I confess I haven't read the entire article, but from the abstract I was wondering, why 143 kilometers (they answer this: distance to satellites), and why those two islands (except to maybe show off that they were teleporting in the lap of luxury)? I'm guessing it's because there is no physical link between the two, so it will reduce skeptics' abilities to say "this is a hoax, there is a cable connecting the two stations."
But quantum teleporting does require a link between the two points. From the Wikipedia article:
The prerequisites for quantum teleportation are a qubit
that is to be teleported, a conventional communication
channel capable of transmitting two classical bits (...)
There is no teleporting in the classical meaning of the word, just communication between two locations to make a remote qubit match the (unknown) state of the local one. That state is 'teleported'.
No? How on earth is it dishonest to use the technical term for the thing? It doesn't seem any more dishonest than calling the constituent parts of matter "atoms" even though they can actually be split.
AFAIK, it is teleportation -- something is going from one place to another without having to move through the space between them -- but it just isn't what you think of when you think of "teleportation".
Here is what I take to be an acceptable definition of teleporatation, which comes from Wikipedia:
Teleportation is the transfer of matter from one point to another without traversing the physical space between them
So under this definition, would you agree that quantum teleportation is not "regular" teleportation, since although information is traversing space without moving "through" it, matter is not?
I'm not really arguing semantics anymore, I'm just unclear whether the latter part of that question ("since...") is factually true, since I don't understand quantum stuff.
I think term teleportation is still valid because they can entangle and teleport any kind of particles. Photons are merely used because of their convenience.
You can entagled protons, electorns. Hell, I think they managed to demonstrate entanglement on a larger scale.
It seems to me like no particles are being teleported, becuse no matter is being moved. It's just information (i.e, the state of a particle) that is being duplicated in the same kind of particle on the other end.
(Note: my full qualifications are an on-going Coursera course on quantum computing that covers quantum teleportation lightly. FWIW, I recommend the course.)
In vague terms, the process of quantum teleportation is the following:
* You have a qubit that you want to transmit to a friend and that you don't know anything about.
* create an entangled pair of qubits (such as photons) and separate them. Keep one yourself and give another to your friend.
* Now you have two qubits; one entangled with your friends and one that you want to transmit.
* Send your two bits through a quantum circuit (the main part being a 'controlled NOT gate').
* Your bit is now entangled with the bit that is entangled with your friends bit.
* Measure each of your bits, hence 'collapsing' them. Each measurement gives you a classical bit.
* Transmit your two classical bits to your friend over any classical connection.
* Your friend then performs an operation on his or her qubit depending on what you send him or her.
* Your friend's qubit is now in the state that your original qubit was in. Your original qubit is now in a different state.
Call it teleporation if you want; it's not that unlike some sci-fi teleportation constructs of 'beaming' things places.
Why bother with this?
* It lets you send qubits to distant places that you have only classical channels to (and previously close enough contact share two entangled qubits).
* It allows more error-resistant computations: if your qubit is difficult to construct and you wish to perform a difficult operation on it, you can actually have your friend perform the difficult operation on his or her bit - prior to teleportation - and, if it succeeds, you can then proceed with the teleportation. If it doesn't succeed, your friend may try again on another entangled qubit without messing up your difficult-to-prepare qubit. After a success and teleportation, you get the same result (up to a commutator which is usually relatively small and risk-free) as performing the difficult operation on the difficult-to-prepare qubit, but with less risk of messing it up.
After this process is completed, can the entangled qubit pair be reused to transfer more information or is this a one off? That is, do you have to repeat the "give another to your friend" part in order to transmit more information?
This method requires the initial entangled qubits to be in a "Bell State" (equal superposition of both in 0 and both in 1). After teleportation, its no longer in that state. So it's not reusable by this method, but maybe by another that I don't know about (though I doubt it).
Can you clairify the second reasons to "bother" with it? I mean, if it's difficult for me to perform the operation, it's presumably equally difficult for my "friend" to do it (and subsequently "teleport" the result to me), so why not just do it myself?
