Talk:Quantum cryptography

From Wikipedia, the free encyclopedia

WikiProject on Cryptography This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography on Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks.
WikiProject Physics This article is within the scope of WikiProject Physics, which collaborates on articles related to physics.
??? This article has not yet received a rating on the assessment scale. [FAQ]
??? This article has not yet received an importance rating within physics.

Help with this template Please rate this article, and then leave comments to explain the ratings and/or to identify its strengths and weaknesses.
This article is within the scope of WikiProject Computer science, which aims to create a comprehensive computer science reference for Wikipedia. Visit the project page for more information and to join in on related discussions.
??? This article has not yet received a rating on the assessment scale.
??? This article has not yet received an importance rating on the assessment scale.
WikiReader Cryptography It is intended that this article be included in WikiReader Cryptography, a WikiReader on the topic of cryptography. Help and comments for improving this article would be especially welcome. A tool for coordinating the editing and review of these articles is the daily article box.
To-do list for Quantum cryptography: edit · history · watch · refresh
  • Re-write Entanglement section
  • Clean up Attacks section - cite security proofs
  • Add references to important results in the literature
  • Illustrate with diagrams [1], [2] and maybe photos of a QC setup

Contents

[edit] Schneier links

Two comments:

1) The Schenier links are not related to quantum cyptography.

2) The method described in them is definitely not absolutely secure.

I agree, I've removed the links as neither looked relevant to quantum cryptography.Centie 13:29, 14 April 2007 (UTC)

[edit] Usage: Quantum computing for cryptanalysis -- falls under quantum cryptography?

Does the term "Quantum cryptography" usually include "Quantum computing for cryptanalysis"? Most usages I've seen are restricted to Quantum Key Exchange-type things. Because of this, I'd like to move the "Quantum Computing Cryptanalysis" out of this article and merge it into, for example, Cryptanalysis and Quantum computing. — Matt Crypto 12:36, 12 Jan 2005 (UTC)

[edit] Error in Attack description

The Attack section says that man-in-the-middle is not possible but then describes an eavesdropping attack with retransmission, not a traditional MITM attack (as defined by the MITM article). If Mallory sets up two QC systems, one for Alice and one for Bob, then a MITM is certainly possible as long as Mallory can make Alice and Bob believe that they are communicating with each other. There is also the channel Alice and Bob must use for agreement of the key bits which can be susceptable to MITM attack. And, of course, since QC is really a key exchange system (in practice), all the attacks on the conventional encryption system being used are available. In fact, given the MITM attacks on QC and the fact that a conventional encryption system must be used, I see no real advantages to a system like this, except for make money by selling it.

