Quantum encryption enters product phase R. Colin Johnson EE Times (04/28/2005 2:01 H EDT) PORTLAND, Ore. — Network security systems that rely on the laws of quantum mechanics to create hack-proof networks are arriving in the form of practical products that are easily integrated into optical networks. At the Infosecurity Europe 2005 trade show in London, id Quantique SA (Geneva) announced a turnkey quantum encryption system enabling hack-proof secure bridges between two Fast Ethernet (IEEE 802.3u) networks up to 100 kilometers apart. The move followed a March announcement by MagiQ Technologies Inc. (New York), which rolled a rework of its Quantum Private Network (QPN) 5505 system. The QPN 7505 incorporates Cavium Networks' Nitrox data encryption processors. The id Quantique product is "the first quantum cryptography system designed for network engineers and not for physicists," said CEO Gregoire Ribordy. For its part, MagiQ wanted to introduce quantum encryption systems that would be easy for network designers to implement while improving the cost/performance ratio of the systems. "During trials and deployment of our QPN 5505, we received some excellent feedback from our enterprise and classified installations that helped us improve the speed, usability and integration ease of the product," CEO Bob Gelfond of MagiQ said in a prepared statement. The revamped system produces and distributes public keys in real-time. Use of the Nitrox encryption processors makes it possible to implement a virtual private network using standard IPsec protocols and an unhackable key distribution system, according to the company. MagiQ has also introduced a quantum encryption test bed so network engineers can implement their own designs based on quantum crypto. Whereas conventional crypto methods are only as good as the length of their key, quantum encryption eliminates the possibility of eavesdropping. In the conventional methods, a 56-bit key (or a 256-bit key in the case of the Advanced Encryption Standard) scrambles data with a one-way function (such as, "Multiply two large prime numbers"). Encryption is a simple operation for a computer, but going backward (such as from a large number to finding its prime factors) is very difficult for computers unless you have the key. Secret keys for one-time functions let only the receiver decrypt the scrambled bits, but in practice even the most secret key can be found by a supercomputer using trial and error. In contrast, quantum cryptography is secure no matter how fast a hacker's computer is because the technique harnesses the laws of physics to guarantee security. In quantum crypto, different quantum states (such as polarization) of individual photons are used to represent ones and zeroes with a specified probability distribution. A hacker who tapped into an encrypted photon would alter that distribution, alerting the receiver that an observation of the key had taken place. Quantum-key distribution (QKD) offers a level of security that would not be possible for AES unless a new AES key, of the same length as the data to be transmitted, were made for each transmission. In late 2002, id Quantique demonstrated its version of QKD over standard optical fibers installed between Geneva and Lausanne, Switzerland — a 70-km distance (see www.eetimes.com/story/OEG20021111S0036). In 2003, MagiQ announced commercial availability of its quantum key distribution and encryption system, the Navajo Security Gateway, which offered unbreakable encryption over existing fiber-optic lines (see www.eetimes.com/showArticle.jhtml?articleID=18310030). Also in 2003, the World Internet Secure Key SA and the International Organization for the Security of Electronic Transactions pledged to create the infrastructure necessary for worldwide distribution of unbreakable quantum keys in cooperation with id Quantique (see www.eetimes.com/story/OEG20031020S0025). And in July 2004, MagiQ introduced the QPN 5505 in Glasgow, Scotland, at the Seventh International Conference on Quantum Communication. The company also announced the successful transmission of a single photon over a secure channel 75 kilometers long, which the company claimed was a record at the time. MagiQ designed its QPN architecture as an embedded system running on either the Windows or Linux operating systems. The embedded system generates and stores quantum keys, which are sent over a separate fiber channel. The embedded-key-generation system runs continuously, providing a real-time level of security. Keys that encrypt information on a standard optical fiber channel are refreshed every second. For its part, id Quantique took the route of developing a turnkey system for connecting Fast Ethernet networks. Called the Vectis Link Encryptor, the complete network-transparent cryptographic solution lets network engineers quickly bridge remote Ethernet networks with a hack-proof connection. "This new cryptographic appliance combines ease of integration into existing networks and uncompromised security. It will allow us to target the most demanding security applications. Potential customers include financial services, service providers, R&D companies, government agencies and others," said Ribordy. Vectis provides point-to-point wire-speed link encryption that combines QKD and AES encryption with new keys refreshed up to 100 times per second. The Layer 2 network transparent encryption device securely bridges two Fast Ethernet (IEEE 802.3u) networks with all the quantum functions completely automated and monitored by a built-in surveillance unit that detects eavesdropping attempts. The overhead for encryption and decryption results in sub-millisecond latency, according to Ribordy, making the system compatible with time-critical communications such as voice-over-Internet Protocol. A user-friendly touchpanel display interface reads out the tamper-detection system's results and offers pushbutton access to the Simple Network Management Protocol. The company already claims customers for its quantum encryption systems in the United States, Canada, Europe, Asia, Latin America and the Middle East. Id Quantique is a spin-off from the University of Geneva and participates in both European quantum communications efforts — RamboQ and Secoqc. — Chappell Brown contributed to this report. http://www.eetimes.com/news/latest/showArticle.jhtml?articleID=161601149 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 61.222.173.29 ※ 編輯: reader 來自: 61.222.173.29 (05/08 17:04) > -------------------------------------------------------------------------- < 作者: klain (klain) 看板: CSSE 標題: Re: [情報] 量子加密進入產品化階段 時間: Sun May 8 22:43:09 2005 [原文恕刪] 據我所知，在2002年MagiQ就已經有產品出來在賣了， 所以這次的新聞可能宣告意味比較濃厚。 也許是MagiQ...等公司開始想要砸錢在行銷方面了吧(純猜測)。 另外，說是quantum cryptosystem倒也太過了， 這樣的說法會讓人以為是能達成如下事情： Alice有某quantum secrect message，且能利用量子密碼系統 安全且秘密地將此quantum secret message送給Bob。 但是就我所知， 目前的系統頂多只是能達到key-exchange on quantum channel， 也就是說讓相隔兩地的兩者共享一個classical random bit string， 這樣，與宣稱的quantum cryptosystem的定義還是有所差距。 有錯請指教。 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 59.112.213.59