In addition to the transportation benefit, it can be used for computation. The example given in the Coursera course was to suppose that we have a qubit (quantum bit) Y on which we wish to perform some unreliable computation. If it fails, then Y's state is lost. Further suppose that Y is costly (e.g. time consuming) to re-create.
Instead, we can create a pair of entangled qubits (which is easy to do - just a single quantum gate), as one would when teleporting a qubit. We then apply the computation to one of these qubits, and try again with a new pair of qubits if it fails.
Once we have successfully applied the computation, we can teleport our "expensive" qubit Y using this entangled pair. The result is that we now have Y with the computation applied, but there is no risk of losing Y's state.
The details are rather more tricky (only certain computations can be used, some require a correction after teleportation etc.), but this basis can (and has) be built on to develop, for example, fault tolerant quantum computing.
What silverdrake said, but also it's a matter of error-tolerance. If we want to do a difficult two-step computation and know when each sub-step succeeds or fails, than:
1) Perform the first step on a qubit (repeat if failed)
2) Your friend performs the second step on their qubit (repeat if failed, but no need to repeat (1))
3) Teleport your qubit to your friend
4) Your friend performs a simply operation on their qubit
After this, the state of your friend's qubit is now the result of applying both operations. But each sub-step can be redone without affecting the result of the other, so mistakes are easier to correct. So in this case, "your friend" might refer to yourself - the important part isn't teleporting the qubit somewhere elses, it's that the computation is less error-prone.
Perhaps, you are working on an important experiment with your qubit. However, you realize that that you need an expensive piece of lab equipment to follow through.
However, you remember that your "friend" has this equipment at his/her lab. You also happen to share an entangled qubit with your friend. And you know that you can call your friend on the phone.
Rather than mail the qubit to your friend's lab which could be in a very remote location, you use quantum teleportation to send its state.
This way your friend receives your qubit without the qubit having traveled through physical space.
It may be that the information encoded in the spin of a photon or something has jumped non-continuously. But most people think of "teleportation" as transferring matter.
Because the technical term is misleading and inaccurate.
If scientists started calling walking "human teleportation" tomorrow, they'd be wrong in that too. The term "teleportation" had a very well-established meaning before they appropriated it.
Scientists can make mistakes, labeling this process "teleportation" was one of those mistakes.
Scientist: "As you can see here, we've demonstrated quantum teleportation across an unprecedented--"
Journalist: "Teleportation?! Like in Star Trek?"
Scientist: "Uh, no. *Quantum* teleportation is a different--"
Journalist: "So you didn't send anybody through a wormhole or anything?"
Scientist: "No. What we've demonstrated is the ability to--"
Journalist: "It just seems like a bit of a mistake to call it 'teleportation'."
Scientist: "Yes, I can see that now."
"Quantum teleportation is unrelated to the common term teleportation – it does not transport the system itself, and does not concern rearranging particles to copy the form of an object."
So, in a nutshell, scientists aren't always incredibly creative when conducting nomenclature. Although some people do find subatomic particles quite strange.
Not in any sense is it dishonest to call it quantum teleportation, since the quantum state is precisely (and only) what is subject to the phenomenon. What is dishonest is the claim that F-T-L communication is possible.
The quantum state does not undergo travel during the transmission of the classical signal. The only thing that travels is the classical signal, which is needed to tell you how to read the message (and generally preserve causality in the universe.) The quantum state is teleported as though you had two objects with the selfsame quantum state. Poking one pokes the other.
Teleportation is teleportation of matter. So AFAIK you can't call it quantum teleportation, for the same reason you can't call travelling along the road "road flying," i.e., flying is travelling above the ground, not on it.
The human ability to generalize concepts is amazing, watch—I'll swap out your of matter for of quantum information and suddenly you're up to speed on subject of discourse: "The teleportation of quantum information." Magic!
