quantum_cryptography.htm

黑客培训教程

this is (in case you already forgot it by now) quantum cryptography and its
advantages compared to normal cryptography. This long beginning was not mainly
there in purpose of explanation of quantum cryptography itself, but in purpose
of explaining how the information is distributed.  The main reason why
quantum crypto is so impressive is that there is used one of the fundamentals of
physics in very practical way.&nbsp; </p>

<p>&nbsp;&nbsp;&nbsp; Let's turn our eyes now on standard crypto systems,
because they are roots of quantum cryptography. We could define cryptography as
the art of hiding information in a string of bits that are meaningless to any
unauthorized party. To succeed in our task to hide information we usually use an
algorithm to combine <i>message</i> with some additional information that we usually
call <i><b>key</b></i> to produce <i><b>cryptogram</b></i>. This technique is
called <i><b>encryption</b></i>. Yeah, I know that most of you heard this story
before, but I must make things clear here, so have patience and you will be
rewarded, maybe. The thing you probably don't know if you are newbie into
cryptography and information theory is that person that encrypts is traditionally
called <i><b>Alice</b></i> and person that receives a message is traditionally
called <b><i>Bob </i></b>(that mainly stands for A and B). Just look at the
picture. </p>

<p align="center"><img border="0" src="NormalCryptoS.jpg"> </p>

<p>&nbsp;&nbsp;&nbsp; My sympathy in this story goes to character that is traditionally called <i><b>Eve</b></i>.
That is the evil one, Eve stands for eavesdropper. As the word says that is the
one that intercepts the information that Alice sends to Bob. Eve is that
unauthorized, malevolent person we usually call cracker. As I've said before,
just look at the picture. </p>

<p align="center"><img border="0" src="NormalCrypto.jpg"> </p>

<p align="left">&nbsp;&nbsp;&nbsp; Yes, now we have complete picture of problem that we are dealing
with. Public channel is usual channel we use to distribute information like
phone lines, optical cable, internet, maybe power lines in the recent future,
etc. </p>

<p align="left">&nbsp;&nbsp;&nbsp; For any crypto-system to be secure, it should
be&nbsp; impossible to unlock cryptogram without Bob's key. This in practice is
softened to that the system is just extremely difficult to crack. The main idea
is that the message should remain protected as long as the information message
contain is valuable (that explain why is DES for instance, crackable at all).
Crypto-systems are divided in two main classes. This depends on wether key is
shared in secret or public. I will give you two examples, one for every group;
&quot;one-time&quot; pad and RSA, exposing their qualities, and disabilities. </p>

<p align="left">&nbsp; </p>

<h4 align="left">5) &quot;One-time&quot; pad vs. RSA in normal cryptography </h4>

<p align="left">&nbsp; </p>

<p align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&quot;<i>One time&quot; pad</i> </p>

<p align="left">&nbsp;&nbsp;&nbsp; This system was proposed by Gilbert Vernam at
AT&amp;T in 1935 (quite old system, I must say), involve sharing a secret key
and is the only crypto-system that provides proven, perfect secrecy. In this
case Alice encrypts a message using a randomly generated key and then simply
adds each bit of the message to the corresponding bit of the key. The scrambled
message is then sent to Bob, who decrypts the message by subtracting the same
key. It can be seen below </p>

<p align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </p>

<div align="center">
  <center>
  <table border="0" width="36%" height="250">
    <tr>
      <td width="40%" height="17"><b>Alice</b></td>
      <td width="10%" height="17" align="center"></td>
      <td width="50%" height="17"></td>
    </tr>
    <tr>
      <td width="40%" height="19"><font color="#000099">Message</font></td>
      <td width="10%" height="19" align="center"></td>
      <td width="50%" height="19" align="center"><font color="#000099"><b>11001010</b></font></td>
    </tr>
    <tr>
      <td width="40%" height="19"><font color="#000099">Add key</font></td>
      <td width="10%" height="19" align="center"><b>+</b></td>
      <td width="50%" height="19" align="center"><font color="#000099"><b>01110010</b></font></td>
    </tr>
    <tr>
      <td width="40%" height="19"><font color="#000099">Scrambled Key</font></td>
      <td width="10%" height="19" align="center"><b>=</b></td>
      <td width="50%" height="19" align="center"><font color="#000099"><b>00111100</b></font></td>
    </tr>
    <tr>
      <td width="40%" height="46"><b>Transmit</b></td>
      <td width="10%" height="46" align="center"></td>
      <td width="50%" height="46"></td>
    </tr>
    <tr>
      <td width="40%" height="19"><b>Bob</b></td>
      <td width="10%" height="19" align="center"></td>
      <td width="50%" height="19"></td>
    </tr>
    <tr>
      <td width="40%" height="19"><font color="#000099">Scrambled text</font></td>
      <td width="10%" height="19" align="center"></td>
      <td width="50%" height="19" align="center"><font color="#000099"><b>00111100</b></font></td>
    </tr>
    <tr>
      <td width="40%" height="19"><font color="#000099">Subtract key</font></td>
      <td width="10%" height="19" align="center"><b>-</b></td>
      <td width="50%" height="19" align="center"><font color="#000099"><b>01110010</b></font></td>
    </tr>
    <tr>
      <td width="40%" height="19"><font color="#000099">Message</font></td>
      <td width="10%" height="19" align="center"><b>=</b></td>
      <td width="50%" height="19" align="center"><font color="#000099"><b>11001010</b></font></td>
    </tr>
  </table>
  </center>
</div>
<p align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </p>

