Unbreakable Encryption

[Noodlez]

In theory, every encryption can be broken (brute-forced) weather or not it is feasible to bruteforce a 1024-bit key is not the question at hand. Recently, advancements in Cryptography were made using light photons to create an unbreakable encryption, unless of course, you can break the laws of physics. (http://zdnet.com.com/2100-1104-965957.html)

I'm interested in hearing your ideas on how to make a truly unbreakable encryption algorithim.

[Yoni]

Quantum cryptography is indeed unbreakable.
It's basically the same one-time pad encryption that was used centuries ago, with a twist: The one-time pad is generated using quantum mechanics.

Read the book The Code Book by Simon Singh, it is an excellent read.

[Maddox]

In theory, every encryption can be broken (brute-forced) weather or not it is feasible to bruteforce a 1024-bit key is not the question at hand. Recently, advancements in Cryptography were made using light photons to create an unbreakable encryption, unless of course, you can break the laws of physics. (http://zdnet.com.com/2100-1104-965957.html)

I'm interested in hearing your ideas on how to make a truly unbreakable encryption algorithim.

That's true, encryption doesn't depend on the weather.

[Noodlez]

Quantum cryptography is indeed unbreakable.
It's basically the same one-time pad encryption that was used centuries ago, with a twist: The one-time pad is generated using quantum mechanics.

Read the book The Code Book by Simon Singh, it is an excellent read.

Actually, I'm reading it right now ^^. You should read Malicious Cryptography: Exposing Cryptovirology by Drm Adam L. Young and Dr. Moti Yung.

[Adron]

Recently, advancements in Cryptography were made using light photons to create an unbreakable encryption, unless of course, you can break the laws of physics. (http://zdnet.com.com/2100-1104-965957.html)

That doesn't seem true.

What they seem to be doing is use something similar to spread spectrum modulation where you modulate a signal so that it's lower than the noise level, until you apply a filter to it where the filter is the "key". That's still brute forceable, all you need is some equipment that can record the transmission including all noise.

What they also claim is making it impossible to eavesdrop. At the same time they are working on allowing the signal to be passed through optical amplifiers without getting destroyed. If this is possible, some eavesdropper should be able to insert an optical amplifier into the line and tap off some information. It might be possible to always detect an eavesdropper *inserting* himself since he'll have to break the line when doing that, but that could be taken for a random disruption or noise.

edit:

Some more points: Their thing can only protect data that is being transmitted on a particular transmission line. It can't be used to protect stored data. I think protecting stored data is a bigger problem.

Their thing can only protect data that is being transmitted along a particular path; the data lacks protection in the switch/router/whatever endpoint. It can't protect data end to end unless there is a dedicated line the whole way. This means that you can't use it for any type of dialup or non-permanently connected communication.

[herzog_zwei]

The encryption itself may be unbreakable and secure,  but as Adron pointed out, other parts of it isn't.  It'd be easier to tap it before it is encrypted or after it is decrypted.  You could also try to hack into the computers that sends/receives the messages, social engineer the couriers that give messages to be sent/received to the operators, look through the trash to try to find the hardcopy of that message, break in and steal the keys, etc.

What they seem to be doing is use something similar to spread spectrum modulation where you modulate a signal so that it's lower than the noise level, until you apply a filter to it where the filter is the "key". That's still brute forceable, all you need is some equipment that can record the transmission including all noise.

That was my initial thought but I think what they mean is that there is no known equipment that can record the transmission perfectly w/o knowing the right energy levels to look at.  So for each message, you'd only be able to try out a small number of keys before the signals disappear.  If only one key was ever used, eventually you'll be able to brute force the key but you would only be able to read future messages, not past ones.

[mynameistmp]

Quantum cryptography is indeed unbreakable.

Singh also mentions that with quantum encryption comes quantum decryption.

[Yoni]

But you use quantum decryption to decrypt worthless ciphers such as RSA, not quantum encryption...

[Telos]

Though if you read the information regarding quantum computing (the idea that all possible paths would be evaluated simultaneously in different quantum states) it would certainly seem as though quantum decryption could brute force quantum encryption as easily as any other cipher

[Yoni]

As quantum encryption involves generating a one-time pad, it cannot be brute-forced (at all).

[Adron]

Generating a one-time pad? But that's useless encryption! Then you have to share the pad secretly?

[K]

Generating a one-time pad? But that's useless encryption! Then you have to share the pad secretly?

There's a way to do this securely just like the Diffie-Hellman Key Exchange without the possibility of a man-in-the-middle attack.  Unfortunantly, I cannot explain it because I don't remember it completely.  It has something to do with measuring the quantum (rotation?) of particles.

Edit:
 Note that it is unlike Diffie-Hellman in that the security is not through a computationally infeasable attribute; rather an evesdropper would have only once chance to intercept the particle and if he guessed wrong about which method to use to measure, not only would he not be able to figure out the key, but he will alter the rotation and alert the two parties to the fact that someone is attempting to listen.

[Adron]

But if you're passing a particle from one end of the world to the other, there will be so many disturbances along the way that you can't expect more than say 10% of the particles to make it there "alive".

This means that there must be automatic retransmissions and that an attacker easily can do many tests on each particle, especially if the attacker is situated close to the particle source where a larger percentage will be available.

[K]

But if you're passing a particle from one end of the world to the other, there will be so many disturbances along the way that you can't expect more than say 10% of the particles to make it there "alive".

This means that there must be automatic retransmissions and that an attacker easily can do many tests on each particle, especially if the attacker is situated close to the particle source where a larger percentage will be available.

IIRC the key is not determined before hand and transmitted; it works something like this, so instead of retransmissions, you could simply send a different particle:
Alice sends Bob N number of spinning particles
Bob guesses whether they are spinning horizontally/vertically or along a diagonal and measures them with either a HZ field or a diagonal one to determine the direction.  After a certain number of particles are sent, Alice reveals to Bob which field he should have used to measure each particle; only the ones he measured correctly are used in generating the one time pad.

Edit: I can't comment about the practical details of transmission; as far as I know this is all theory.  When it's implemented we'll see how reliable the transmission is.  

[Adron]

Ahwell, I still think the practical details of the transmission is what makes this unusable. And if in this case Bob is measuring X particles randomly, what's to stop an attacker from doing the same...