Import remark: we still are not sure about P being different from NP, not to mention if breaking specific cryptosystems is in fact hard problem or not.
@@malekmannai9445 Certainly some people know how some "hard problems" can be solved easily. Like the NSA messing with the crypto standards around ellipctic curves, making it easier to decrypt cipher texts encrypted by them. At least to those who know the weaknesses. Which would be the NSA and certainly a bunch of others.
@@NeinStein "Certainly some people know how some "hard problems" can be solved easily". By "hard problems" I mean NP-hard problem which are at least NP-complete. If any hard problem is easily solved, that means P=NP and no crypto-system will ever be efficient.
you just discredited your entire video with the ScamVPN shilling. They definitely keep logs and are not transparent about security issues, and when they get called out 2 years later they shift the blame to someone else. watch The Hated One's recent video on why VPN's are worthless for privacy.
Great video, thank you for the explanation! One thing to note is that quantum key distribution (QKD) is not safe and does not offer any security from Eve in its current form. The problem with QKD by itself is that Eve (misleading as she is not a passive eavesdropper but rather an active participant; Mallory would be the more appropriate name for an active, malicious attacker) can perform an active man (person!) in the middle attack (MITMA). If she pretends to be Bob and measures every bit, and also receives the information on the directions, she recovers Alice's entire key. It's true it would be difficult for Eve to cause Bob to receive the same key, but that's not necessary. Eve can generate an entirely new key and send it to Bob, pretending to be Alice, and then send her own directions for the new key to Bob. Now Alice-Eve have a key and Eve-Bob have a different key. When Alice encrypts a message, Eve can intercept it and decrypt it with Alice's key, then re-encrypt with Bob's key and send to Bob, and vice-versa. Both sides will have entirely different keys yet believe they are talking to the other party because there is no way to authenticate the other party. It was noted that Alice and Bob can communicate across a separate channel for some information, however if the dependence of the security is through a separate channel that is guaranteed to be authenticated (you know for a fact you're communicating with the other party), you would already have needed to establish a key with the person to ensure that guarantee! If you simply sent it over yet another unencrypted channel, there is no reason it could not be intercepted and thus continue to perform the MITMA. The video was a great explanation however, thank you!
Thanks for this comment. I had an inkling that something like this could be done, but your comment explained it very well. In practice though, the fact that the second channel can be unencrypted (public) makes it much harder to run a MITMA, no? The attacker would have to show both parties different results to a publically queryable server. And you can add a couple of redundant channels for verification. That would require the attacker have complete control of one party's computer or internet connection and the ability to intercept and change packets on the fly from any number of sources in any number of formats. An approach not unlike multi-factor authentication should make this kind of attack impractical in the extreme. Especially since it has to be done in real-time.
You're right it's not secure. Besides the authentication problem you mentioned, another issue is it's very difficult to engineer it so that the whole system has a (provable) "security reduction" to its quantum properties. The NSA wrote an essay a number of years ago warning people in industry not to trust it and outlined 5 major problems with it. Regarding engineering, they said the following: "The actual security provided by a QKD system is not the theoretical unconditional security from the laws of physics (as modeled and often suggested), but rather the more limited security that can be achieved by hardware and engineering designs. The tolerance for error in cryptographic security, however, is many orders of magnitude smaller than in most physical engineering scenarios making it very difficult to validate. The specific hardware used to perform QKD can introduce vulnerabilities, resulting in several well-publicized attacks on commercial QKD systems." In other words, it is very difficult to design a QKD system that its designers can prove is doing only what it is supposed to be doing.
She is into charlatanism as heck. There's no such thing as quantum cryptography. They will use your brain and cyber attack people as much as they please. Those people are a deep well of intellectual dishonesty. Don't let them fool you. They don't have any fine mathematician in their projects. This woman is deep into falsehood like other workers at big tech giants. This woman is just one more lost soul worried about her silhouette, that is the digital model of her mind. This would make a mathematician laugh , if he/she did not know those people are committing crimes against humanity. There must be a military court to judge their crimes and this is urgent. They are killing and torturing lots of people worldwide including children. Julian Assange did not have the opportunity to see this and now he is in Belmarsh being tortured by Flat Earth people like this woman here. Had he the opportunity to see what those people are doing he would not have the chance to blow his whistle on those crimes. They are worse than those videos of war crimes in Iraq he exposed on his site.
@@monicamir She is lying about physics. WHY E=MC2 IS NECESSARILY AND CLEARLY F=MA ON BALANCE: Energy has/involves GRAVITY, AND ENERGY has/involves inertia/INERTIAL RESISTANCE. C4 is the proof of the fact that E=mc2 IS F=ma ON BALANCE. This explains the fourth dimension. TIME is NECESSARILY possible/potential AND actual IN BALANCE, AS E=MC2 IS F=MA ON BALANCE; AS ELECTROMAGNETISM/energy is gravity !!! The stars AND PLANETS are POINTS in the night sky. E=MC2 IS F=ma. ("Mass"/ENERGY IS GRAVITY. ELECTROMAGNETISM/energy is gravity.) The EARTH/ground AND what is THE SUN are CLEARLY (on balance) E=MC2 AS F=ma. TIME dilation ULTIMATELY proves ON BALANCE that E=MC2 IS F=ma IN BALANCE, AS ELECTROMAGNETISM/energy is gravity !!! (Gravity IS ELECTROMAGNETISM/energy.) The sky is blue, AND THE EARTH is ALSO BLUE. The stars AND PLANETS are POINTS in the night sky. E=MC2 IS F=ma ON BALANCE. Great !!! This NECESSARILY represents, INVOLVES, AND DESCRIBES what is possible/potential AND actual IN BALANCE, AS ELECTROMAGNETISM/energy is gravity. GRAVITATIONAL force/ENERGY IS proportional to (or BALANCED with/as) inertia/INERTIAL RESISTANCE, AS E=MC2 IS F=ma; AS ELECTROMAGNETISM/ENERGY IS GRAVITY. Gravity/acceleration involves BALANCED inertia/INERTIAL RESISTANCE, AS E=MC2 IS F=ma ON BALANCE; AS ELECTROMAGNETISM/energy is gravity !!! It all CLEARLY makes perfect sense. BALANCE AND completeness go hand in hand. By Frank DiMeglio
@Jeffrey Christopher Not any encryption scheme, Sabine even says in the video that there are schemes which currently are believed to be secure against quantum computers. Quantum computers aren't supercomputers on steroids, they just happen to get significant computational advantage on tasks they can use entangled bits to their advantage.
@Jeffrey Christopher I must admit that I'm just a former physics student, but in one course we were introduced to quantum computing. You can't just take classical algorithm (even fully parallelizable one), give it to quantum computer and expect it to run faster. That's not how qubits work, although it's a common misconception. You need to work within limitations of quantum physics, i.e. what entanglement allows you to achieve. In addition, you need to take stability of your algorithm into account for practical implementations -- for example, Shor's algorithm for factorising numbers is unstable, thus unreliable for large numbers unless quantum computer can be made robust against noise and decoherence. To be clear, I'm not saying that quantum computing isn't a threat to security. It is, but cryptography is not doomed because of that.
@Jeffrey Christopher I haven't heard of such encryption before, interesting! I this can't say anything about such encryption, unfortunately. Nevertheless, quantum computers will most likely be used together with classical computers in most commercial applications. Before we get any quantum computing units into our computer chips, all the quantum computing will take place remotely, as keeping quantum computers stable with current technology need near absolute zero temperatures. However, in mateial research quantum computers will be very valuable. It has been estimated that 100 qubits is enough to surpass current supercomputers in stimulating fermionic and bosonic interactions.
@@tetraedri_1834 Yep good point on Shor's, it's eye-opening to say there might be more algorithms out there, but they prove elusive to find. Shor's is like 20+ years old now and we still have not made much headway in that domain. It will be interesting to see if we can find some better tricks utilising quantum logic but it's proving hard. It might not even happen at all. The whole argument rests on Shor's and a small scale factorisation test that proved it can work on a real quantum computer. Regardless, it's a risk that is real and measurable. In the end of the day, the affected technologies are key distribution (discrete log stuff) but OTP such as AES @ 192 bits is pretty much bulletproof even with a reliable QC and Grovers Alg.
I thought that comment a little surprising because I don’t think the naming convention was created by physicists? I thought it was, well, cryptographers. But maybe early crypto papers were written by people who were also physicists?
Dear Sabine, since I am a fan of your channel, I get really interested in physics (which was really not my subject at school, decades ago). Your way to explain is outstanding and keeps the interest of the viewer to the last minute either. This new video is although very informative and shows clear, that progress in science is still an interesting part, even in daily life.
Your English is much clearer than most natives. I'm a bilingual with English not being my "native tongue", and yours is just fine, Dr Sabine. Also, great work, thanks a lot!
My favourite science communicator! Sabine, you are just amazing, and subscribing for your videos was one of the best things I have ever done on UA-cam!
Sabine, I am so old that to me English spoken with a German accent by a scientist is considered more reliable than pure American or British English. Given the current standing of rationality in the US and the UK, I am modern again.
Sabine - thanks as usual for a clear presentation. Maybe you do this already somewhere - but it would be really useful to have the transcripts of your talks available with each video. So we could read, pause, think, read some more, scribble on paper, and come to a deeper understanding. And maybe note a question or two! Thanks.
Very concise and excellent description of quantum principles applied to cryptography. Years ago, I wrote and sold VPNs and offered multiple encryption protocols that could be selected and combined on each connection. The products were rock solid and clients could add their own protocols. All open source. The only problem was a three letter government agency audited the work and insisted that it be modified. The required modifications were not intended to make the product more secure. Given the choice, I stopped selling the products. Likewise, other products and systems I have built for major telecom companies have been required to comply with the ‘lawful intercept’ program. Sincerely, I hope that one day we can sell actual secure encryption services. That said, it is unlikely that quantum computers will be effective for breaking cyphers given superencypherment and utilization of multiple large keys that change during communication means it’s much simpler to hack the endpoint and collect the cleartext.
