NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware
At the blog http://leaksource.wordpress.com
Great article, full of leaked documents (not conspiracy theories). Random excerpt:
These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives — from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.
This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets’ data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.
I’m not going to try to address in this blog post all the ramifications of these NSA revelations. All I want to do now is to discuss the implications of these revelations for quantum cryptography, which is often sold in the same package as quantum computers, but shouldn’t be. They are quite different. One has huge potential, and the other one is a bust, in my opinion.
Quantum crypto is like a Dutch boy using one of his fingers to plug a small hole in the dike, while at the same time a million gallons/sec of water are pouring over the dike.
Quantum crypto is probably a joke to the NSA. Those guys don’t care about the etiquette of mathematical proofs. They snicker at the premises of a mathematical theorem claiming that a quantum crypto protocol is impossible to break. What they believe in is the old adage that “All is fair in love and war”.
The reasons I believe that quantum crypto is pointless are very simple. Quantum crypto can only protect data that is being transmitted from point A to point B. It cannot protect stored data (like the data stored in your computer hard drive). Indeed, who would want to store their precious data in the form of a super-fragile quantum state? Since it can’t protect stored data, quantum crypto would provide almost zero protection against NSA’s shenanigans.
Before QC’s arrive, we can protect stored data using classical crypto protocols already in use. After QC’s arrive, the only way to protect stored data will be using post-quantum crypto (i.e., non-quantum crypto that cannot be broken with a QC). Anyway you slice the pie, we will need post-quantum crypto once we have QC’s. So, once we have QC’s, just use post-quantum crypto to protect all data, stored and transmitted. Thus, there will never be, pre or post QC, any need for quantum crypto.
- Commercial companies that started selling quantum crypto 10-15 years ago, but were forced to diversify or die because the market for quantum crypto is non-existent: ID Quantique, Magiq
- Academic institutions that have spent millions of dollars on quantum crypto: IQC (Institute for Quantum Computing, at Waterloo, Canada. Funded about half and half by Blackberry cofounder Mike Lazaridis and Canadian taxpayers)
- American defense companies that have received millions of dollars in defense contracts to build large quantum crypto networks (the proverbial bridge to nowhere): the BBN branch of Raytheon.
- US Defense Laboratories (that we know of) that have spent millions of dollars building a quantum crypto network: LANL (Los Alamos National Lab) (see “Los Alamos reveals it’s been running quantum network for two and a half years” May 07, 2013). It would be surprising if MIT Lincoln Lab wasn’t involved in something like this too, since they do a lot of quantum optics and communications work, plus they are located in the same city (Boston) as BBN Raytheon, plus they often collaborate with Raytheon.
China also has a hefty quantum crypto program.