<p align="left">&nbsp;&nbsp;&nbsp; Normally, encrypted text doesn't contain any
information until you use key. Although perfectly secure, the problem with this
system is that is essential that Alice and Bob share common secret key, which
must be at least as long as the message itself. They can also use the key for
single encryption (that explains name 'one-time' pad), because if they used key
more than once Eve could record all of the scrambled messages and start to build
picture of the key. The real trouble starts here. If they want to share same
key, then key must be transmitted by some trusted means, such as courier or
through personal meeting between Alice and Bob. Yeah, now begins a story of
espionage... etc. I can think a couple of thousand problems here, ranging from
authentication problems, expensive meeting, eavesdropping, etc... I believe you
can think even more of them due it's 3am now that I'm writing this. It's same
with net, let me just mention IP-spoofing. Got it? I believe you do. The good
thing is that if Eve would like to crack message, not knowing the key, she would
have to try all combinations, and yet not knowing which was right. </p>

<p align="left">&nbsp;&nbsp;&nbsp; <i>&nbsp;&nbsp; </i>&nbsp;&nbsp;&nbsp;&nbsp; <i>RSA
(Rivest, Shamir, Adleman)</i></p>
<p align="left">&nbsp;&nbsp;&nbsp; RSA belongs to other class of crypto-systems,
so called <i>&quot;public-key crypto-systems&quot;</i>. First public-key
crypto-systems were proposed in 1976 by Whithfield Diffie and Martin Hellman who
were at Stanford University then. They used so called <i>one-way</i> functions
in which is easy to compute the function, for instance, f(x) (that means that we
have some function depending on some variable x) but they are hard to compute in
other way. In way to define what is meant by 'hard to compute in other way' we
can for instance take time as a factor, the good one crypto-system could be one
that a time to do a task grows exponentially with the number of bits used to
encrypt. For example we can take breaking number on prime factors. Let me show
it this way, you can work out that 109*59 is 6431, but it would take much longer
time to us to find out that the prime factors of 6431 are 59 and 109. </p>

<p align="left">&nbsp;&nbsp;&nbsp; However, some of these one way functions have
a so called &quot;trapdoor&quot;, which means there is easy way to compute
function in difficult direction with some additional information, in this case
key or password. So if you for instance know that one prime factor of 6431 is
59, it's not hard to calculate other prime factor. RSA is based on that function
I've explained above. It is believed today, but there is not any strong theory,
that the time needed to find prime factors of an integer, and to obtain private
key, grows exponentially with the number of input bits. There could be major
security hole here if someone finds out that there is faster way to calculate
prime factors, the problems are enlarging with the fact that the most money
transactions security systems are based on RSA. Hey... brakes here, lamer alarm
(only for those of you that need it) ... Don't think that you'll find out the
way to factorize prime numbers, and break into Wall-Street server in about 10
minutes, all with loud music causing brainstorm in you head (that looks like
that idiotic description of hackers, seen so often on media)... Generations of mathematicians
(and yes there are some much more intelligent than me and you together)
dedicated their careers to that task, and all this story draws it's roots from
Fermat I think, all back to 19-th century so... just don't blame yourself, ok.
If you wish to dedicate your lives to science, just forget that picture of
Albert Einstein developing his special theory of relativity for one long weekend
when his wife had PMS and the couldn't do anything else, OK? Hacking is science
and art, like mathematics or physics (and programming, off course), and it takes
long, long time, and great dedication. I'll pull water now, and continue this
topic... </p>

<p align="left">&nbsp;&nbsp;&nbsp; Ok, what means public crypto-system at all.
Well that means that you with one key you make (pass that you type), you get two
keys, public and private. Looks like good bargain to me. You can share public
key with the all world, and they can encrypt message with it, but once the
message is encrypted only, and only the owner of private key can read it. Also,
when you send message that you've encrypted with private key (you keep it for
yourself, that's what that private means), that message will be decrypted with
public key, but the public key won't decrypt any message that are is not
encrypted with private key. That explains the term digital signature. No, you
can't compute private key having public key, at least not for some reasonable
time, considering, off course, that the other side choose hard password to
break. </p>

<p align="left">&nbsp;&nbsp;&nbsp; We are getting close to topic here. There is
one more reason (that is mostly the reason for having quantum cryptography as a
solution) why RSA could became unreliable in the future. There are devices, that
are only theory now (but good one, believe me, experiments say so), that are
called quantum computers (I'll write an essay on them too, very soon), that
could factorize numbers not exponentially, but linearly with number of bits. The