Your language gives you away, you've already done this process in reverse to make your case, so I know you have the power to understand this concept.
You know, in a lot of sci-fis its not implied that teleportation is faster-than-light. Quantum teleportation does meet what does seem to be universal about "teleportation" though, which is that the "original" is necessarily destroyed. That is, it takes a thing, and moves it to another location, rather than copying it.
As far as I can tell, it just replicates the state of a particle in a remote location, using another particle of the same kind. So state is being transfered (i.e., information), but not matter, and nothing is being destroyed. I might be wrong about this, but that's what someone who explained it on hn said.
The author fails to understand the basics of Quantum Teleportation. Think of it this way: Alice has 2 boxes with the same unknown bit, and sends one of those boxes to Bob. When Alice opens her box she can see the value and Bob can see it too. Something like that.
Very good for cryptography (think untamperable shared secret keys) and for some cases of parallel computing.
Superluminal (FTL) communication would break Special Theory of Relativity. If anybody achieves that it would be an instant Nobel and front page on every newspaper on the planet. Even a mistake like the FTL neutrinos fiasco earlier this year.
Tech journalists tend to skim the abstracts and hype it to sell more clicks/ads.
I'm trying to think of a physical analogy to better understand this: Image you (Alice) have a randomly shuffled (say, by god) deck of cards. You cut the deck in half and distribute one half to Bob and keep the other half (such that by knowing one half, you would know the other). Until either of you look at your respective half-deck, the distribution of cards is in a superposition of all possible distributions (a la Schrodinger's cat). Where the analogy breaks down (thereby illustration what's special about Quantum Teleportation), is that as soon as Alice flips her cards, Bob's cards flip as well (and visa versa). Thus by the time the cards got to Bob, Bob would be able to detect that someone else could have read the cards and thus the information may have been compromised. (This is kind of how I remember quantum cryptography to work, actually).
Does this analogy make sense? My physics background is pretty weak...
This is really just an illustration of quantum cryptography, rather than quantum teleportation. Quantum cryptography is a method of exploiting quantum effects to create a channel that can be used to transmit classical information in a manner that cannot be eavesdropped.
Quantum teleportation is kind of the opposite. It uses a classical information channel in order to transmit -quantum information-, which can't actually be represented clasically. It is actually moving the superposition itself from one place to another. The term "teleportation" is used because the "no cloning" rule (quantum information cannot be "copied") means that the information is no longer in the original location.
This is mostly useful in quantum computers, because in order to actually process information it's pretty important to be able to get it from one piece of the machine to another, and until the recent teleportation breakthroughs building quantum computers that could handle more than a couple "qubits" was pretty much not doable.
The big difference is that encryption based on computationally difficult (but not impossible) problems (i.e. factoring) should not be used to encrypt information that must remain secure long-term.
e.g. Say you have a highly sensitive secret that must remain secret not for just a few years, but decades or centuries. If you encrypt it using a factoring based scheme and then transmit it classically, an eavesdropper could take a copy of the encoded message without your knowledge. Whatever scheme it was encrypted with will then have to stand up to decades of advances in algorithms and computing technology. Quantum computers will probably break most currently used factoring-based schemes (including elliptic) eventually, and there's no guarantee that there exists no classical algorithms that could break such encryption with practical amounts of classical computation either. You should view anything encrypted and transmitted using factoring-based methods as having been broadcast publicly with an unspecified delay.
Quantum cryptography is unbreakable in theory, but is not without flaws in practical systems. However, the nature of communicating with quantum states (google the no cloning theorem) means that attacks must be known and used at the time your message is transmitted. An eavesdropper trying to listen in on quantum encrypted communications cannot archive coded messages to attack at his or her leisure. Attacks must be immediately successful or the message will remain secure for all time.
So, your credit-card info is probably safe to transmit using factoring based cryptography, since it changes every few years. Your medical records, or where you buried that body, are a different matter entirely!