@@cq33xx58 Then perhaps you should work on your English writing grammar to bring it to a level of competence that can be read with understanding, rather than have to work around your many errors. Or I can also tell you not to worry about it. The flaws are intriguing to decipher.
@@cq33xx58 Okay, I accept you use a translator to conduct your conversations and we are left with errors in translation that make your meaning somewhat unclear. Yet you criticize any acceptance of Dr. Hossenfelder's imprecisely English pronunciation of some words as being a "crap" attitude, although she can hold concise conversations with some of the best minds alive in a non-native language. I don't normally argue with off-the-cuff hatefulness, but your comment was a response to mine, so I felt compelled to engage in this instance. Nevertheless, I accept your explanation and accept that your responses are altered by a translation program, and I will no longer respond. Please be well.
I've been catching up on all your videos Sabine. I just love them, no-nonsense and easy to understand (Well almost) but my math is definitely getting better. You have truly a great mind so please keep them coming. Do you do Lectures or have a website, I'd love to see you lecture down here in Australia. I see by all the comments that everyone is enamored by your skill just like me.
I predict that the public internet will switch to quantum cryptography as swiftly as it switched from ipv4 to ipv6. And by "swiftly" I mean "glacially". Like a glacier on Pluto.
It's kinda worse than that, IPv4 to IPv6 "just" requires a change in software, while QKD requires entirely new hardware infrastructure. Also, as long as large quantum computers aren't around the corner, AND classical post-quantum algorithms don't fail utterly, I don't see the real incentive for adopting QKD.
The hardware will be expensive at first so the first adopters most likely would be intelligence agencies and the military for security reasons, and later on other government agencies or departments would follow for the same reasons, big corporations, industries, Banks and Wall Street, would be next adopters. Security is a big issue and motivator, just like Y2K nobody will like to be at the end of an unsecure network
@@nibblrrr7124 in many cases you have also to upgrade the hardware if you want support for ipv6 , because their version of OS is not maintained any more
@@dejabu24 Okay, but buying a new router & plugging that into the wall is still easier & fixable for an individual, compared to laying new cables for a second internet. (Not sure how useful existing fibre-optic lines are, esp. if you don't want to blindly trust every routing station on the way.)
One-time pad based encryption is unbreakable by definition (safe against quantum too) , but it is impractical because the encryption key (the one-time pad) has to be as long as the message to encrypt. It is feasible for short messages.
I love this video. And, as a pragmatist of the Richard Rortyian flavor, I look at cryptography not as a problem, by saying there are no problems, but rather only more and more interesting ways to describe and redescribe our events. I love this video because my pragmatism I follow and trust keeps me seeking hope in place of knowledge. Sending and receiving messages is not in my case about searching for knowledge of this or that, but a searching for hope, a hope which I have learned should be open to all. Therefore, communication and conversations for me represent a seeking not of information of knowledge to pass on and collect, but one instead of hope to gain, since hope is better even than knowledge to possess, and send.
That was single handedly the best transition to a sponsorship ever. Also the way you explain the benefits and features of nord VPN actually made me think about buying it. Sabina not only are you an amazing scientist and educator, your sales skills are a solid 10 as well. Please do not be hard on your english either. You have an accent yes. Your english is not broken by any means and you are very easy to understand. Plus I have always a german accent to be rather intimidating so I shut up and listen more. Thank you for the laugh first thing in the morning. My perception about how today is going to go has spin in the optimistic direction. Stay safe and healthy!
Before you buy, note that *while the video suggests otherwise, NordVPN doesn't protect you from attacks by quantum computers* (and those are at least decades away from cracking practical encryption, anway). Sabine even makes a factual error at 11:30 - NordVPN does in fact rely on asymmetric/public-key cryptography just as much as anything on the internet, and would be just as vulnerable as just using websites with HTTPS (the lock icon thingy). And again, quantum computers are not a threat to your security anytime soon. *VPNs are useful only for very particular cases* - mostly, circumventing copyright restrictions (watching Netflix from another country, or not getting caught torrenting). Your online banking, browsing, or messages are already perfectly secured with HTTPS - VPNs just reroute your traffic (and this gain access to your entire browsing history), and add another unnecessary layer of encryption, which doesn't give you any more security against hackers or government agencies. If you worry about your ISP/company/government tracking which websites you visit, using Tor Browser (which is free) is likely the better solution than a VPN. Tom Scott has a great introductory video on the issues with VPN marketing; for more in-depth information see Wolfgang's Channel, or The Hated One.
Up to now I never found the -- pun alert -- key to understanding quantum cryptography. After a decade or so this video finally helped me understand all the -- pun alert -- key points!
Sabine, your brain is so very amazing. Every video you make just blows me away. I would love to be able to think so well. Please keep doing your amazing work. 👍🙂
We native English speakers know we are done for since German speakers are good enough at English to make light of German speakers speaking English. I remember a skit on ARD or somewhere in which native German speakers were doing an English broadcast that had a crazy amount of th's in it. As the reports they read kept getting more th's, the announcers started sweating and pulling at their collars. I suppose for English speakers it would be like trying to say, "Die bösen Brüder sind dort drüben."
Sabine, Enjoyed your lecture on quantum cryptography. Appreciated the conservation of information technique by only encrypting the keys. Yes, I understand that everything was encrypted, but with only one key pair. Back in the 90's Scientific American published an article on quantum cryptography as an information utility. An encrypted data stream was available , like water or electricity. You could add your information to the stream and it would become an encrypted layer in the stream. When it reach the recipient, that layer would be peeled off and decrypted from the stream. This was before block chain cryptography was developed, but it had some similarities to the technique. P.S. Du hast schöne Augen.
I don't do any online banking because I think at some level your activities on a computer can be monitored. I try to mostly use cash and only use my card at the bank so there is no digital traces of the card numbers. Also I like to move my money out of the card accounts to other locations or certificates. But I think you are good making your own encryption system, and even encapsulating a known one. I always thought it would be funny to interject like 200% white noise into a file in an expected manner (increasing the size of the file) and watch someone try to make sense of it.
AES is never a substitute for RSA as mentioned in the NordVPN spot, and it sounds like marketing nonsense from NordVPN. AES is a fast symmetric encryption algorithm used by nearly all encrypted communications. RSA is one of the asymmetric encryption algorithms that can only be used for secure key exchange. You cannot use it for bulk encryption because it's about a million times slower than AES.
@@danstar455 That is basically how all SSL and TLS communications work. But when security companies like NordVPN advertise they substitute AES for RSA, it tells me they haven't a clue about security.
Alice, Bob, Carol, Eve, Trent, and Mallory are all inventions of cryptographers and computer scientists, not physicists. Eve is an eavesdropper, Trent is a trusted third party, and Mallory is someone who's trying to maliciously interfere, often by changing the message in some way.
Hossenfelder never says physicists invented the use of those names, if making that correction was your point. At 6:00 she says, "When physicists talk about information transfer, they like to give names to senders & receivers ..." and proceeds to explain the ideas for a quantum key. They give the names that are commonly given, obviously. I call a watt a watt, not a vamp or ampolt. For the record according to my limited lookup, there are upwards of 30 placeholders names in common use in cryptography with more than one for some roles. This makes sense because the names are not significant, except that they sound appropriate.
@@johnsmith1474 - She also calls Eve "physicist humor". The strong implication is that physicists invented these names. And it doesn't surprise me that there are more placeholder names. I gave that list from memory. I should've added a disclaimer that my list is likely not comprehensive. It rankled me that cryptographers and computer scientists weren't even mentioned. Neither Whitfield Diffie nor Martin Hellman are physicists. I don't think any of the inventors of RSA are either. Quantum cryptography is one of those interesting areas where physics and cryptography overlap. And it's a subset of the overlap between information theory (another computer science discipline) and physics that's produced a number of interesting ideas and hypothesis. It brings me back to the time I did some work in a research lab and was surrounded by physicists who thought computer science was largely pointless while they made extensive use of its fruits.
@@Omnifarious0 I'd see it the other way: the logic and importance of these people make them not only cryptographers or mathematicians, but also honorary physicists. When you are clearly an auto mechanic and someone calls you a pianist after hearing you play, it is a huge compliment, not a detraction from pianists or auto mechanics.
@@joshuacoppersmith - I disagree vehemently with your notion of hierarchy among the sciences. They are all very valuable in their separate ways. I would be offended to be considered an 'honorary physicist' because of some accomplishment I made in my field of choice. I'm not a physicist, and I have no desire to become one even though I have a lot of respect for the accomplishments of physicists.
@@Omnifarious0 I would disagree with a hierarchy, too. If a computer scientist called Sabine a computer scientist, that would likewise be a great compliment to her. In my mind the auto mechanic and the pianist were equals. But I guess we are just different personalities about feeling honored to be called part of another field. I for one would be overjoyed to be called a mathematician because of work I did in cyberlinguistics. If nothing else, consider people like Claude Shannon. Would he mind being called a computer scientist? He wasn't one by training...
I'm quite upset at myself right now for all those wasted opportunities I could have used to communicate how RSA encryption works when tutoring students about why one-to-one invertible functions in mathematics are very nice to have.
(1) public keys can decrypt messages encrypted with private keys. This serves to verify digitally signed messages. (2) It would have been immensely helpful to include the reason these algorithms are irreversible is that they use modulus arithmetic allowing the discarding of useful information to reverse the process.
Sabine, your English is better than most native speakers of it, so cross that off your list of "Things to Worry About". The ideas are what is important and you are a damn fine communicator of them. Even though I lived in Germany for a couple of years, I hang my head in shame at how feeble were my attempts in conveying nuance and humor.
