty much unbreakable, if they really cared so much about Echelon (which IMHO is a disgusting thing), they'd simply make it standard. The main advantage is that minor changes would be required to the existing infrastructure.
  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Monday May 17, 2004 @05:33PM (#9177976)
    Comment removed based on user account deletion
  • by Anonymous Coward on Monday May 17, 2004 @05:34PM (#9177979)
    *** Schroder ( ~schroder!blinky@reichstag.de ) has joined #europe
    *** TOPIC: Be nice to the new guys or Ireland will export drunk hooligans to your country!
    <Schroder> Gutentag!
    <Blair> Cheerios, ol' chap!
    <Chirac> Sup?
    <Schroder> What's happening over here?
    <Chirac> Just watching zat goddamn idiot Bush trying to lose a war.
    <Schroder> Ach so...
    *** Bush ( ~bush!dubya@whitehouse.gov ) has joined #europe
    <Bush> I READ THAT, YOU BITCH!!!
    *** Bush has left #europe
    <Schroder> Right, this is getting tiresome...
    <Blair> Fancy a crumpet, anyone?
  • Pure snake oil (Score:3, Insightful)

    by Paul Johnson ( 33553 ) on Monday May 17, 2004 @05:35PM (#9178001) Homepage
    This is just snake oil. Quantum Cryptography (QC) is only good for point to point communications over short distances. You can't amplify the quantum signals, so the range is limited by the losses in the transmission medium. Long haul transmission requires that each relay decrypt and re-encrypt the data. So if you want to tap it you do it at the relays.

    QC doesn't even prevent a man-in-the-middle attack. All you need to do is splice your tap in to the fibre (or whatever) and do QC with the two ends.

    Paul.

  • Buzzwords (Score:5, Insightful)

    by flossie ( 135232 ) on Monday May 17, 2004 @05:36PM (#9178004) Homepage
    I'm pleased that there is funding for this kind of research in the EU, but it sounds like a stupid way of solving the problem of Echelon. The article makes it clear that the purpose of the quantum encryption is to exchange keys securely and to then encrypt messages using more conventional algorithms and transmission methods.

    If conventional encryption and transmission is deemed sufficiently secure for transmitting the messages, a quantum exchange of keys does not add significantly to the security of the communication. It would surely be easier and cheaper to organize physical transfer of one-time pads than to install all the necessary infrastructure to support the key exchange.

    The EP were obviously taken in by buzzwords, but at least the research will advance the state of the art.

  • by 10101001011 ( 744876 ) on Monday May 17, 2004 @05:39PM (#9178044) Homepage
    Dubya-I-N-D-O-W-S XP

    bfsjhbdfhsidhfdhikerhfkihreki
    hsfdiurhfiuheriughiurehgierhiytiuwejlkjPiefjih
    hi udfhgiufdhguihizghdusghurugfihdsiughsiuhgui
    yqtey trytreiqifmzml,PLaosjujshnfklsdgoij
    khsgiuhrgiuhs dilbvdhboinvkishrdoiiksdjf
    dgbkidfhgiobnvkjdhbivs jodfgniugkishgdf


    Decryption Commencing... Please Wait...

    This may take a few minutes....

    You may wish to grab a coffee

    ERROR! Cannot decrypt!

    Bush: Well gosh, I guess them Yuropiens have got Weapons of Mass Distruction!

    Bush leaves the office...

    Retrying decryption... Decryption complete!

    Message reads:
    RE: Bush's IQ
    From: Tony Blair
    To: Paul Martin
    Bush really is an idiot, isn't he?

    Signed,
    Blair

    PS: What do you think of the new encryption program we desgined. It is uncrackable!
  • by G4from128k ( 686170 ) on Monday May 17, 2004 @05:39PM (#9178045)
    Although quantum crypto secures the fiber, it does nothing for the equipment on either end. Routers, switches, ISP mail servers, etc. remain accessible.

