technology

23824 readers

2 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 4 years ago

MODERATORS

context@hexbear.net

EmmaGoldman@hexbear.net

SexUnderSocialism@hexbear.net

gaycomputeruser@hexbear.net

ZoomeristLeninist@hexbear.net

A 300-km fully-connected quantum secure direct communication network (www.sciencedirect.com)

submitted 2 weeks ago by yogthos@lemmygrad.ml to c/technology@hexbear.net

9 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] yogthos@lemmygrad.ml 1 points 1 week ago (1 children)

My understanding was that you exchange the key out of band, and you know what key you're expecting. So, if you had a man in the middle, and the encryption was tampered with then it would modify the quantum state of the key.

[–] pcalau12i@lemmygrad.ml 1 points 1 week ago* (last edited 1 week ago) (1 children)

The specific article mentions QSDC which doesn't actually exchange a key at all, QKD does exchange a key, but both operate on similar concepts. To measure something requires physically interacting with it, an interaction has to be specified by an operator in QM, and the rules of constructing physically valid operators don't allow you to construct one that is non-perturbing, so you inevitably perturb the qubits in transit if you measure them in a way that can later be detected.

But, again, we are talking about "in transit," that is to say, between nodes. If you and I are doing QKD, and are node A and B, we would exchange the qubits over a wire between A and B, and anyone who sniffs the packets in transit would perturb them in a detectable way. But if someone snipped the wire and setup an X and Y node in the middle, they could make X pretend to be you and Y pretend to be me, and so I would exchange a key with X and you would exchange a key with Y, and so the key exchange occurred over nodes A-X and B-Y and not over A-B.

The middle-man would then have two keys, they would decrypt the messages sent from A-X with one and re-encrypt them using the second key to transmit from B-Y, and vice-versa. Messages sent from A to be B would still arrive at B and messages sent from B to A would still arrive at A, but A wouldn't know the key they established was with X and not B, and B wouldn't know the key they established was with Y and not A. From their perspectives it would appear as if everything is working normally.

You have to have some sort of authentication of the nodes in any security infrastructure. That's what public key infrastructure is for. Man-in-the-middle attack is basically a form of impersonation, and you can't fight impersonation with encryption or key distribution algorithms. It's just a totally different kind of problem. You authenticate people's identities with signatures. Similarly, on the internet, you authenticate nodes on a network with digital signatures. Anyone can make up a random signature on the spot, so you have to compare a provided signature to one provided by a trusted database of signatures called certificate authorities. That's what public key infrastructure is, and it's one of the major backbones of the internet.

[–] yogthos@lemmygrad.ml 2 points 1 week ago* (last edited 1 week ago) (1 children)

I guess I was thinking of something else here. The method I was thinking of is where the encryption key is sent as a stream of quantum particles, like photons. If anybody tries to observe the key during transmission, the act of observing it changes the particles. The sender and receiver can compare parts of the key to see if it was altered. Once a secure key is established, you send data encrypted with the key using any regular channel. This method makes the key distribution unhackable because any attempt to intercept the key fundamentally alters it, alerting the sender and receiver.

[–] pcalau12i@lemmygrad.ml 1 points 1 week ago (1 children)

You are just straight-up not reading my posts.

[–] yogthos@lemmygrad.ml 2 points 1 week ago

Ok sorry, I did misread you. You're talking about both parties exchanging the key with the attacker thinking the attacker is the other party. So yeah, you're right that you'd need some public key system for ensuring the identity of the node you're talking to.