The reason you're confused is that a large part of this article pretends to describe quantum cryptography, but in reality describes an exotic form of classic cryptography. When real quantum cryptography with entanglement is used MITM attacks become a lot harder (if not impossible).
E.g. if Alice and Bob meet and take some entangled spins home with them then they can ask Malory a question he doesn't know the answer to. Alternatively they could publicly transmit information that only makes sense if you have the spins. In that case Malory doesn't even know the question. Of course Malory could kidnap Bob and use his spins. But I don't think there are cryptographic systems that shield their users from that kind of abuse.
Or perhaps you could send a message using quantum teleportation.
This article needs a major re-write. Unfortunately I don't know if I'm well enough into this subject to do this. Shinobu 08:58, 16 May 2005 (UTC)
Surely QC doesn't really stop man-in-the middle attacks rather than preventing eavesdropping once secure authentication has been achieved? While a MITM attack will allow eavesdropping, there are other ways to achieve it. In RSA you can brute force the RSA key long after the transmission has taken place as an example. MITM attacks the authentication stage of a cryptography scheme, not the transmission. You still need to share entangled quantum states, and this effectively corresponds to exchanging a shared key when using a symmetric cipher. In my opinion the main strength of QC is that it ensures that a successfully authenticated session is unbreakable. No system, quantum mechanical or not, can ever prevent MITM attacks simply because you need to agree to use a secure communication's channel to begin with. If Alice and Bob do not have a secure communications channel they are vulnerable to MITM and thus Alice have no way to tell Bob to start a secure transmission. She might think she has told bob to use QC or RSA or whatever, but the person she spoke to was in reality Claire impersonating him. I am not trying to say QC is useless, it does have certain advantages. In particular, with RSA or AES, and other Mathematical encryption schemes, chances are a third party can store the encrypted message, and wait for improvements in technology or mathematical breakthroughs to make them readable. Many messages that are unreadable today may very well become readable in 2050. QC prevents this since the encrypted message is guaranteed to be destroyed when it is read. It is the Quantum Physics equivalent to the Mission Impossible tapes that ignite 5 seconds after being read, except in QC the destruction of the encrypted message is instantaneous and impossible to circumvent. QC have a few serious disadvantages as well. Denial of service attacks is probably the biggest one. Because the communication collapses on any attempt to read the encrypted message, you don't even have to break the scheme to carry out a DNoS. Simply trying to read the _encrypted_ message destroys the communication channel, so the very same feature that makes eavesdropping difficult also makes DNoS easy. Contrast this with standard radio transmissions where it is virtually impossible to carry out a denial of service attack because of the large number of possible frequencies and high energy output needed to jam a signal. The corollary is of course that radio transmissions are very easy to eavesdrop on. 137.205.236.47 17:43, 1 May 2007 (UTC)
Quantum cryptography needs authentication of messages on the public channel, the same as any form of secure communication, so you know your talking to Bob and not someone else pretending to be Bob. All the QC protocols I've seen include authentication for this very reason, to avoid MITM attacks. This authentication can be done using a small amount of the key previously generated using the channel, for example unconditionally secure Wegman-Carter authentication only requires a length of key scaling logarithmically with the total key length distributed. So the reduction in key rate due to authentication is very small for prevention against MITM.
For the original poster the advantage of QC, as pointed out by others here, is that you can detect how much anyone else could have learned about your key. If it's low, you can reduce their knowledge to an arbitrarily small amount, and if it's too high you can discard that key. Also, although QC does just generate a key for a 'conventional encryption system', the main encryption proposed for QC is the vernam cipher which is provably secure from attack - if you key is secure, so is your message.
Denial of service attacks are easy with any point-to-point communication link, not just quantum ones. In order to intercept and read the photons you need physical access to the fibre, and if you've got that far you may as well just cut it. The same applies for AES over a telephone wire etc. Things like free space QKD to satellites or quantum cryptographic networks might make DoS more difficult, but by no means impossible for a determined attacker. The same applies to anything though really, with enough resources radio can be jammed or internet communication flooded.
The attack section does seem a bit confused though, mentioning MITM attacks as two different things. Reading the Man-in-the-middle attack article it sounds like both attacks could possibly be described as such, even though I think only the second one (Eve pretends to be Alice to Bob etc.) actually is. QC certainly prevents "an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised" on the quantum channel. Maybe someone with cryptography knowledge could clarify? The section probably needs rewriting, along with a few others. Centie 17:00, 2 May 2007 (UTC)

[edit] Mallory vs. Eve

I'm confused here. In the Attacks section, we suddenly start talking about "Mallory," whereas in the rest of the article, "Eve" is the eavesdropper. Where did "Mallory" come from? Is this because "Mallory" is a name specific to an attacker, where as "Eve" is only an eavesdropper? I probably missed something somewhere. Maybe we should make it more clear to the reader who is trying to do what.--24.50.128.226 03:58, 11 November 2005 (UTC)

See Alice and Bob.
Active attackers (like men in the middle etc.) are often called Malory (think Malicious). Shinobu 19:08, 11 November 2005 (UTC)

[edit] NPOV vs. clear-cut Information

the last sentence of the article reads "A year's supply of AES128 keys, changed at that [100/sec] rate, will fit on a high-end iPod or 11 DVD-Rs, and these have the additional advantage that they can be carried anywhere in the world with the parties." this is clear-cut information, as this pretty much shows that Quantum cryptography is not really needed, and most likely a waste of money. But this cited statement could be attacked with WP:NOR and possibly WP:NPOV.