Quantum cryptography is the use of quantum mechanical properties to enable secure communication. The principles involved are similar to those used by quantum key distribution, which can be used both for encryption and decryption purposes. Quantum key distribution (QKD) is a technique for secure communication using quantum mechanics. The method ensures the authenticity of a message and the privacy of information, preventing eavesdropping. A quantum channel cannot be copied without being destroyed, and the act of observation will change the observed system. The sender and receiver can communicate using a shared random sequence (such as an encryption key) that is used to encode messages. A sender uses a one-time pad with the receiver, which is secure in that any eavesdropper (including you and me) will find it impossible to recover the message being sent. A cryptographic method invented by Claude Shannon in the 1940s, based on information theory. It is used for secure communication in cryptography. Shannon entropy is a measure of the uncertainty associated with a random variable. In quantum mechanics, it quantifies the amount of information that an observer has about one possible outcome from an ensemble.
The public key is usually only used initially to exchange a randomly generated symmetric key. From that point on a symmetric algorithm is used as they are much faster.
Was talking about outcomes. If you give the person 1 and then you know person 1 has 1 then person 2 needs to make the choice to play knowing they will win if person is uses the information or outcome. Then person 2 playing can either take outcome if info is used or not. Information can be integer to >=1(info). This can then be interesting for outcomes and probability. Primes to gcd. Information. This case spins.
I think you got some of the details wrong. Probably to simplify, but just in case: 1. First of all, spins go opposite from one another. That means if Bob found that a particle is spin up, he should assume a spin down particle at Alice measurement. This is one thing I'm pretty sure you know. 2. While spin is very popular when we try to show EPR paradoxes, Quantum encryption in the real world uses photon polarization as a measurement with quantum properties in the real world. It's just much easier to keep polarization stable, in long distances, and if it's not a long distance, why would you use encryption? 3. While this method is powerful and interesting to look at, it cannot replace RSA. It can replace diffie hellman protocol, which is not a Public key scheme. It is a way for 2 distant participants to exchange private keys. and... 4. This is not a practical solution for the internet. If I wanted to use this on youtube, for example, I'd have to put an optic fiber from my place to youtube. If I won't do that, I can't imagine how I can keep a photon polarition state, without reading it. However, lets imaging that we created this smart router, that can transfer a photon state without measurement, this will not help us because... 5. This method does not solve the authentication problem. This is the big one. Encryption is designed to solve several problems. Keeping secrets is one, but there are several others, and one is authentication. Imagine I used this method, and Eve decided that she wanted to hear this conversation. She's just go several meters from her and Bob's house, dig in, and put a device on the fiber. When the message comes from Alice, she's do the measurements, and keep the results to herself, while sending her own photons to Bob, pretending to be Alice. After that she'd have 2 keys: Alice to Eve key, and Eve to Bob key. None of them will ever know the've been hacked. As I said, this method replaces Diffie Helman protocol, that has the exact same problem. So how is it solved in the internet? Using RSA, that while it can be used to encrypt, his more important role is providing a signing scheme. However, as you said, RSA is not Quantom safe. There are sevral solution for this, but none emerged as an internet standard at the moment.
@@anderstopansson I'd say it's more like a war veteran watching war _documentaries_ to refresh one's own memory as well as ensure that the producers got the facts right. Like my Ph.D. uncle-he didn't _have_ to watch kids' science shows with me, but sometimes when he did, he would point out all the mistakes the presenters were making. But when watching sci-fi movies, he said nothing-even I knew those were fictional.
Out of all her videos so far, I've only heard Sabine say one stupid thing: "fix my broken English." What??? Her English is better than most native speakers!
Up until now afaik quantum encryption has limited application, at least for normal people. The reason is that it has a pretty niche application. So it is mostly used with fiber optics. However every repeater is effectively Alice and Bob. So for a potential attacker it means that instead of splicing into a fiberoptic at any arbitrary point you would need to get the signal at the repeater. So yes this is useful for undersea lines, haven't heard much use for it otherwise though. Haven't looked into it much recently though so maybe that has changed.
The public key can be used to decrypt or encrypt, depending on the usage model. Pgp for example uses he public key to encrypt, so that only the private key holder can decrypt it. Other uses are the opposite. I.e. use the private key to encrypt and then anyone with the public key can decrypt it.
I’m interested in the algorithms intended to be used for post-quantum cryptography. Because they won’t require sending quantum states down optical fibres. No need to go for a quantum sharing of keys if a standard public and private key system still works, you just need to change the algorithm used to generate them away from a simple factorisation.
Exactly. Post-quantum cryptography (PQC) is probably the way to go, as it doesn't require building a second internet that often isn't even as secure or useful as our current pre-quantum-cryptanalysis internet. (Or is there a way to do routing without trusting the router? Wireless QKD?) AFAIU the reason currently no one uses the existing PQC algorithms yet in practice is that they currently require larger keys (thus more internet bandwith) and/or more processing power (thus draining phone batteries faster), and they're not as well-researched & tested as e.g. good old RSA or DH - I don't know how confident cryptographers are that e.g. are resistant against mere classical computers that actually already exist today. It's good people actually already put effort into researching it, long before quantum attacks will become practical (if ever).
Quantum sharing of keys does _nothing_ to protect communication if I have a general purpose quantum computer: I simply do a brute force attack on the message which completes in polynomial time since that is what my quantum computer can do. Furthermore, the vast majority of computer theft isn't even message interception and decryption; it takes place on the end host which secure communications does nothing to address.
@@drrtfm You can't. QCs cannot solve arbitrary problems in polynomial time by brute force - they don't make (BQ)P=NP or "try every solution at once". Shor's algorithm can only crack certain asymmetric encryption methods (e.g. RSA, DH, ECC), but it doesn't work on symmetric encryption (e.g. AES). You can use Grover's algorithm to reduce the amount of time needed to crack AES by a square root, but that still leaves it exponential - and even this can be completely nullified by just doubling the key size. As for where most computer crime happens, I'd love to have hard numbers, but surely part of the reason why interception & decryption isn't done more often is that public-key encryption & authentication currently works so well. Compromising endpoints is infeasible e.g. for dragnet mass surveillance. And breaking RSA (without a post-quantum replacement) would mean e.g. breaking certificate authorities and HTTPS, making MITM attacks or phishing attacks much easier.
@@nibblrrr7124 I believe you are making some rather specific assumptions about what QC can and cannot do and that the jury is still very much out on whether or not a GPQC could render NP problems solvable in time P (after all, they are verifiable in P time, so "all" you have to do is simultaneously generate all possible solutions and run a verification against that; for a problem of size N, a GPQC of size kN should presumably be able to do such a simultaneous generation and verification. That said, I'm not going to claim to know much about QCs (and generally am rather skeptical about the likelihood of the actual creation of a GPQC.). Regarding interception vs. endpoint breakage: thieves go for the end points since they are largely interested in things like credit card information and it is much, much more efficient to go after the repository than to troll through vast quantities of social media drek hoping to find that information. Governments are the ones who do mass surveillance and yes, they will do it through MitM attack not because endpoint attack is infeasible but because it is more expensive and unnecessary if you can just grab the stuff in the middle and drek through it all. Quantum Crypto is largely irrelevant to this purpose since QCrypto is about protecting on the wire (well, fibre) but not on the router; further, the basis for things like HTTPS is PKI, which is trivially attackable via on-the-fly certificate generation using a MitM. Phishing is a whole different level and is largely done by low-level thieves (why go after individuals when you can go after the whole repo?) and targets less sophisticated individuals who don't bother things such as the fact that the link they are following is not the link that the message they received says they are following ....
@@anderstopansson Sabine is part of MSM media but works as an MSM BS detector ... Then, Her "low profiled" underground media outcomes disturb the signal to noise ratios in The MSM System ...
@@anderstopansson AM is conformed by dudes like Garret Lissi, Alain Connes or Mochizuki... Sabine is already well-rooted in The Academic Discourse but playing in its peripheral boundaries ... Yet at Academia Peripheral Park doing funny acrobatics with her skateboard ... while Witten is doing some farts with his Rolls Royce ...
Of course there are several issues with Quantum Key Distribution. While it does a good job protecting the key, the actual symmetric encryption used after the key exchange could still be vulnerable. Another problem is that the quantum key exchange can't pass over the standard network. Lastly, while it is true that the key cannot be intercepted, it is possible for Alice to send a key to Eve when she believes she is sending to Bob. There is nothing in the system that guarantees who is at the far end.
I have a few comments: 0:32 : This is inaccurate- Secure network communication (HTTPS ) makes usage of the "Transport Layer Security", also known as TLS. This protocol indeed makes usage of asymmetric primitives such as RSA or ECC in order to establish a key session, similarly to how you described the usage of BB84. Once this key is established, a symmetric cipher (AES) is then used in order to both encrypt and authenticate the communication. This means that protocols that presently being used online are mostly hybrid protocols that makes usage of the advantages of both asymmetric and symmetric cryptography. 10:04 : You could mention that this key can then be used as a one-time pad or as a session key for symmetric primitives. 11:27 : HTTPS is the one keeping you safe while you browse the internet. NordVPN is only used to add an extra (unnecessary) layer of encryption on the public data of your browsing between you and the VPN's server. This means that NordVPN can still keep track of your browsing habits, and that they are not entirely anonymous either once they leave their server. 11:30 : It most definitely rely on a key exchange protocol to be able to use AES - They even state it in their FAQ: "The ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys." I don't know if you rushed this video or you omitted all of this to make the sponsor look more appealing but you are spreading misinformation regarding cybersecurity and cryptography in general. EDIT: Sources: en.wikipedia.org/wiki/HTTPS en.wikipedia.org/wiki/Transport_Layer_Security en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange nordvpn.com/faq/
@Ed T I am just pointing it out. You are welcome to educate yourself in the subject. You can also watch this video by Tom Scott : ua-cam.com/video/WVDQEoe6ZWY/v-deo.html
These are valid points, but I thought the level of simplification was mostly okay for the length & depth of this video? Like, yes, TLS also involves symmetric encryption, but if the key exchange is vulnerable to quantum attacks (one of the main topics of this video), then the whole system is - just like if everything was public-key, like e.g. PGP-encrypted e-mails. But yeah, ofc VPN marketing mostly relies on at best somewhat misleading information, and the only really sensible use case for them (as opposed to just HTTPS, or Tor) is circumventing copyright law... maybe I'm a bit numb at this point.