Whatever scheme it was encrypted with will then have to stand up to decades of advances in algorithms and computing technology.
So will the block or stream cipher you encrypted the data with.
Quantum computers will probably break most currently used factoring-based schemes (including elliptic) eventually
That seems extremely optimistic to me. Given the current state of the technology, it's a little like an astronomer discovering a distant new star and then promising to open suntan parlors from its concentrated rays.
Try this thought experiment: For a given set of security and speed requirements, take the money you would spend on a pair of quantum key exchange devices and spend it instead on accelerator hardware for non-quantum ECDH operations. How much longer (and more secure and reliable) can we make the key exchange parameters with this conventional hardware within the same time limits?
The answer to your thought experiment is: I don't know.
That's the only correct answer, and the reason why you shouldn't use ECDH for long-term sensitive information. It's still a method based on computational difficulty. There's no proof that there's isn't an algorithm that could efficiently break it on currently existing classical computers. One could be discovered in 50 years, tomorrow, or might already be in use in organizations like the NSA. Even if quantum computing wasn't progressing in leaps and bounds (if you look at what is being done you might be very surprised), the possibility it presents is still there.
Again, I'm not talking about credit-card-transactions here. I'm talking about critical information that you don't want to gamble with. ECDH, however good it is, is a medium-term gamble and practically certain to be broken in the long-term.
The only truly safe alternative to QKD at present is the simple one-time-pad (a.k.a. Vernam cipher). i.e. The sender and receiver physically exchange random bit strings. In Canada we still see government agents carrying handcuffed briefcases around on commercial airlines a lot, and that's probably what they're full of. It may sound ridiculous to do this because you're relying on the loyalty of those agents, but security is ultimately a people problem no matter what technology you throw at it.
There's no proof that there's isn't an algorithm that could efficiently break it on currently existing classical computers.
But we could also say that about the cipher used to encrypt the bulk message data.
I'm just saying that QC for the forseeable future seems complicated, expensive, and fragile and at best only addresses one bit of the overall puzzle.
Again, I'm not talking about credit-card-transactions here.
That's always refreshing :-)
I'm talking about critical information that you don't want to gamble with. ECDH, however good it is, is a medium-term gamble and practically certain to be broken in the long-term.
You probably know some things I don't, but conventional and EC DH seem to be the more conservative choice to me whereas QC seems like it's barely out of the lab (i.e., we have less than a decade of real-world experience with it).
Re: The cipher for encryption of the message data:
One time pad. Inefficient, but guaranteed secure by mathematical proof if the key is secure. Google it.
QKD is far from ready for last-mile networks, but in principle it should be able to use existing fiber and have similar network topologies to what we currently have in classical networks. (e.g. It is possible to distribute entanglement through untrusted repeaters.) Your arguments against it are the same that were once applied to transistors or lasers.
As for ECDH, please reread what I posted earlier. If your information will not be sensitive after a decade or two it is perfectly fine. If the information will remain sensitive, it is unsuitable.
One time pad. Inefficient, but guaranteed secure by mathematical proof if the key is secure. Google it. QKD is far from ready for last-mile networks
The very term QKD as "Quantum Key Distribution" implies that the system we're discussing is good only for distribution of keys much shorter than the message.
So which is it?
You're not impressing me with the claiming of "one time pad security" for a system that's not actually a one time pad. This is classic snake oil jargon.
Your arguments against it are the same that were once applied to transistors or lasers.
Yes, I'll admit there's an element of reactionary conservatism here. The difference is that lasers were demonstrably doing something new and transistors were doing something existing (amplification) in a way that had radically better economics.
QKD is taking something that we're already doing now (non-intrinsically authenticated key agreement) and claiming that there's a need to do it in this new, expensive, complicated, and fragile way. Forgive me if I don't just take your word for it.
It would really be cool for those saying "really, your (EC)DH will be broken in 20 years" to put it where their mouth is and tell us what attacks they have in mind. Otherwise, it's just FUD.
