Sorry for the late response but I have not followed the development of the discussions on the web (must focus on other projects). For the moment, the KJLN secure communicator project is in idle mode because the experimental realization and testing were completed (with success) last April. Two review papers are awaiting completion with theoretical and design issues. The test results are reported in a Physics Letters article which is in press (maybe came out already in print). You can read the manuscript in press, as item number 7, at:

http://www.ece.tamu.edu/%7Enoise/research_files/research_secure.htm

The experimental network unit prototype was tested with parameters in the range 2km – 2000km. All the existing breaking ideas were tested. The Fen Hao breaking method was also tested using the fact that the effective temperature (much beyond 1 billion Kelvin) of the noise generators could be set with only 12 bit effective accuracy (even though the DA converters had 14 bit accuracy). But even this 12 bit accuracy was enough to secure that during the test runs of 75000 bit, zero effective bits could be eavesdropped with the Hao method. The theoretical info leak with the Hao method at this accuracy is less than 6 bits in 1 billion communicated bit. However, there is no theoretical limit of increasing the noise accuracy, only practical (financial) and the present one looks secure enough if we consider quantum communicator parameters as standard. With the given practical parameters, Feng Hao’s attack was the weakest “information leak” type attack among the tested ones. If the communicator would have utilized the thermal noise of resistors (stealth communication), then Hao’s attack would be of practical significance and it would yield further constraints on temperature stabilization and further limits of the wire resistance. However, stealth communication is probably rarely needed therefore the current system rund with enhanced “thermal-like” noise with noise-temperature much beyond 1 billon Kelvin. The strongest proposed attack was the Bergou-Scheuer-Yariv (BSchY) type attack based on wire resistance at economically selected wire diameters and it resulted 0.19% information leak. This is still about 5-10 times better than typical quantum communicator information leak of raw bits. Moreover, this value inversely scales with the 6-th power of the wire diameter thus doubling the wire diameter yields 64 times less leak.

There is one more difference between the information leak of the KLJN and quantum communicators. At quantum information leak, we know the location of the extracted bit with a high accuracy. Up to know, the attacks posed on the KLJN communicator either ignite the alarm within the clock period of the bit in question, thus no secure information is extracted, or if there is a leak without alarm, the exact location of the correctly guessed bits (beyond the noise) is largely unknown. This is a further gain in practical security compared quantum communicators.

It is important to emphasize that all these successful attack types, including Hao’s attack, are practical issues due to the non-ideality of the practical system. The system is theoretically totally secure at the math model level. However, in reality, neither this system nor quantum communicators are totally secure because real systems can only approach the clean conditions math models assume but never exactly reach them. Therefore, ideas, like Hao’s attack and the BSchY attack are very important because before widespread installation of such communicators they must pass all the existing attack types. That means, the information leak must stay below certain commonly accepted limits.

Reflectometry and any other breaking idea based on propagation times, they have been considered and excluded by the appropriate selection of low bandwidths (no-wave-limit), already in the very first paper. Andrew Raybould rightly points out the role of line filters. This is the only reason why the communicator must be so slow and this is why its speed is inversely proportional to the range.

Because I rarely have time to search for web discussions, if you have a question or idea which you published in a web blog, please ask me also directly, then I can surely respond: Laszlokish@tamu.edu

Thanks,
Laszlo Kish

This is a clever idea, but it only works in an ideal world. In the real world, it is insecure, more difficult to implement than traditional digital cryptography, and it’s less capable as well because it won’t work over the hundreds of billions of dollars of existing switched digital network infrastructure.

. png

It’s like two households feeding an alley cat. It gets skinny, just right, or fat.

Most objections question either the supposed undetectability of the modification channel or undistinguishability of “sum’s”components.

But the really interesting question is, are other systems that satisfy the above possible without using messy electrons in the wire? Something faster than the alley cat, of course.

This resistor scheme is, in a sense, linear; quantum schemes
exploit the nonlinear nature (of quantum collapse) to detect
adversaries.

This resistor scheme is clever in that there’s no “first order” difference for the adversary to monitor, but there are
more “higher order” analog tricks to play, to distinguish
bigR-wire-smallR from its mirror image.

The Johnson-line noise based secure communicator has been built and it has been tested up to the range of 200 km which is well beyond the range of direct quantum communication. Its raw-bit security level is set so that it is beyond the theoretical security level of practical quantum communicators. Here are the pictures and the first draft of a paper: http://www.ece.tamu.edu/~noise/research_files/research_secure.htm

More data will follow in the manuscript later. Arbitrary breaking attempts can eventually be tested and characterized. The device is designed to have a security level well beyond the theoretical security of quantum communicators.

Laszlo Kish

You misunderstood me, too.

1. I have never submitted any paper to IEE Information Security; I only asked for the opportunity to write up a response directly following your paper. But IEE Information Security refused this initiative by saying that such practice is not a common practice in the field. Note: Physical Review Letters, Applied Physics Letters, Physics Letters, and other leading journals I know always allow and even arrange a response directly following a comment.

2. Because the debate is about noise, random fluctuations and information in physical systems, the journal Fluctuation and Noise Letters (FNL) is actually a much more relevant forum to discuss this communicator than IEE Information Security. On top of that, the non-existent impact factor of IEE Information Security and the existing impact factor of FNL is another very important fact. However, I still offered them the possibility that I write up my answer for them provided it can directly follow your paper, just like well established journals arrange that. But IEE Information Security refused this offer thus I wrote up my response for FNL. It comes out in the December hard copy issue of FNL and it will also be published in the web edition of the December issue.

But I agree with your final statement: Let the Reader decide!

Laszlo Kish

The reviewing process in IEE Information Security is rigorous. If your paper was rejected, there must be a reason for that. If you still insist your design is indeed “totally secure” and my critiques are irrelevant, I have nothing more to say.

With that, I hope our argument ends here. Let readers decide.

I am on a trip, so briefly. It is better to keep the discussion at the scientific level. However, because you say that, here is the situation.

The IEE journal where your comment paper comes out does not even have an impact factor! Thus, using your terms, it is not yet a “recognized journal”. Therefore, because the editor did not allow me to publish a response following directly your comment, I decided to publish at FNL which has an impact factor and is abstracted in SCI.

Good luck,
Laszlo Kish

After reading your response, I really don’t want to explain further on this, but can only (strongly) suggest you to submit your paper to a recognized SECURITY journal or conference.

Good luck
Feng