Oh wait, you're right, 11:30 is actually just wrong, and _highly_ misleading in the context of the video. NordVPN is totally just as vulnerable to hypothetical quantum attacks as regular HTTPS.
@@nibblrrr7124 That I agree, but then the VPN is also vulnerable to this. To me it looks like the video was made in a way to convince the viewer that asymmetric = BAD, symmetric= GOOD use nordvpn because it uses AES.
In watching such videos, it must always be kept in mind that it is an ad, that necessarily uses low level emotions like fear. There is no danger that a code be broken by a quantum computer, even in a near future, notwithstanding the present tense.
Great overview of cryptography and the potential impact of quantum crypto. I don't think most folks realize quantum computing is not a panacea, there is a limited set of problems it is able to solve quickly. Unfortunately for personal privacy traditional cryptography is one of the areas at risk of compromise from quantum crypto.
*quantum cryptanalysis (breaking an important subset of classical cryptography using algorithms that can only run efficiently on quantum computers) 🤓 Quantum crypto(graphy) would be _securing_ information using quantum effects. And (to my very limited understanding) that doesn't really involve general quantum computers of the kind on which you would run Shor's algorithm for quantum cryptanalysis, Grover's algorithm for database search, or physics simulations - see QKD. Totally agree on the hyped misunderstanding of quantum computers just being better computers, or even making P=NP or whatever, though!
But how do you exchange quantum key over the air? Or fiber optics? Single photons? Actually yes, and no: right now pulsed laser beam with zero to a few photons can be sent on a fiber optic cable... However this could allow Eve to split the beam and collect and measure a spare photon in the beam. A more advanced protocol includes an empty spot in the photon stream whereby Eve cannot determine if the empty spot part of the transmission or a random feature... Single photon transmission is more difficult to achieve outside labs but progress is being made.
Public Key Crypto depends on the assumption that P =/= NP (meaning that there are mathematical problems with sollutions algorithmically easy to check but hard to find).
S --- At 7m47s you said that if A sends a particle with spin "up or down" ... and at 7m51s you said that if B measures the spin in the "vertical" direction, he just gets left-or-right with a 50% probability. -- But is this correct ? ( -- *Terrific* Video, thank you).
Love your videos, Sabine, but Nord VPN and shared AES not using RSA it utter rubbish.Never use the same AES key for more than one transmission and always distribute symmetric keys using asymmetry cryptography. It's basic stuff.
But randomness of those bits are still a big question because our computers use pseudo-random numbers and it's possible in theory to predict them by math.
Not really. Basically everyone in the field is confident that properly implemented pseudo-randomness generators (CSPRNGs) are perfectly fine. The problem isn't "predicting them by math" - essentially the same assumptions that lead us to believe you can't predict the keys from looking at the transmissions (before the universe ends), are also those behind that how you encrypt data with the keys can't be reversed, regardless of how the keys were picked. Meaning, if CSPRNGs can be broken, so can any practical encryption. (One-time pads aren't practical.) Attacks on CSPRNGs - unless there is a fatal bug in the implementation - are usually based on sniffing the seed values - which are often generated from things like hardware access times, local clocks, user input... - and if you have access to the device, or it is badly implemented (e.g. assuming it uses slow HDDs when in fact it uses SSDs), then there are ways to predict parts of the key, weakening security. To nip such implementation bugs in the bud, you _can_ buy hardware true random number generators (TRNGs) that use physical (often directly quantum mechanical) effects to generate the keys - but those are usually overkill, and there are dozens of more important security-relevant aspects to any system. And if someone hacks the endpoint, it would still be game over - those precious truly random bytes have to be stored in memory somewhere, and so does the plaintext message you want to encrypt.
The usual problem with encryption is not one of interception, since the fact that encryption systems are being used _pre-suppposes_ that the messages are, in fact, being intercepted. Rather, the problem is one of the messages being decipherable/understandable by the bad actor. Given this distinction, wouldn't a router just "intercepting" (i.e. reading) a packet, so that it knows if/what/where to send it to, enough to make Alice and Bob think their messages have been compromised (i.e. deciphered) due to the no cloning theorem?
www.sciencenews.org/article/quantum-video-chat-links-scientists-two-different-continents To secure the communication, a Chinese satellite distributed a quantum key, a secret string of numbers used to encrypt the video transmission ...... Using a technique known as quantum key distribution, scientists share secret strings of numbers while ensuring that no eavesdroppers can intercept the code undetected. Those quantum keys are then used to encrypt information sent via traditional internet connections. Decoding the transmission requires the same key used for encryption, foiling would-be snoops.
@@mallxs My beef is with the use of the word Quantum in this context. It has nothing to do with Quantum physics...it simply means very sensitive to interference or interception. Once again the language is being interfered with!
Quantum cryptanalysis should not be the only worry. If a method is derived to compute prime factors with efficiency, or even a method to model the pattern of primes, RSA fails along with every protocol that RSA-encodes a symmetric session key. As the eminent Dr. Gunter Janek said in the Sneakers movie, "While the number-field sieve is the best method currently known there exists an intriguing possibility for a far more elegant approach." Yep, just a little creativity with homomorphism and there you have it. With a single cyclotomic field over the rationals you get a breakthrough of Gaussian proportions. Setec Astronomy is unleashed. If that makes no sense, a review of Sneakers will decrypt the above word salad.
I think I understood all of this on the first pass. Although sometimes I had to hit pause and ask "Who is Ellis? She didn't define any Ellis." However this video didn't explain which elementary particles could be used to carry "spin". Which particles have spin, do I need to Google this? She should have mentioned this, and she should have mentioned if spin is the only component, or if there are other quantum behaviours besides spin that could be used. (Eg, quantum entanglement.) And she barely mentioned the practical problem that the world isn't currently providing end-to-end fibre communication hardware yet. And she didn't mention if fibre switches on the internet contain non-fibre electronics between their fibre I/O ports (they probably all do, which makes them all unusable.) Until we have end-to-end fibre lines (or line-of-sight over-the-air paths between end points) this will never get implemented. I'm not against it, but it will cost trillions of dollars and it will really only work well for fibre connections, even though we're converting everything to wireless in the future. So it's a dead end. Normally her videos are more rock-solid than Gibraltar, but this one more resembles a block of Swiss Cheese.
GET NORDVPN: nordvpn.org/sabine
USE COUPON CODE: sabine
USE THE CODE SO YOU CAN GET 68% off 2-year plan + 1 additional month FREE
Import remark: we still are not sure about P being different from NP, not to mention if breaking specific cryptosystems is in fact hard problem or not.
@@malekmannai9445 Certainly some people know how some "hard problems" can be solved easily. Like the NSA messing with the crypto standards around ellipctic curves, making it easier to decrypt cipher texts encrypted by them. At least to those who know the weaknesses. Which would be the NSA and certainly a bunch of others.
Mullvad and OVPN for real privacy.
@@NeinStein "Certainly some people know how some "hard problems" can be solved easily". By "hard problems" I mean NP-hard problem which are at least NP-complete. If any hard problem is easily solved, that means P=NP and no crypto-system will ever be efficient.
you just discredited your entire video with the ScamVPN shilling. They definitely keep logs and are not transparent about security issues, and when they get called out 2 years later they shift the blame to someone else.
watch The Hated One's recent video on why VPN's are worthless for privacy.
Great video, thank you for the explanation! One thing to note is that quantum key distribution (QKD) is not safe and does not offer any security from Eve in its current form. The problem with QKD by itself is that Eve (misleading as she is not a passive eavesdropper but rather an active participant; Mallory would be the more appropriate name for an active, malicious attacker) can perform an active man (person!) in the middle attack (MITMA). If she pretends to be Bob and measures every bit, and also receives the information on the directions, she recovers Alice's entire key. It's true it would be difficult for Eve to cause Bob to receive the same key, but that's not necessary. Eve can generate an entirely new key and send it to Bob, pretending to be Alice, and then send her own directions for the new key to Bob. Now Alice-Eve have a key and Eve-Bob have a different key. When Alice encrypts a message, Eve can intercept it and decrypt it with Alice's key, then re-encrypt with Bob's key and send to Bob, and vice-versa. Both sides will have entirely different keys yet believe they are talking to the other party because there is no way to authenticate the other party. It was noted that Alice and Bob can communicate across a separate channel for some information, however if the dependence of the security is through a separate channel that is guaranteed to be authenticated (you know for a fact you're communicating with the other party), you would already have needed to establish a key with the person to ensure that guarantee! If you simply sent it over yet another unencrypted channel, there is no reason it could not be intercepted and thus continue to perform the MITMA. The video was a great explanation however, thank you!
Thanks for this comment. I had an inkling that something like this could be done, but your comment explained it very well.
In practice though, the fact that the second channel can be unencrypted (public) makes it much harder to run a MITMA, no? The attacker would have to show both parties different results to a publically queryable server. And you can add a couple of redundant channels for verification. That would require the attacker have complete control of one party's computer or internet connection and the ability to intercept and change packets on the fly from any number of sources in any number of formats.
An approach not unlike multi-factor authentication should make this kind of attack impractical in the extreme. Especially since it has to be done in real-time.