I would even propose to add something similar to the lead paragraph. i know, we should not be tendentious, adhere to NPOV, but if it is that easy to disprove the viability of some solution, shouldn't that be mentioned at the top, so prospective readers might skip the article if they wish to?

i'm currently reading about quantum mechanics, got to this article and read it, all the while being a bit skeptic about the process described. but really, if i knew about the comparison to aes128-keyswitching from the start, i needn't have to worry and think about it at all, could have read more relevant articles. that is no attack, it is a question. thank you for your time.-- ExpImptalkcon 22:39, 19 November 2006 (UTC)

[edit] Polarized photon section is incomplete

I've read it a couple of times now, and although it describes what you do, it doesn't describe how it works. IE, so Alice changes the polarization she uses from linear to circular... and? So what? How does Bob use that information? How does it prevent Eve from eavesdropping? Maury 23:28, 1 March 2007 (UTC)

The section has been rewritten now, and hopefully provides more information. Centie 22:52, 29 April 2007 (UTC)

This section describes communication by means of "pulses of polarized light, with one photon per pulse". It then talks about linear and circular polarizations. Talk of linear polarizations of single photons should be removed. Single photons cannot carry linear polarizations. Photons carry right or left circular polarization, corresponding to the 2 possible helicity states for the photon. Read all about it: http://en.wikipedia.org/wiki/Photon under Physical Properties. Mseslacker 15:55, 14 April 2007 (UTC)

A photon's polarization state can be linear (and in any direction) or circular, see Photon polarization. I think the confusion arises due to differences between quantum mechanics and classical polarization, it's been discussed on the Talk:Photon#Two_States_of_Polarization page.
Essentially, you can only distinguish between two polarization states at once, for example right and left circular, or horizontal and vertical (linear). So imagine you measure a photon as right circular . If you measure it's polarization in the circular basis again every subsequent measurement of it will be right circular, never left circular. But if you then measure it in a linear basis (horizontal or vertical, for example) you will get either H or V at random with equal probability. But every time you measure in the linear basis again you will get the same result as the first time; the photon is now either vertical or horizontally polarized.
What happens if you now measure in the circular basis again? It turns out that you will get a right or left result with equal probability, even thought the photon started out as right. If this all sounds strange it is, but it's also very well tested experimentally (see Stern-Gerlach Experiment). The reason for it is basically quantum superposition; the horizontal (or vertical) linear polarization state can be expressed as a combination of right and left circular states, and the right (or left) circular state as a combination of horizontal and vertical states.
This is precisely the reason quantum cryptography works: Alice sends photons either in the circular or linear basis, and if Eve intercepts them and measures them in the wrong basis then the original information (if it was right/left or horiz/vert) is lost, even if Bob subsequently measures the photon in the same basis Alice sent.
To answer the original post: your right, the article doesn't really seem to explain this at all! The BB84 article linked is better but quite complicated, someone should really rewrite the polarized photon section here. Centie 14:07, 15 April 2007 (UTC)

[edit] External Links to Research Groups?

I've categorised the external links section and only one of the existing links is a research group. I suggest we either add more research groups, add a link to a list of research groups (I know quantiki has one for all quantum information groups, but is there a similar one just for quantum cryptography?) or remove the section entirely.Centie 13:29, 14 April 2007 (UTC)

[edit] HUP?

I could very well be wrong, but I don’t really see what the Heisenberg uncertainty principle has to do with the photon polarisation method of QC. Does it not rely more on the Observer effect?

The original paper mentions the uncertainty principle several times, but not the observer effect. All the good descriptions (in fact all the google results too) on the web seem to do the same thing. I'm not certain this is right, but can't really find any evidence to suggest it isn't.
I think the security of BB84 can be thought of in terms of the HUP though. Rectilinear and diagonal (and circular) polarisations are all conjugate variables, so obey an uncertainty relation of the form ΔP+ΔPx > C where C is some non-0 number. If we prepare some photons in vertical polarisation states then measure each one in the rectilinear (+) basis we will always get the same result (vertical), so there is no uncertainty in this measurement and ΔP+ = 0. This must mean ΔPx = ∞ to satisfy the uncertainty relation, so if we had instead measured it in the diagonal (X) basis we would have got a totally random value. So the HUP implies measuring in the wrong basis destroys the information.
I think it can be described in terms of the observer effect too (if my understanding of this is the same as yours, the wikipedia page seems a bit hazy). Vertical polarisation can be seen as a superposition of +45 and -45 diagonal polarisation, so observing a vertically polarised photon in the diagonal bases will cause its state to collapse randomly to either of these two. This destroys the superposition and the original information (there's no way to tell it used to be vertical).
My guess is in this case the observer effect and uncertainty relation both result from the same underlying principles, so as the overwhelming majority of sources credit the UP we should keep the article the same. If anyone has any ideas about the OE/UP in quantum cryptography though please share, as I can't find any other discussions about it! Centie 23:04, 25 April 2007 (UTC)