    Until Linksys sells a consumer quantum WAN interface, CISCO sells quantum Layer 3 switches, and all the telcos fiber-up with quantum crypto repeaters, the whole system is vulnerable to snooping.
  • Secure Systems (Score:5, Informative)

    by BrownDwarf ( 615206 ) on Monday May 17, 2004 @05:44PM (#9178094)
    The weakness in current encryption/communications systems isn't in the encrypting algorithms, which have withstood the serious efforts of some top-flight mathematicians to bust them. Nor is it necessarily in traffic analysis; keep a line open and transmitting bits 24/7. Isn't hard to design the system so the intended recipient can tell when the "random" bits start a message. Nor is the weakness in key transmission, at least for governments: lots and lots of really long keys can be transported on CDs well in advance of need. The weakness remains where it has been in recent years, with the people using the system, and with keeping their computers out of unauthorized hands. Going to quantum methods doesn't change get around this weakness. From what I see, the benefit of quantum crypto is the ability to make message tampering evident.
  • Mass encryption (Score:3, Insightful)

    by t_allardyce ( 48447 ) on Monday May 17, 2004 @06:06PM (#9178296) Journal
    Echelon could have already been countered by Microsoft, but just like with VB-script worms and pop-up windows (which could also have been prevented) they didnt. I dont know if its stupidity or something else going on, but given the market share of Outlook if microsoft implemented encryption by default (could even be weak and tied to your current password) Echelon wouldnt have a hope in hell of decrypting everything for a keyword flagging, they might just manage a few choice emails that they were already watching and only if they stuck a good chunk of processing resources on it. You dont need very strong crypto, you just need everyone to be doing it.
  • In other news .. (Score:3, Insightful)

    by DrugCheese ( 266151 ) on Monday May 17, 2004 @06:06PM (#9178305)
    THERE IS NO OTHER NEWS!

    Anyone else notice that no one in the U.S. of A knows what Echelon is? I've asked co-worker after co-worker, relative after relativc, friend after friend ... and it scares me to know that I'm the one opening their eyes to this.

    What is this 10 years now that I've been raving about it. And not once EVER has there been at least a little 15 second side spot , or ticker note at the bottom about Echelon.

    Love my Country:Fear my Government
  • Missing the point (Score:5, Insightful)

    by maximilln ( 654768 ) on Monday May 17, 2004 @06:11PM (#9178366) Homepage Journal
    Everyone--from good hearted people to downright argumentative trolls--misses the point on spying.

    I don't care about online privacy. I'm not worried about government spooks sifting through my e-mail or web surfing habits and finding out that I like brunettes with long legs, long hair, and almond shaped eyes. It really doesn't concern me. If it were some supercomputer sitting in a back room chewing through e-mail looking for "homicide, suicide, terror, assassinate, secret, password, 9/11" or some other stupid set of keywords or tracing kiddie porn that'd be fine by me. At least until the anti-pr0n people decide that moral righteousness has no bounds and start coming after willing adults with no real sex life and a speedy net connection.

    Face it. We live in the real world. People in power let it go to their heads and they often use it for purposes other than those in which it was given to them for.

    What I'm worried about is that the guy down the block is an FBI agent. Or CIA. Or NSA. Or some local politician who knows one. One day I'm walking down the street and a candy wrapper drops out of my pocket onto his lawn. Now this guy is such a straight laced Bible thumping tight a__ POS that he uses his political muscle to find out who I am and begin harassing me. "He dropped a candy wrapper on my lawn! He's a litterer! He's no good for society! Besides, I saw him carrying home a six-pack of beer! He must be an alcoholic as well!"

    Where's the check and balance? There is none. Who could prove it? No one. Who can stop it? No one.