Excellent analysis. Thank you
You're right it's not secure. Besides the authentication problem you mentioned, another issue is it's very difficult to engineer it so that the whole system has a (provable) "security reduction" to its quantum properties. The NSA wrote an essay a number of years ago warning people in industry not to trust it and outlined 5 major problems with it. Regarding engineering, they said the following:
"The actual security provided by a QKD system is not the theoretical unconditional security from the laws of physics (as modeled and often suggested), but rather the more limited security that can be achieved by hardware and engineering designs. The tolerance for error in cryptographic security, however, is many orders of magnitude smaller than in most physical engineering scenarios making it very difficult to validate. The specific hardware used to perform QKD can introduce vulnerabilities, resulting in several well-publicized attacks on commercial QKD systems."
In other words, it is very difficult to design a QKD system that its designers can prove is doing only what it is supposed to be doing.
Seeing a new video from Sabine made my morning so much more interesting. Please keep making these videos ..
Same I like her videos
She is into charlatanism as heck.
There's no such thing as quantum cryptography. They will use your brain and cyber attack people as much as they please.
Those people are a deep well of intellectual dishonesty.
Don't let them fool you. They don't have any fine mathematician in their projects.
This woman is deep into falsehood like other workers at big tech giants.
This woman is just one more lost soul worried about her silhouette, that is the digital model of her mind.
This would make a mathematician laugh , if he/she did not know those people are committing crimes against humanity.
There must be a military court to judge their crimes and this is urgent.
They are killing and torturing lots of people worldwide including children.
Julian Assange did not have the opportunity to see this and now he is in Belmarsh being tortured by Flat Earth people like this woman here.
Had he the opportunity to see what those people are doing he would not have the chance to blow his whistle on those crimes. They are worse than those videos of war crimes in Iraq he exposed on his site.
@@monicamir She is lying about physics. WHY E=MC2 IS NECESSARILY AND CLEARLY F=MA ON BALANCE:
Energy has/involves GRAVITY, AND ENERGY has/involves inertia/INERTIAL RESISTANCE. C4 is the proof of the fact that E=mc2 IS F=ma ON BALANCE. This explains the fourth dimension. TIME is NECESSARILY possible/potential AND actual IN BALANCE, AS E=MC2 IS F=MA ON BALANCE; AS ELECTROMAGNETISM/energy is gravity !!! The stars AND PLANETS are POINTS in the night sky. E=MC2 IS F=ma. ("Mass"/ENERGY IS GRAVITY. ELECTROMAGNETISM/energy is gravity.) The EARTH/ground AND what is THE SUN are CLEARLY (on balance) E=MC2 AS F=ma. TIME dilation ULTIMATELY proves ON BALANCE that E=MC2 IS F=ma IN BALANCE, AS ELECTROMAGNETISM/energy is gravity !!! (Gravity IS ELECTROMAGNETISM/energy.) The sky is blue, AND THE EARTH is ALSO BLUE. The stars AND PLANETS are POINTS in the night sky. E=MC2 IS F=ma ON BALANCE. Great !!! This NECESSARILY represents, INVOLVES, AND DESCRIBES what is possible/potential AND actual IN BALANCE, AS ELECTROMAGNETISM/energy is gravity. GRAVITATIONAL force/ENERGY IS proportional to (or BALANCED with/as) inertia/INERTIAL RESISTANCE, AS E=MC2 IS F=ma; AS ELECTROMAGNETISM/ENERGY IS GRAVITY. Gravity/acceleration involves BALANCED inertia/INERTIAL RESISTANCE, AS E=MC2 IS F=ma ON BALANCE; AS ELECTROMAGNETISM/energy is gravity !!! It all CLEARLY makes perfect sense. BALANCE AND completeness go hand in hand.
By Frank DiMeglio
As a retired programmer who dealt with encryption techniques, I'm relieved to hear of this new encryption method! Your english is fine, Sabine!
@Jeffrey Christopher Not any encryption scheme, Sabine even says in the video that there are schemes which currently are believed to be secure against quantum computers. Quantum computers aren't supercomputers on steroids, they just happen to get significant computational advantage on tasks they can use entangled bits to their advantage.
@Jeffrey Christopher I must admit that I'm just a former physics student, but in one course we were introduced to quantum computing. You can't just take classical algorithm (even fully parallelizable one), give it to quantum computer and expect it to run faster. That's not how qubits work, although it's a common misconception. You need to work within limitations of quantum physics, i.e. what entanglement allows you to achieve. In addition, you need to take stability of your algorithm into account for practical implementations -- for example, Shor's algorithm for factorising numbers is unstable, thus unreliable for large numbers unless quantum computer can be made robust against noise and decoherence.
To be clear, I'm not saying that quantum computing isn't a threat to security. It is, but cryptography is not doomed because of that.
@Jeffrey Christopher I haven't heard of such encryption before, interesting! I this can't say anything about such encryption, unfortunately.
Nevertheless, quantum computers will most likely be used together with classical computers in most commercial applications. Before we get any quantum computing units into our computer chips, all the quantum computing will take place remotely, as keeping quantum computers stable with current technology need near absolute zero temperatures. However, in mateial research quantum computers will be very valuable. It has been estimated that 100 qubits is enough to surpass current supercomputers in stimulating fermionic and bosonic interactions.
@@tetraedri_1834 Yep good point on Shor's, it's eye-opening to say there might be more algorithms out there, but they prove elusive to find. Shor's is like 20+ years old now and we still have not made much headway in that domain. It will be interesting to see if we can find some better tricks utilising quantum logic but it's proving hard. It might not even happen at all. The whole argument rests on Shor's and a small scale factorisation test that proved it can work on a real quantum computer. Regardless, it's a risk that is real and measurable. In the end of the day, the affected technologies are key distribution (discrete log stuff) but OTP such as AES @ 192 bits is pretty much bulletproof even with a reliable QC and Grovers Alg.
@astroj Not any encryption, Quantum Computers are really good at very specific calculations, but they'll never replace the normal computer.
This will definitely be part of my “UA-cam Reference Library” … Thanks for the brevity and clarity of a very “entangled” topic … ❤️👏🏽❤️
Hello there Sabine. Excellent presentation. Thank you for explaining this complicated topic in easy to understand language.
"HAHAHA, PHYSICS HUMOR 😐"
:3
That was perfect!
I thought that comment a little surprising because I don’t think the naming convention was created by physicists? I thought it was, well, cryptographers.
But maybe early crypto papers were written by people who were also physicists?
I've always thought they picked "Eve" because it sounds like "evil".
Deadpanned it like a pro!
Dear Sabine, since I am a fan of your channel, I get really interested in physics (which was really not my subject at school, decades ago). Your way to explain is outstanding and keeps the interest of the viewer to the last minute either. This new video is although very informative and shows clear, that progress in science is still an interesting part, even in daily life.
Your English is much clearer than most natives. I'm a bilingual with English not being my "native tongue", and yours is just fine, Dr Sabine. Also, great work, thanks a lot!
My favourite science communicator! Sabine, you are just amazing, and subscribing for your videos was one of the best things I have ever done on UA-cam!
I look forward to Saturdays as they mean one of your presentations will soon arriving. I enjoy your topics, singing and accent... thank you.
I have to say I’m seriously in love with your brain and your videos, in a purely platonic way. Thanks.
for me... it ain't platonic.
Sabine, I am so old that to me English spoken with a German accent by a scientist is considered more reliable than pure American or British English. Given the current standing of rationality in the US and the UK, I am modern again.
Bwahahaha
Thank you Sabine, your English is fine...not futile. You are humorous and humble. I enjoy your work always.
Sabine - thanks as usual for a clear presentation. Maybe you do this already somewhere - but it would be really useful to have the transcripts of your talks available with each video. So we could read, pause, think, read some more, scribble on paper, and come to a deeper understanding. And maybe note a question or two! Thanks.
Very concise and excellent description of quantum principles applied to cryptography. Years ago, I wrote and sold VPNs and offered multiple encryption protocols that could be selected and combined on each connection. The products were rock solid and clients could add their own protocols. All open source. The only problem was a three letter government agency audited the work and insisted that it be modified. The required modifications were not intended to make the product more secure. Given the choice, I stopped selling the products. Likewise, other products and systems I have built for major telecom companies have been required to comply with the ‘lawful intercept’ program. Sincerely, I hope that one day we can sell actual secure encryption services. That said, it is unlikely that quantum computers will be effective for breaking cyphers given superencypherment and utilization of multiple large keys that change during communication means it’s much simpler to hack the endpoint and collect the cleartext.
Amazing! Finally a clear explanation of the quantum key distribution. Thank you Sabine!
I appreciate all the hard work that must go into making something as complicated as this look easy. Great content!
Your English is better than that of many Americans. Clear, and heavy on content = gold
Thank you kindly Sabine. First time I have seen your video. I am learning about QKDs at the moment. A very good presenter, you are.
Your English is very good. It’s the pronunciation that is not perfect, but very understandable and adorable. Don’t change a thing.
Never fix your English. It is a lovely melody to hear.
cq33xx imagine being so insecure that you need to shove your politics into unrelated places
@@cq33xx58 Then perhaps you should work on your English writing grammar to bring it to a level of competence that can be read with understanding, rather than have to work around your many errors.
Or I can also tell you not to worry about it. The flaws are intriguing to decipher.
@@cq33xx58 Okay, I accept you use a translator to conduct your conversations and we are left with errors in translation that make your meaning somewhat unclear. Yet you criticize any acceptance of Dr. Hossenfelder's imprecisely English pronunciation of some words as being a "crap" attitude, although she can hold concise conversations with some of the best minds alive in a non-native language. I don't normally argue with off-the-cuff hatefulness, but your comment was a response to mine, so I felt compelled to engage in this instance. Nevertheless, I accept your explanation and accept that your responses are altered by a translation program, and I will no longer respond. Please be well.
She has beady emotionless eyes. It’s like getting a physics lesson from an autistic shark.
I'm so grateful for the relevant but normally obscure info outside of specialists. That's for 'cluing u's in. You are a wonderful teacher.
