You still will need good passwords.
Demonstrating a feat that was until recently thought to be impossible, researchers in Geneva, Singapore, Cambridge and Waterloo, Ontario have “unconditionally guaranteed” the security and sanctity of a message transmitted between two points on earth. Their work (pdf) could lead to impenetrable communications networks for financial trading, online voting, or an endless variety of other tasks currently carried out on the internet.
In this experiment the researchers solved a problem in secure networks known as “bit commitment.” Imagine that you’re playing a game of rock-paper-scissors by exchanging emails or instant messages. If your technology were fast enough, you could in theory cheat by waiting for your opponent’s answer to arrive (say, “rock”) and sending the response that would defeat it (i.e. “paper”) so quickly that it would look as if you had both made your choices at the same time. Bit commitment guarantees that a message sent at a stated time was in fact sent at that time and could not have been intercepted and changed along the way.
To accomplish this feat the researchers had to combine two domains of basic physics that rarely intersect—quantum theory and Einstein’s special theory of relativity. The result is “relativistic quantum cryptography.” The key difference between this and ordinary quantum cryptography, the previous gold standard (in which, as we reported recently, there have also been some advances), is that the latter can make a message tamper-proof, but can’t eliminate the potential for cheating about when it was sent. That means it guarantees secure communications between two parties that trust each other (say, a country’s foreign ministry and one of its embassies), but could be exploited if one of the parties is dishonest (between two financial trading systems, for example). Relativistic quantum cryptography closes that loophole.
Of course, even the most secure network has endpoints that are vulnerable to snooping. Messages sent between two computers using this system could not be tapped in transit, as the US National Security Agency reportedly accomplished with what were thought to be secure communications networks used by Google and Yahoo. But individual computers can always be compromised by attackers with sufficient determination. So keep using those strong passwords.