[E-Lang] MintMaker with ACLs

Karp, Alan alan_karp@hp.com
Wed, 31 Jan 2001 11:37:56 -0800

HP Labs has a very active group working in the area of quantum computation.
Anyone interested in this topic should check out
http://www.hpl.hp.com/techreports/index.html.  A search on "quantum
computing" turned up a long list of papers, several of which are on security
related topics.

Alan Karp
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1U-2
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278

> -----Original Message-----
> From: Ralph Hartley [mailto:hartley@aic.nrl.navy.mil]
> Sent: Wednesday, January 31, 2001 11:01 AM
> To: e-lang@eros-os.org
> Subject: Re: [E-Lang] MintMaker with ACLs
> Mark S. Miller wrote:
> > In fact, in terms of the kinds of vulnerability MarcS 
> explains -- reliance 
> > on the Mint or Bank, the MintMaker is vastly closer to 
> Hal's bank than it is 
> > to MarcS' example -- physical cash.
> > 
> > Cash has better security properties than seem possible in 
> the electronic 
> > realm.  The MintMaker is not only vastly weaker than cash, 
> it is vastly 
> > weaker than possible electronic monies, as the text introducing the 
> > MintMaker should make clear.  Finally, I believe the 
> MintMaker is somewhat 
> > stronger than Hal's bank for reasons related to MarcS' 
> message, but I 
> > haven't yet had the time to examine Hal's bank closely.
> > 
> > At 11:46 AM Tuesday 1/30/01, Marc Stiegler wrote:
> > 
> >> This new version may or may not answer an issue that I 
> have that is not
> >> quite Tyler's issue, though it is related to the 
> difference between a mint
> >> that makes money and a bank that tracks people's accounts.
> >> 
> >> Physical metaphor: My car breaks down in the Appalachians, 
> a barefoot
> >> 14-year-old kid comes down from a ramshackle shanty and 
> helps me get it
> >> started. I give him a 20-dollar bill as thanks for helping out.
> > 
> > 
> > The security properties of this put anything possible with 
> computers to 
> > shame.  (Assuming non-counterfeitable bills, of course.)
> This reminds me of something I was thinking of bringing up anyway.
> What would be the effect of quantum computation on the basic 
> design of 
> security systems? It is clear that the effect would be 
> substantial, but 
> would it be total? That is, could old principles and designs still be 
> used, with relatively small changes to block new threats and 
> exploit new 
> possibilities, or would you have to basically start over from 
> scratch? 
> Is the design of E one that would survive?
> Quantum computing would allow new threats to security, and new 
> capabilities, some of which might be completely impossible in 
> conventional computation.
> An example of a new threat would be the fact that quantum 
> computers are 
> known to efficiently solve some problems believed to be very hard for 
> conventional computers. The most famous of these if factoring the 
> product of two primes, but there are others. Anything that 
> relied on the 
> difficulty of such a problem for its security would be compromised.
> More interesting to me are the new possibilities.
> For instance quantum cryptography allows transmission of information 
> that absolutely cannot be intercepted. A one time pad is perfectly 
> secure, once it has been distributed, but the parties have no way to 
> know if someone has made a copy. Quantum states, however, are 
> known to 
> have the property that they cannot be copied by any physical process 
> whatsoever,  so using them it is possible for Bob and Alice 
> to be sure 
> that they have the only two copies of the key.
> It is possible to build objects that have many of the 
> properties desired 
> of a coin. For instance, quantum states, though they cannot 
> be copied, 
> can be transferred. If Bob and alice each have half of a sufficient 
> number of generic objects called EPR pairs. They can transfer any 
> quantum state from Bob to Alice using only classical communication 
> (which need not be encrypted as it is random already), Alice 
> obtains a 
> copy of the object Bob had, while Bob's version is inevitably 
> destroyed. 
> The EPR pairs required for this  need to be distributed to to Bob and 
> Alice from a common source, but neither the source nor the means of 
> distribution need be trusted, any attempt to copy or tamper with the 
> pairs will ruin them. This is the "quantum teleportation" 
> there was such 
> a fuss about lately.
> I think there are also methods that would allow a coin to be 
> verified as 
> valid, without allowing individual coins to be tracked (or 
> distinguished 
> one from another). I'm not sure to what extent a trusted 
> third party is 
> required for this, but I'm pretty sure that if one is required, there 
> are fewer things he needs to be trusted to do (or not to do) 
> than with 
> phisical or clasically computational money.
> Of course this technology seams a long way out now. The 
> biggest quantum 
> computing device build so far has less than 5 bits, runs at a 
> millionth 
> of a degree above absolute zero, and doesn't work for very 
> long. No one 
> really even knows if quantum computation will ever be practical.
> It might seem premature to worry about this sort of thing 
> now. I don't 
> think it is at all premature.
> Security infrastructure needs to last a long time. If a language 
> designed now lacks the expressiveness to describe a behavior that it 
> becomes possible to implement after the language becomes 
> widely popular, 
> the realization of the new possibilities could be seriously inhibited.
> Ralph Hartley
> _______________________________________________
> e-lang mailing list
> e-lang@mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/e-lang