You are very wise...You are one of the best teachers..Explain everything so nicely
I've been catching up on all your videos Sabine. I just love them, no-nonsense and easy to understand (Well almost) but my math is definitely getting better. You have truly a great mind so please keep them coming. Do you do Lectures or have a website, I'd love to see you lecture down here in Australia. I see by all the comments that everyone is enamored by your skill just like me.
I predict that the public internet will switch to quantum cryptography as swiftly as it switched from ipv4 to ipv6. And by "swiftly" I mean "glacially". Like a glacier on Pluto.
It's kinda worse than that, IPv4 to IPv6 "just" requires a change in software, while QKD requires entirely new hardware infrastructure. Also, as long as large quantum computers aren't around the corner, AND classical post-quantum algorithms don't fail utterly, I don't see the real incentive for adopting QKD.
The hardware will be expensive at first so the first adopters most likely would be intelligence agencies and the military for security reasons, and later on other government agencies or departments would follow for the same reasons, big corporations, industries, Banks and Wall Street, would be next adopters. Security is a big issue and motivator, just like Y2K nobody will like to be at the end of an unsecure network
@@nibblrrr7124 in many cases you have also to upgrade the hardware if you want support for ipv6 , because their version of OS is not maintained any more
@@dejabu24 Okay, but buying a new router & plugging that into the wall is still easier & fixable for an individual, compared to laying new cables for a second internet.
(Not sure how useful existing fibre-optic lines are, esp. if you don't want to blindly trust every routing station on the way.)
nibblrrr do you think that you will have to add a new connection line , I thought that it will support fiber optic and other broadband connection
One-time pad based encryption is unbreakable by definition (safe against quantum too) , but it is impractical because the encryption key (the one-time pad) has to be as long as the message to encrypt. It is feasible for short messages.
As someone who still needs subtitles in most movies I watch, I fell I should say I understand your English better than most natives'.
What is your native language?
@@Valicore Portuguese, why?
I love this video. And, as a pragmatist of the Richard Rortyian flavor, I look at cryptography not as a problem, by saying there are no problems, but rather only more and more interesting ways to describe and redescribe our events. I love this video because my pragmatism I follow and trust keeps me seeking hope in place of knowledge. Sending and receiving messages is not in my case about searching for knowledge of this or that, but a searching for hope, a hope which I have learned should be open to all. Therefore, communication and conversations for me represent a seeking not of information of knowledge to pass on and collect, but one instead of hope to gain, since hope is better even than knowledge to possess, and send.
That was single handedly the best transition to a sponsorship ever. Also the way you explain the benefits and features of nord VPN actually made me think about buying it. Sabina not only are you an amazing scientist and educator, your sales skills are a solid 10 as well. Please do not be hard on your english either. You have an accent yes. Your english is not broken by any means and you are very easy to understand. Plus I have always a german accent to be rather intimidating so I shut up and listen more. Thank you for the laugh first thing in the morning. My perception about how today is going to go has spin in the optimistic direction. Stay safe and healthy!
Before you buy, note that *while the video suggests otherwise, NordVPN doesn't protect you from attacks by quantum computers* (and those are at least decades away from cracking practical encryption, anway). Sabine even makes a factual error at 11:30 - NordVPN does in fact rely on asymmetric/public-key cryptography just as much as anything on the internet, and would be just as vulnerable as just using websites with HTTPS (the lock icon thingy). And again, quantum computers are not a threat to your security anytime soon.
*VPNs are useful only for very particular cases* - mostly, circumventing copyright restrictions (watching Netflix from another country, or not getting caught torrenting). Your online banking, browsing, or messages are already perfectly secured with HTTPS - VPNs just reroute your traffic (and this gain access to your entire browsing history), and add another unnecessary layer of encryption, which doesn't give you any more security against hackers or government agencies.
If you worry about your ISP/company/government tracking which websites you visit, using Tor Browser (which is free) is likely the better solution than a VPN.
Tom Scott has a great introductory video on the issues with VPN marketing; for more in-depth information see Wolfgang's Channel, or The Hated One.
Up to now I never found the -- pun alert -- key to understanding quantum cryptography. After a decade or so this video finally helped me understand all the -- pun alert -- key points!
Sabine.....your English is perfectly understandable.....and that is all what matters....so keep up your good work. Excellent presentation!!!
UA-cam was made for people like you. Keep it coming, Sabine.
It’s nice seeing someone being appreciated because of their merit rather than their gender or skin color, thank you Sabine.
You are a delight, every time.
I've been watching a lot of your videos over the past few days. I am a native US English speaker, and your English sounds fine to me.
Sabine, your brain is so very amazing. Every video you make just blows me away. I would love to be able to think so well. Please keep doing your amazing work. 👍🙂
We native English speakers know we are done for since German speakers are good enough at English to make light of German speakers speaking English. I remember a skit on ARD or somewhere in which native German speakers were doing an English broadcast that had a crazy amount of th's in it. As the reports they read kept getting more th's, the announcers started sweating and pulling at their collars. I suppose for English speakers it would be like trying to say, "Die bösen Brüder sind dort drüben."
Sabine, Enjoyed your lecture on quantum cryptography. Appreciated the conservation of information technique by only encrypting the keys. Yes, I understand that everything was encrypted, but with only one key pair. Back in the 90's Scientific American published an article on quantum cryptography as an information utility. An encrypted data stream was available , like water or electricity. You could add your information to the stream and it would become an encrypted layer in the stream. When it reach the recipient, that layer would be peeled off and decrypted from the stream. This was before block chain cryptography was developed, but it had some similarities to the technique. P.S. Du hast schöne Augen.
I don't do any online banking because I think at some level your activities on a computer can be monitored. I try to mostly use cash and only use my card at the bank so there is no digital traces of the card numbers. Also I like to move my money out of the card accounts to other locations or certificates. But I think you are good making your own encryption system, and even encapsulating a known one. I always thought it would be funny to interject like 200% white noise into a file in an expected manner (increasing the size of the file) and watch someone try to make sense of it.
Thanks so much, Sabine, wonderfully simple explanations of some crypto areas I was struggling with.
Really, really interesting! 😃
Thank you, Sabine!!!
Stay safe there! 🖖😊
AES is never a substitute for RSA as mentioned in the NordVPN spot, and it sounds like marketing nonsense from NordVPN. AES is a fast symmetric encryption algorithm used by nearly all encrypted communications. RSA is one of the asymmetric encryption algorithms that can only be used for secure key exchange. You cannot use it for bulk encryption because it's about a million times slower than AES.
So share the key via RSA then encrypt with AES. Make sure your Key Store is secure.
@@danstar455 That is basically how all SSL and TLS communications work. But when security companies like NordVPN advertise they substitute AES for RSA, it tells me they haven't a clue about security.
Thank you for ze information. Diene English ist nicht broken; it is perfectly understandable and enjoyable. Great video as always.
Alice, Bob, Carol, Eve, Trent, and Mallory are all inventions of cryptographers and computer scientists, not physicists.
Eve is an eavesdropper, Trent is a trusted third party, and Mallory is someone who's trying to maliciously interfere, often by changing the message in some way.
Hossenfelder never says physicists invented the use of those names, if making that correction was your point.
At 6:00 she says, "When physicists talk about information transfer, they like to give names to senders & receivers ..." and proceeds to explain the ideas for a quantum key. They give the names that are commonly given, obviously. I call a watt a watt, not a vamp or ampolt.
For the record according to my limited lookup, there are upwards of 30 placeholders names in common use in cryptography with more than one for some roles. This makes sense because the names are not significant, except that they sound appropriate.
@@johnsmith1474 - She also calls Eve "physicist humor". The strong implication is that physicists invented these names.
And it doesn't surprise me that there are more placeholder names. I gave that list from memory. I should've added a disclaimer that my list is likely not comprehensive.
It rankled me that cryptographers and computer scientists weren't even mentioned. Neither Whitfield Diffie nor Martin Hellman are physicists. I don't think any of the inventors of RSA are either.
Quantum cryptography is one of those interesting areas where physics and cryptography overlap. And it's a subset of the overlap between information theory (another computer science discipline) and physics that's produced a number of interesting ideas and hypothesis.
It brings me back to the time I did some work in a research lab and was surrounded by physicists who thought computer science was largely pointless while they made extensive use of its fruits.
@@Omnifarious0 I'd see it the other way: the logic and importance of these people make them not only cryptographers or mathematicians, but also honorary physicists. When you are clearly an auto mechanic and someone calls you a pianist after hearing you play, it is a huge compliment, not a detraction from pianists or auto mechanics.
@@joshuacoppersmith - I disagree vehemently with your notion of hierarchy among the sciences. They are all very valuable in their separate ways.
I would be offended to be considered an 'honorary physicist' because of some accomplishment I made in my field of choice. I'm not a physicist, and I have no desire to become one even though I have a lot of respect for the accomplishments of physicists.
@@Omnifarious0 I would disagree with a hierarchy, too. If a computer scientist called Sabine a computer scientist, that would likewise be a great compliment to her. In my mind the auto mechanic and the pianist were equals. But I guess we are just different personalities about feeling honored to be called part of another field. I for one would be overjoyed to be called a mathematician because of work I did in cyberlinguistics. If nothing else, consider people like Claude Shannon. Would he mind being called a computer scientist? He wasn't one by training...
I am so glad that you have this channel
I'm quite upset at myself right now for all those wasted opportunities I could have used to communicate how RSA encryption works when tutoring students about why one-to-one invertible functions in mathematics are very nice to have.
You can still go back to teaching!
(1) public keys can decrypt messages encrypted with private keys. This serves to verify digitally signed messages.
(2) It would have been immensely helpful to include the reason these algorithms are irreversible is that they use modulus arithmetic allowing the discarding of useful information to reverse the process.
Your English is fine. Thanks for the video!