"Quantum Key Distribution" in no way implies the key is shorter than the message. It actually needs to be longer to allow for error correction, authentication, and privacy amplification (i.e. to compensate for noise that could be attributed to an attack). A one time pad, or vernam cipher, is commonly used in commercial QKD systems. It's not snake-oil. Please google it. It's dead simple to understand and almost as easy to understand why it's impossible to break if used properly. As I pointed out, it's the gold-standard for paranoid government agencies even without QKD, ergo spooks with suitcases on planes.
As for attacks on ECDH, look up Shor's algorithm. That particular algorithm needs a quantum computer to run, but there is no existing proof showing that it is impossible to find one that would run efficiently on a classical computer. Again, the nature of classical communications means that encrypted messages may be copied and archived, so that vulnerabilities found in the future can compromise messages you send today. Maybe nobody will ever manage to crack ECDH, but maybe they will. It's a gamble. Quantum communications cannot be copied and archived so QKD must be broken at the time of transmission or the message is safe for all time. That's the big difference.
Again, I'm not suggesting ECDH isn't fine for most normal people's day-to-day needs. We're talking about secrets that need to be kept for generations that you simply don't want to gamble on.
Reading your comment, and a few short articles (and that Defcon19 talk) on Quantum cryptography, correct me if I'm wrong. Quantum cryptography is a "way" (emphasis) to securely send a one time pad to the recipient in such a way that due to the quantum effects, if the quantum bit currently in transmission (in the wire) is mitm'ed, it doesn't reach the end or something like that. So both of you can discard that bit and continue on to the next bit until you've transmitted the whole pad.
More or less. Quantum states can only be measured probabilistically. This, combined with the fact that they cannot be cloned, is what makes the eavesdropper detectable if he/she tries to intercept the quantum states in between the sender and receiver. i.e. The sender knows what she sent, but if the eavesdropper measures those states and tries to imperfectly clone them she will send states to the receiver that will produce impossible results when measured by the receiver.
In a true MITM attack the eavesdropper could claim to be the receiver to the sender and the sender to the receiver and exchange keys with them both. This is why authentication must be a part of QKD protocols.
Once you have a secure key, using it as a one-time-pad is the most secure way to send data. (Note: We're skipping a few steps like error correction and privacy amplification)
Careful with this article. They get it wrong, suggesting the possibility of "instantaneous internet connections". No FTL information transfer allowed, kids.
Is it incorrect to say that, with quantum teleportation - while faster than light travel of _matter_ is impossible, faster than light travel of _information_ is possible provided that you have previously shipped the endpoints of the link?
The term "Quantum teleportation" just refers from moving quantum information from one place to another, which happens to be kind of hard. In fact, in order to do it we "piggyback" on classical information, so it is by definition subject to all the same limitations of classical information transfer.
> However, it does not _immediately_ transmit classical information.
As I understand it, once you distribute an EPR pair, you can transmit one qubit of quantum information which thereby destroys the pair. Provided you can encode your classical information into quantum information, the amortized rate of classical information communication cannot be faster than light because you need to first distribute the EPR pairs (which you cannot do at FTL), but the _instantaneous_ rate of classical information communication could be faster than light.
The biggest assumption here is that you can encode/decode classical information to/from quantum information at a rate (if at all) faster than it would take for matter to travel over the potentially infinite distance between the EPR pair. Some googling reveals that this is possible via means such as time-bin encoding. (Edit: time-bin is only for photons, which I don't know if you can entangle, but it still appears that you might be able to encode classical information in electron spin)
What am I missing?
Edit - alecco's other answer in this thread make it much more clear what is going on. Thanks again.
It sounds like you already figured this out, but you can't encode classical information into the system in such a way that would allow for FTL transfer of information. Depending on what you are specifically thinking of as "encoding", there will be an equivalent reason why it won't work; often because you collapse the wave function of your local quantum pair-element when you transfer energy into it, which is a form of observation.