    Echelon, Big Brother surveillance, the Anti-Terror bill. They all suck for the same reason that the Windows registry sucks: there's no way to secure them from people misusing them to hijack the system.
  • by braddock ( 78796 ) on Monday May 17, 2004 @06:28PM (#9178515)
    There are two fantastic well-researched books that anyone who wishes to truely understand Echelon needs to read:

    Body of Secrets: Anatomy of the Ultra-Secret National Security Agency" [amazon.com] by James Bamford is a fantastic history of the NSA from the end of WWII to the present. If you read this book you will see that the idea that the NSA is spying on UN delegations is really a given...in fact one of the primary reasons the US wanted the UN to locate in NYC is to allow easy interception of diplomatic communications. This author uncovered many amazing Cold War programs and anticdotes and presents them in fascinating form.

    The second book is "Blind Mans Bluff: The Untold Story of American Submarine Espionage" [amazon.com]
    by Sherry Sontag, another fantastic book of solid research and good story telling, a large amount of it revolving around underwater communication wiretap activities. The special mission nuclear submarine SSN-21 USS Jimmy Carter is out there specially equipped for undersea cable tapping operations and receiving commendations in the tradition of the Cold War era USS Halibut [earthlink.net].

    Whatever you think of the ethics of these issues, the technology and history is amazing, and the capabilities do exist and are fairly well documented. If you read these two books, and have the technological understanding to extrapolate a bit, you can get a pretty good picture of current capabilities and the culture of how these collection assets are being used. One thing you will find that they are not being used without limits and elements of responsibility, although there are cases (like the Boeing/Airbus bidding incident) where they have been abused.

    -braddock gaskill
    • "The Sword and the Shield: The Mitrokhin Archive and the Secret History of the KGB" is an excellent book detailing the KGB side of espionage. The co-author was a KGB agent for 40 years in charge of archiving the documents of the Foreign Intelligence Directorate. He defected in 1992 bringings 10,000+ pages of documents with him. The book details Soviet intelligence operations from the revolution through the Gorbechev era and it quite stunning in the depth and expertise of the Soviet intelligence system.
    • And in between the two was the Parche SSN 683, the ultimate spy boat. She was much smaller than a 688 (LA) class boat (60 ft shorter), could handle better in shallow water. My roommate in New London got orders to her in '77, and had to go through the proceedure to get a Top Secret clearance. Just to be an A-ganger (auxilliary, non-nuclear equiptment, like hydraulics, trim and drain, atmosphere control...). Then in Dec. 78 my boat got a new skipper who had been XO on the Parche. He would barely admit she exi
  • healthy competition (Score:3, Interesting)

    by Doc Ruby ( 173196 ) on Monday May 17, 2004 @06:35PM (#9178561) Homepage Journal
    Widening the rift between covert collusion in transnational organizations is good for everyone (except the inhuman spooks who sell us out for each other). A constructive EU/US competition will keep us all freer, fighting to attract the more mobile and constructive elements of one another's populations with offers of better lives.

    "Good fences make good neighbors."
    - Robert Frost, "Mending Wall" [bartleby.com]

  • by BlightThePower ( 663950 ) on Monday May 17, 2004 @10:25PM (#9179992)
    I don't personally believe this has any political implications whatsoever in the sense that whenever you develop an 'offensive' technology it would make sense to develop the 'defensive' technology. In this sense the arms race rages between groups of scientists rather than nations. The development of quantum cryptography to counter eavesdropping (bear in mind that Europe does not have the same freedom of information rules as the US; what have WE got, who knows?) is only as ironic as the fact the US has both nuclear weapons and has (attempted) to develop things like 'Star Wars' to counter nuclear strikes.

    I think this development need not be regarded with any sort of alarmism.

  • Is it possible? (Score:3, Informative)

    by hcetSJ ( 672210 ) on Tuesday May 18, 2004 @01:35AM (#9180798)
    Leaving aside the question of whether such a thing is possible

    Possible? It [aip.org] has [wikipedia.org] been [bbc.co.uk] done. [dartmouth.edu]

    I think the poster is confusing using quantum codes (first demostrated in 1991, currently commercially available) with breaking codes with quantum computers (still hugely theoretical).

Dennis Ritchie is twice as bright as Steve Jobs, and only half wrong. -- Jim Gettys

Working...