Given that the HUP is used almost interchangeably with the Observer Effect in popular media, and people are constantly pointing out (see the HUP article and it's "Popular Culture" uses) I would tend to think that the description in this article tends to focus more on the observer-effect aspect, and less with the HUP itself. While there is certainly the possibility of the HUP's math being involved (and I'm really not the person to determine that), the usage of the HUP in this article seems almost identical to that of the OE. elecmahmElecmahm (talk) 07:31, 24 November 2007 (UTC)

[edit] Limitation: no deniability

I removed this section, since it is not correct. Any attack focused on only a very few bits of the key would be taken care of by the privacy amplification. Even if there is virtually no errors in the channel, some amount of privacy amplification is required. The research article that was referred to for justifying this section, has an incomplete view of what goes on in a QKD protocol. --V79 14:55, 17 May 2007 (UTC)

I've suspected this for a while, but was unable to access the reference article to check it. I think removal is a good decision. Centie 15:35, 18 May 2007 (UTC)

[edit] Free space

AFAIK, usage of "free space" is not applicable here. Free space represents absolute vacuum; but, the tests were done with air as medium. Praveen 18:58, 12 June 2007 (UTC)

Your right, free space is theoretically an absolute vacuum, but as noted on the free space page it's usually taken to mean a medium which doesn't substantially affect the phenomena under consideration. E.g. outer space is usually described as "free space" with regards to EM radiation. Whether this use is correct for the QKD experiments is debatable, as ultimately the distance restriction is caused by the photons being attenuated by the air. However the ARDA roadmap and most papers do seem to describe it as "free space quantum cryptography" (arxiv and google both turn up several results for this). Maybe "open-air" or "through-air" would be more correct alternatives, but I'm not sure if deviating from the most common name is a good idea? Centie 17:37, 14 June 2007 (UTC)


[edit] Revert on 14-10-2007

I've changed "Using quantum phenomena such as quantum superpositions or quantum entanglement a communication system.." back to "Using quantum states.." for the following reasons: "Quantum Phenomena" doesn't have a wp page or appear to be a particularly widely used term, but seems to refer more to higher level results of quantum mechanics (e.g. spectral lines). In contrast superposition states and entangled states are basic parts of the theory, and it is systems in these type of states which are used in QKD.

I've removed the link to the bell test experiments from "The security of quantum cryptography relies only on the well tested foundations of quantum mechanics", as these experiments only tested the validity of entanglement (as opposed to some sort of hidden variable theory). Quantum cryptography relies on much of the foundations of QM, which have been tested in innumerable experiments, so it seems misleading to only mention one.

Apologies for removing your first two edits to the page, I'm just trying to keep everything as clear as possible, don't be put off editing it more! Centie 17:09, 14 October 2007 (UTC)

Hello Centie! I agreed with Quantum Phenomena statement, when I first seen it. I thought the sentence a little clumsy, stating that Quantum Superposition is a quantum state, when it is a classification of a state. But you made some good points so I attempted to strike a balance between your concerns and my own.
In my opinion, your edit was not minor one. I would suggest you be more critical in assigning such a label.
I made some other changes to those two paragraphs. I would appreciate you could taking a look. Skippydo 21:34, 14 October 2007 (UTC)
After reading the introduction again I've had another try at reworking it. I realise some of the changes are similar to my original edits, but I think it's important to get the key elements of quantum cryptography mentioned there, while keeping it as succinct as possible.
I marked my edit as minor as I was reverting two minor edits by another user. Your probably right though (I haven't actually read the definition of 'minor edit'), I'll use 'minor' only for correcting typos etc. in future. Centie (talk) 19:54, 23 November 2007 (UTC)

[edit] Excessively cautious wording

Unless I'm missing something, "a range of the order of ~100 km" is excessively cautious (and probably unnecessarily imprecise. If we are talking orders of magnitude, then the "~" for approximation seems a bit excessively cautious. However, I'm guessing that something more precise could be said (and cited). After all, "the order of ~100 km" means ~10 km to ~1000 km. Again, unless I'm missing something. - Jmabel | Talk 22:03, 22 November 2007 (UTC)

Something more precise is said, and cited, in the Prospects section. That section should probably be renamed, and moved above history, to make it clear it's dealing with current implementations. I've removed that paragraph from the introduction as it didn't add any new information, and just confused what is meant to be a brief overview (the lack of quantum repeaters should probably be mentioned in the Prospects/Implementation section though). Centie (talk) 19:43, 23 November 2007 (UTC)

[edit] 2007 figure referenced w. a 2002 document?!

