Rupert Goodwins' Diary

Friday 31/3/2006

As a rule of thumb, if you can't understand a news report there's a good chance that the reporter wasn't quite on top of the story themselves. I've committed some corkers myself: a queasy feeling that what I've written doesn't quite make sense clashes with a desperate need to get it over and done with. It usually comes back and bites me on my dangly bits.

There was a danger of that today, when we looked at a story on the wires and couldn't make it make sense no matter what we did. A set of Japanese researchers at the Tokyo's National Institute of Information and Communications Technology have proposed that radio waves from distant quasars be used to generate encryption keys: the cosmic pulses are effectively random, they say, but as long as two sites know which quasar to listen to and at what time to listen, they can share the key. Or, if the sites can't both see the quasar at the same time, the signals can be sent at high speed over the Internet.

So far, so good — that would work, certainly. It would just be terribly insecure. The researchers appear to be saying that the security comes from interceptors not knowing the exact details of the signal used for the key. There's nothing to stop a sufficiently determined adversary from continually recording signals from multiple quasars and then repeatedly trying different bits of the recording until it finds one that fits. And the idea of sending the signals across the Internet immediately runs into the most basic of encryption problems — key distribution. How do you encode the key itself to prevent interception?

There are plenty of other problems, not least of which is an enemy spoofing a signal at the quasar monitoring site. The best demonstration I've seen of that was with a very expensive random noise generator which used the basic laws of quantum physics to generate keys which couldn't be predicted or usefully replicated during the lifetime of the universe.

A savvy friend who was with me nodded as the sales pitch went down, and agreed wholeheartedly as the purity of the output was demonstrated on a spectrum analyser. "Look," said the salesman, "Absolutely no periodicity whatsoever — nothing that can be analysed or predicted". "And this is unpoisonable?" asked my friend. "Totally!" said the salesman. My pal pulled his phone out of his pocket, dialled his voicemail and plonked the handset on top of the device. Those lovely regular bursts of GSM radio duly appeared on the output, turning the unguessable into the unmissable.

So the whole story seems implausible. It could be that all these problems have been solved, and that the rather uncertain reports we've read are due to the sort of misunderstandings that could easily arise when dealing with Japanese encryption research. We'll see if we can get to the bottom of it all, but meanwhile: to be taken with a large pinch of wasabi.