How many years was Bob together with Eve, to look like that?
too long
Bob looks like the coomer meme lol
@sabine thank you for using the 'Pun Alert' System. Puns are evil and anything you can do to lessen the impact is greatly appreciated.
Actually, puns are fantastic. They are PUNtastic, if you think about it. That is, if to PUNtificate them.
@@marsupius You are unspeakably cruel.
That's punny.. please stop punishing me
Sabine, your English is better than most native speakers of it, so cross that off your list of "Things to Worry About". The ideas are what is important and you are a damn fine communicator of them. Even though I lived in Germany for a couple of years, I hang my head in shame at how feeble were my attempts in conveying nuance and humor.
At the end I was listening to hear if you still called yourself Zabina and not Sabine, and wasn’t disappointed!
alice, bob, and even are awesome. props to the artist (:
Quantum cryptography is the use of quantum mechanical properties to enable secure communication. The principles involved are similar to those used by quantum key distribution, which can be used both for encryption and decryption purposes.
Quantum key distribution (QKD) is a technique for secure communication using quantum mechanics. The method ensures the authenticity of a message and the privacy of information, preventing eavesdropping.
A quantum channel cannot be copied without being destroyed, and the act of observation will change the observed system. The sender and receiver can communicate using a shared random sequence (such as an encryption key) that is used to encode messages.
A sender uses a one-time pad with the receiver, which is secure in that any eavesdropper (including you and me) will find it impossible to recover the message being sent.
A cryptographic method invented by Claude Shannon in the 1940s, based on information theory. It is used for secure communication in cryptography.
Shannon entropy is a measure of the uncertainty associated with a random variable. In quantum mechanics, it quantifies the amount of information that an observer has about one possible outcome from an ensemble.
The public key is usually only used initially to exchange a randomly generated symmetric key. From that point on a symmetric algorithm is used as they are much faster.
Was talking about outcomes. If you give the person 1 and then you know person 1 has 1 then person 2 needs to make the choice to play knowing they will win if person is uses the information or outcome. Then person 2 playing can either take outcome if info is used or not. Information can be integer to >=1(info). This can then be interesting for outcomes and probability. Primes to gcd. Information. This case spins.
I find Sabine's accent pleasant to listen to.
I think you got some of the details wrong. Probably to simplify, but just in case:
1. First of all, spins go opposite from one another. That means if Bob found that a particle is spin up, he should assume a spin down particle at Alice measurement. This is one thing I'm pretty sure you know.
2. While spin is very popular when we try to show EPR paradoxes, Quantum encryption in the real world uses photon polarization as a measurement with quantum properties in the real world. It's just much easier to keep polarization stable, in long distances, and if it's not a long distance, why would you use encryption?
3. While this method is powerful and interesting to look at, it cannot replace RSA. It can replace diffie hellman protocol, which is not a Public key scheme. It is a way for 2 distant participants to exchange private keys. and...
4. This is not a practical solution for the internet. If I wanted to use this on youtube, for example, I'd have to put an optic fiber from my place to youtube. If I won't do that, I can't imagine how I can keep a photon polarition state, without reading it. However, lets imaging that we created this smart router, that can transfer a photon state without measurement, this will not help us because...
5. This method does not solve the authentication problem. This is the big one.
Encryption is designed to solve several problems. Keeping secrets is one, but there are several others, and one is authentication. Imagine I used this method, and Eve decided that she wanted to hear this conversation. She's just go several meters from her and Bob's house, dig in, and put a device on the fiber. When the message comes from Alice, she's do the measurements, and keep the results to herself, while sending her own photons to Bob, pretending to be Alice. After that she'd have 2 keys: Alice to Eve key, and Eve to Bob key. None of them will ever know the've been hacked.
As I said, this method replaces Diffie Helman protocol, that has the exact same problem. So how is it solved in the internet? Using RSA, that while it can be used to encrypt, his more important role is providing a signing scheme. However, as you said, RSA is not Quantom safe. There are sevral solution for this, but none emerged as an internet standard at the moment.
Why is a war veteran watching war movies?
@@anderstopansson ummm... not sure I got the point but either "Thanks man!" Or "How dare you!?" As you see fit
@@guruyaya Passing. Good continuation!
@@anderstopansson I'd say it's more like a war veteran watching war _documentaries_ to refresh one's own memory as well as ensure that the producers got the facts right. Like my Ph.D. uncle-he didn't _have_ to watch kids' science shows with me, but sometimes when he did, he would point out all the mistakes the presenters were making. But when watching sci-fi movies, he said nothing-even I knew those were fictional.
Out of all her videos so far, I've only heard Sabine say one stupid thing: "fix my broken English." What??? Her English is better than most native speakers!
Unique and expertly communicated topic, which i never before realized that I needed to understand. Thank you!
Up until now afaik quantum encryption has limited application, at least for normal people.
The reason is that it has a pretty niche application.
So it is mostly used with fiber optics. However every repeater is effectively Alice and Bob.
So for a potential attacker it means that instead of splicing into a fiberoptic at any arbitrary point you would need to get the signal at the repeater.
So yes this is useful for undersea lines, haven't heard much use for it otherwise though.
Haven't looked into it much recently though so maybe that has changed.
I wasn't expecting that NordVPN sponsorship XD
Great video as always !
I love how this woman explains things.
Just 138k subscribers for such an informative and priceless channel .
The public key can be used to decrypt or encrypt, depending on the usage model.
Pgp for example uses he public key to encrypt, so that only the private key holder can decrypt it.
Other uses are the opposite. I.e. use the private key to encrypt and then anyone with the public key can decrypt it.
I’m interested in the algorithms intended to be used for post-quantum cryptography. Because they won’t require sending quantum states down optical fibres. No need to go for a quantum sharing of keys if a standard public and private key system still works, you just need to change the algorithm used to generate them away from a simple factorisation.
Exactly. Post-quantum cryptography (PQC) is probably the way to go, as it doesn't require building a second internet that often isn't even as secure or useful as our current pre-quantum-cryptanalysis internet. (Or is there a way to do routing without trusting the router? Wireless QKD?)
AFAIU the reason currently no one uses the existing PQC algorithms yet in practice is that they currently require larger keys (thus more internet bandwith) and/or more processing power (thus draining phone batteries faster), and they're not as well-researched & tested as e.g. good old RSA or DH - I don't know how confident cryptographers are that e.g. are resistant against mere classical computers that actually already exist today. It's good people actually already put effort into researching it, long before quantum attacks will become practical (if ever).
Quantum sharing of keys does _nothing_ to protect communication if I have a general purpose quantum computer: I simply do a brute force attack on the message which completes in polynomial time since that is what my quantum computer can do.
Furthermore, the vast majority of computer theft isn't even message interception and decryption; it takes place on the end host which secure communications does nothing to address.
@@drrtfm You can't. QCs cannot solve arbitrary problems in polynomial time by brute force - they don't make (BQ)P=NP or "try every solution at once". Shor's algorithm can only crack certain asymmetric encryption methods (e.g. RSA, DH, ECC), but it doesn't work on symmetric encryption (e.g. AES). You can use Grover's algorithm to reduce the amount of time needed to crack AES by a square root, but that still leaves it exponential - and even this can be completely nullified by just doubling the key size.
As for where most computer crime happens, I'd love to have hard numbers, but surely part of the reason why interception & decryption isn't done more often is that public-key encryption & authentication currently works so well. Compromising endpoints is infeasible e.g. for dragnet mass surveillance. And breaking RSA (without a post-quantum replacement) would mean e.g. breaking certificate authorities and HTTPS, making MITM attacks or phishing attacks much easier.
@@nibblrrr7124 I believe you are making some rather specific assumptions about what QC can and cannot do and that the jury is still very much out on whether or not a GPQC could render NP problems solvable in time P (after all, they are verifiable in P time, so "all" you have to do is simultaneously generate all possible solutions and run a verification against that; for a problem of size N, a GPQC of size kN should presumably be able to do such a simultaneous generation and verification. That said, I'm not going to claim to know much about QCs (and generally am rather skeptical about the likelihood of the actual creation of a GPQC.).
Regarding interception vs. endpoint breakage: thieves go for the end points since they are largely interested in things like credit card information and it is much, much more efficient to go after the repository than to troll through vast quantities of social media drek hoping to find that information. Governments are the ones who do mass surveillance and yes, they will do it through MitM attack not because endpoint attack is infeasible but because it is more expensive and unnecessary if you can just grab the stuff in the middle and drek through it all. Quantum Crypto is largely irrelevant to this purpose since QCrypto is about protecting on the wire (well, fibre) but not on the router; further, the basis for things like HTTPS is PKI, which is trivially attackable via on-the-fly certificate generation using a MitM.
Phishing is a whole different level and is largely done by low-level thieves (why go after individuals when you can go after the whole repo?) and targets less sophisticated individuals who don't bother things such as the fact that the link they are following is not the link that the message they received says they are following ....
Top notch video as always Sabine!
Why is it only Sabine have ability to explain things clearly.
Because she understands and had ruminated in depth the mathematical chit behind the carpet ...
Coz she´s not MSM.
@@anderstopansson Sabine is part of MSM media but works as an MSM BS detector ... Then, Her "low profiled" underground media outcomes disturb the signal to noise ratios in The MSM System ...
@@firstnamesurname6550 No, she´s AM , the MSM snake ´s not biting his own tail...
@@anderstopansson AM is conformed by dudes like Garret Lissi, Alain Connes or Mochizuki... Sabine is already well-rooted in The Academic Discourse but playing in its peripheral boundaries ... Yet at Academia Peripheral Park doing funny acrobatics with her skateboard ... while Witten is doing some farts with his Rolls Royce ...