There's no link to the document cited as reference #2, so I have to take this at face value and ask: how can a 2002 document be a source for the error threshold given as "20% as of April 2007"? Was there a plan in 2002 to make a later change to the official(?) threshold value? Or perhaps a proposition adopted only 5 years after its formulation? D0nj03 (talk) 16:15, 8 January 2008 (UTC)

The paper cited shows a method that allows secure communication to be carried out whenever the bit error rate is equal or less than 20.0% (for the BB84 protocol). The "as of 2007.." means that when that part of the article was written this was still the highest error rate that it's been shown to be possible to extract a secure key with, i.e. no papers published since then have improved on this. Google turned up a link to the paper if you want to read it btw, [3], the bit about BB84 is in the final bit of the conclusion (the 27% rate refers to a different protocol). Centie (talk) 19:35, 10 January 2008 (UTC)
Well, then. And here I was, just about to correct another such "as of..." that I found in there. :) It seems to me quite strange that someone would record the "state of the art" at the time they're making their edit instead of writing when that particular result was actually obtained. Are we really to believe that any (possibly anonymous) editor is perfectly aware of the "s.o.t.a." (of all the papers published everywhere on the subject) up to the moment of their contribution? How plausible can such a claim ever be?
D0nj03 (talk) 11:39, 14 January 2008 (UTC)
Ideally the page should be up to date all the time, but as this is unlikely to happen it seems like the next best thing is to record when details such as this were correct. Then the page at least stays accurate if new results are discovered, instead of misleading people. Plus, if someone needs up the minute data they can check for results since that date, and hopefully update the page accordingly. After a quick search I found the Wikipedia:As_of page, which suggests this construct is standard practice, and in fact should probably be linked to make it easier to update. I'm not sure if linking it might just create confusion though. Adding the year the result was obtained is possible, although it might make the sentences more clumsy and this information is already in the references section.
All the edits to this article are made by anonymous editors, like all wikipedia articles. You don't have to believe anything in the article, be it the description of BB84 or the current distance achieved. The references are the authoritative sources, and should be used to verify claims, and so really everything should be referenced. But that would get messy, as well as being time consuming. The source for the 20% error rate claim is the review article 3rd down in the external links section ([4]), written in March 2007. It's unlikely anyone is perfectly aware of all the papers published anywhere on the subject, but Lo and Lutkenhaus can probably be believed. A citation to this article could be added just after the "As of March 2007.." bit if you think it's needed? Centie (talk) 15:55, 23 January 2008 (UTC)

[edit] No known way vs. impossible

“Mallory cannot use a man-in-the-middle attack, since he would have to measure an entangled photon and disrupt the other photon, then he would have to re-emit both photons. There is currently no known way to do this, according to widely-accepted theory in quantum physics.” Surely this should say that it’s impossible according to accepted quantum physics theory? This is a much stronger claim than merely “no known way”, but it’s the provable impossibility of attacks that makes quantum cryptography interesting in the first place. -213.115.77.102 (talk) 14:25, 24 January 2008 (UTC)

Your right, it should. The whole attacks section is in need of a re-write (it's on the todo list on this page at least!), the information in there is incomplete at best and some of it's just wrong. The part you quoted is highly suspect, for a start it describes an intercept-resend attack; man-in-the-middle needs to be defeated with authentication.. which I think is mentioned later in the section(!). Centie (talk) 12:42, 25 January 2008 (UTC)

[edit] interactive BB84 demo

I just made available an interactive BB84 demo which I wrote about 10 years ago but which has moved several times and has been unavailable for the past year. Feel free to link to it if you think it is useful. It's at http://fredhenle.net/bb84/. Fred (talk) 17:19, 6 February 2008 (UTC)