Of course there are several issues with Quantum Key Distribution. While it does a good job protecting the key, the actual symmetric encryption used after the key exchange could still be vulnerable. Another problem is that the quantum key exchange can't pass over the standard network. Lastly, while it is true that the key cannot be intercepted, it is possible for Alice to send a key to Eve when she believes she is sending to Bob. There is nothing in the system that guarantees who is at the far end.
I have a few comments:
0:32 : This is inaccurate- Secure network communication (HTTPS ) makes usage of the "Transport Layer Security", also known as TLS. This protocol indeed makes usage of asymmetric primitives such as RSA or ECC in order to establish a key session, similarly to how you described the usage of BB84. Once this key is established, a symmetric cipher (AES) is then used in order to both encrypt and authenticate the communication. This means that protocols that presently being used online are mostly hybrid protocols that makes usage of the advantages of both asymmetric and symmetric cryptography.
10:04 : You could mention that this key can then be used as a one-time pad or as a session key for symmetric primitives.
11:27 : HTTPS is the one keeping you safe while you browse the internet. NordVPN is only used to add an extra (unnecessary) layer of encryption on the public data of your browsing between you and the VPN's server. This means that NordVPN can still keep track of your browsing habits, and that they are not entirely anonymous either once they leave their server.
11:30 : It most definitely rely on a key exchange protocol to be able to use AES - They even state it in their FAQ: "The ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys."
I don't know if you rushed this video or you omitted all of this to make the sponsor look more appealing but you are spreading misinformation regarding cybersecurity and cryptography in general.
EDIT:
Sources:
en.wikipedia.org/wiki/HTTPS
en.wikipedia.org/wiki/Transport_Layer_Security
en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
nordvpn.com/faq/
@Ed T I am just pointing it out. You are welcome to educate yourself in the subject.
You can also watch this video by Tom Scott : ua-cam.com/video/WVDQEoe6ZWY/v-deo.html
These are valid points, but I thought the level of simplification was mostly okay for the length & depth of this video? Like, yes, TLS also involves symmetric encryption, but if the key exchange is vulnerable to quantum attacks (one of the main topics of this video), then the whole system is - just like if everything was public-key, like e.g. PGP-encrypted e-mails.
But yeah, ofc VPN marketing mostly relies on at best somewhat misleading information, and the only really sensible use case for them (as opposed to just HTTPS, or Tor) is circumventing copyright law... maybe I'm a bit numb at this point.
Oh wait, you're right, 11:30 is actually just wrong, and _highly_ misleading in the context of the video.
NordVPN is totally just as vulnerable to hypothetical quantum attacks as regular HTTPS.
@@nibblrrr7124 That I agree, but then the VPN is also vulnerable to this. To me it looks like the video was made in a way to convince the viewer that asymmetric = BAD, symmetric= GOOD use nordvpn because it uses AES.
In watching such videos, it must always be kept in mind that it is an ad, that necessarily uses low level emotions like fear. There is no danger that a code be broken by a quantum computer, even in a near future, notwithstanding the present tense.
Great overview of cryptography and the potential impact of quantum crypto. I don't think most folks realize quantum computing is not a panacea, there is a limited set of problems it is able to solve quickly. Unfortunately for personal privacy traditional cryptography is one of the areas at risk of compromise from quantum crypto.
*quantum cryptanalysis (breaking an important subset of classical cryptography using algorithms that can only run efficiently on quantum computers) 🤓
Quantum crypto(graphy) would be _securing_ information using quantum effects. And (to my very limited understanding) that doesn't really involve general quantum computers of the kind on which you would run Shor's algorithm for quantum cryptanalysis, Grover's algorithm for database search, or physics simulations - see QKD.
Totally agree on the hyped misunderstanding of quantum computers just being better computers, or even making P=NP or whatever, though!
But how do you exchange quantum key over the air? Or fiber optics? Single photons? Actually yes, and no: right now pulsed laser beam with zero to a few photons can be sent on a fiber optic cable... However this could allow Eve to split the beam and collect and measure a spare photon in the beam. A more advanced protocol includes an empty spot in the photon stream whereby Eve cannot determine if the empty spot part of the transmission or a random feature... Single photon transmission is more difficult to achieve outside labs but progress is being made.
You delivered the physics humor quite excellently. Have me a chuckle. Great video.
Excellent presentation. I think you mixed up vertical and horizontal at one point (7:49), but other than that you communicated this topic effectively.
Public Key Crypto depends on the assumption that P =/= NP (meaning that there are mathematical problems with sollutions algorithmically easy to check but hard to find).
favorite mathematician and theoretical physicist❤
S --- At 7m47s you said that if A sends a particle with spin "up or down" ... and at 7m51s you said that if B measures the spin in the "vertical" direction, he just gets left-or-right with a 50% probability. -- But is this correct ? ( -- *Terrific* Video, thank you).
Love the accent!
If anyone can explain why "quantum" was chosen for the James Bond movie "Quantum of Solace",
then you'll earn my admiration.
You're English is excellent. The only thing I ever notice other than the accent is "mathemathics", although it's sort of endearing.
Wish I would have had a physics teacher like you I would have been a lot more interested in physics!
Love your videos, Sabine, but Nord VPN and shared AES not using RSA it utter rubbish.Never use the same AES key for more than one transmission and always distribute symmetric keys using asymmetry cryptography. It's basic stuff.
Love your physics humor........
Wonderful, concise video. Thank you.
Sabine has an amazing English. I think most of the non Latin, non slavic, Europeans do.
Sabine, on 7:51 you say 'vertical', but you probably mean 'horizontal'.
It takes a while to notice, but I love Sabine's sense of humour.
Physics humor joke, I love it 😄
Thank you for the concise and thorough explanation!!
But randomness of those bits are still a big question because our computers use pseudo-random numbers and it's possible in theory to predict them by math.
Not really. Basically everyone in the field is confident that properly implemented pseudo-randomness generators (CSPRNGs) are perfectly fine. The problem isn't "predicting them by math" - essentially the same assumptions that lead us to believe you can't predict the keys from looking at the transmissions (before the universe ends), are also those behind that how you encrypt data with the keys can't be reversed, regardless of how the keys were picked. Meaning, if CSPRNGs can be broken, so can any practical encryption. (One-time pads aren't practical.)
Attacks on CSPRNGs - unless there is a fatal bug in the implementation - are usually based on sniffing the seed values - which are often generated from things like hardware access times, local clocks, user input... - and if you have access to the device, or it is badly implemented (e.g. assuming it uses slow HDDs when in fact it uses SSDs), then there are ways to predict parts of the key, weakening security.
To nip such implementation bugs in the bud, you _can_ buy hardware true random number generators (TRNGs) that use physical (often directly quantum mechanical) effects to generate the keys - but those are usually overkill, and there are dozens of more important security-relevant aspects to any system. And if someone hacks the endpoint, it would still be game over - those precious truly random bytes have to be stored in memory somewhere, and so does the plaintext message you want to encrypt.
The usual problem with encryption is not one of interception, since the fact that encryption systems are being used _pre-suppposes_ that the messages are, in fact, being intercepted. Rather, the problem is one of the messages being decipherable/understandable by the bad actor. Given this distinction, wouldn't a router just "intercepting" (i.e. reading) a packet, so that it knows if/what/where to send it to, enough to make Alice and Bob think their messages have been compromised (i.e. deciphered) due to the no cloning theorem?
You’ve decrypted this mess for me, thank you!
Is there a way to use send quantum information that cannot be intercepted, such as random qbits?
Once again a beautiful and simple explaination.
Can’t find this unique info on any other UA-cam channel!
so if we have post quantum cryptography why do we need quantum cryptograpthy?
How will the particles be relayed through routers and switches so it really can be used on internet?
They can't. Because they're 'quantum'. It's all a bit silly.
www.sciencenews.org/article/quantum-video-chat-links-scientists-two-different-continents
To secure the communication, a Chinese satellite distributed a quantum key, a secret string of numbers used to encrypt the video transmission
......
Using a technique known as quantum key distribution, scientists share secret strings of numbers while ensuring that no eavesdroppers can intercept the code undetected. Those quantum keys are then used to encrypt information sent via traditional internet connections. Decoding the transmission requires the same key used for encryption, foiling would-be snoops.
@@mallxs My beef is with the use of the word Quantum in this context. It has nothing to do with Quantum physics...it simply means very sensitive to interference or interception. Once again the language is being interfered with!
Gotta say..there's one thing I understand .....I love that Dress! So Bauhaus
Quantum cryptanalysis should not be the only worry. If a method is derived to compute prime factors with efficiency, or even a method to model the pattern of primes, RSA fails along with every protocol that RSA-encodes a symmetric session key.
As the eminent Dr. Gunter Janek said in the Sneakers movie, "While the number-field sieve is the best method currently known there exists an intriguing possibility for a far more elegant approach."
Yep, just a little creativity with homomorphism and there you have it. With a single cyclotomic field over the rationals you get a breakthrough of Gaussian proportions.
Setec Astronomy is unleashed.
If that makes no sense, a review of Sneakers will decrypt the above word salad.
I think I understood all of this on the first pass. Although sometimes I had to hit pause and ask "Who is Ellis? She didn't define any Ellis." However this video didn't explain which elementary particles could be used to carry "spin". Which particles have spin, do I need to Google this? She should have mentioned this, and she should have mentioned if spin is the only component, or if there are other quantum behaviours besides spin that could be used. (Eg, quantum entanglement.) And she barely mentioned the practical problem that the world isn't currently providing end-to-end fibre communication hardware yet. And she didn't mention if fibre switches on the internet contain non-fibre electronics between their fibre I/O ports (they probably all do, which makes them all unusable.) Until we have end-to-end fibre lines (or line-of-sight over-the-air paths between end points) this will never get implemented. I'm not against it, but it will cost trillions of dollars and it will really only work well for fibre connections, even though we're converting everything to wireless in the future. So it's a dead end. Normally her videos are more rock-solid than Gibraltar, but this one more resembles a block of Swiss Cheese.