[edit] Quantum Non-Locality

The article mentions that the results between Alice and Bob will not be perfectly correlated, but they will be correlated better than if they weren't entangled. This is false; their results must be 100% correlated because, in the case of entangled electron spins, angular momentum has to be conserved. So if Alice measures UP, Bob MUST measure down with 100% probability. The same is true with entangled photons. So this paragraph should be removed from the section. —Preceding unsigned comment added by 68.41.69.22 (talk) 15:21, 13 February 2008 (UTC)

The entire Ekert 91 section is badly in need of a re-write, but maybe the information is so confusing/misleading deletion is the best option? I think what it was trying to get at though is to do with the CHSH version of the Bell inequality, which is used in testing the security of communication using entangled states. This gives the amount of correlation when Alice and Bob measure in different basis, so if Alice measures up what happens if Bob tries to measure ±30°? In this case the results won't be 100% correlated, but will have a probability distribution. The CHSH inequality basically says if you measure in different pairs of basis, then compare the amount of correlation, the result will only be a certain value if the photons pairs were entangled. If they had been intercepted and were not entangled when they were measured, the amount of correlation would be less than this value. Sorry this is all a bit vague, but you can read one of the links to E91 to explain it better if you want. -- Centie (talk) 03:00, 2 March 2008 (UTC)

[edit] Quantum Attacks

I deleted a paragraph from the 'Attacks' section, because it doesn't really belong.

While it is true that Mallory may be able to determine the state of Alice's polarizer by reflecting photons off of it, Alice and Bob will surely detect this, abandon transmission and start over again with a different polarizing scheme. Besides, just knowing the position of the polarizer doesn't tell Mallory anything about the key, because the polarizing angle may change between every bit transmission.--MaizeAndBlue86 (talk) 01:13, 29 February 2008 (UTC)

I think it's an interesting attack that's worth mentioning. Once you've noticed that it's possible you may be able to redesign the system to make it impossible, but that's expected—it's why attacks are published in the first place. They can continue to apply for years to old systems and standards that can't easily be updated, and they're an important influence on the design of new systems. -- BenRG (talk) 12:00, 29 February 2008 (UTC)
I think that it should probably stay, as an example of while the protocol may be secure, the implementation can be vulnerable to side channel attacks. I've added another sentence to this effect, as well as a bit more about authentication, see if you think it's ok. -- Centie (talk) 02:37, 2 March 2008 (UTC)

[edit] Quantum cryptography MITM attacks

(Copied from User_talk:BenRG)

The article is correct, MITM attacks are impossible, given that both Alice and Bob use a good transmission method. Remember that they are only transmitting the key, and if they detect eavesdropping they will abandon and start over, or use a different quantum channel for transmission. So it is not susceptable to MITM attacks like "any other method".--MaizeAndBlue86 (talk) 01:07, 29 February 2008 (UTC)

I think the problem is that man-in-the-middle attack was misdefining the term, which I've now fixed. Quantum cryptography is vulnerable to MITM attacks as the term is used by cryptographers, and in fact the section already said so before my edit: "Quantum cryptography is still vulnerable to a type of MITM where...", followed by a description of a real MITM attack. -- BenRG (talk) 10:17, 29 February 2008 (UTC)
Aha, glad this finally got sorted out, the different definitions of MITM in the attack section has been discussed before.. see my reply to the "Error in Attack description" section above. I agree that quantum key distribution is susceptible to MITM the same as any classical protocol, when used without authentication. This authentication can be done using a small amount of the key previously generated using the channel, for example unconditionally secure Wegman-Carter authentication only requires an amount of key scaling logarithmically with the total key length distributed. So QKD allows for an exponential expansion of key material, provided you start with a shared secret. There are quite a few proposals (googling qkd authentication brings up some) for ways to generate this shared secret between any two users, most appear to rely on a trusted 3rd party/certificate authority or entanglement. I suspect in practice for the near future this initial key would be built in to the two "boxes" that sit at each end of a QKD link; these need to be transported to there final location securely anyway to avoid tampering with (e.g. random number generator attack), so storing the initial authentication key on them wouldn't introduce any additional security constraints. -- Centie (talk) 01:13, 2 March 2008 (UTC)