Quantum Computing Puts Encrypted Messages at Risk

Hannes R. Boehm hannes at boehm.org
Sun Jul 14 10:45:36 EDT 2002 

On Thu, Jul 11, 2002 at 07:50:30PM +0100, Ian Hill wrote:
> > 
> > Hammond said that his company, scheduled for a public launch this
> > September, will have a "commercially available solution" in 2003. The
> > Somerville, Massachusetts-based company is developing a prototype
> > quantum cryptographic device that can be used on telecom fiber and is
> > immune to eavesdropping, or so the company claims.
> > 
> > The device is also "future-proof" because, according to MagiQ
> > Technologies, it is invulnerable to advances in algorithms and
> > computing technology.
> Now I'm neither a professional cryptographer or professional quantum
> physicist, so any of the above could be incorrect. I'd love to be proven
> wrong - I fancy the idea of unbreakable encrption as much as the next
> man, but surely the way mankind has broken cipher after cipher, and
> challenged theorum after theorum should have made people a little
> dubious when the word "unbreakable" is bounded around. Besides, we all
> know the devil is in the implementation. Even if QKD is unbreakable on
> paper, an engineer is sure to break it ;-)
> 
> When I first read The Code Book (Simon Singh), I drooled endlessly at
> the idea of Unbreakable Encryption, until I became a little more
> cynical. I questioned Dr Singh on this when he came and gave a lecture
> in Cheltenham UK recently, and his best answer was that QKD is so secure
> because "its a different kind of system. Its not like conventional
> encryption." [synopsis - not direct quotation]. I'm not thorougly
> convinced.
> 
> Can anyone (politely) prove this mere outsider wrong?


QKD is a way to prevent a possible eavesdropper to listen to the 
Key Distribution System. In classical encryption the fist step is
always to intercept the encrypted message - this is where QC starts.

The key, which is later used as a classical One-Time-Pad, is distributed in a way
a eavesdropper can be detected, it can not be prevented though. This opens
the doors for DoS attacks. But: If the key has been transmitted without
an eavesdropper, than we have a 100% truly random one-time pad which has 
been prooven to be unbreakable.

An eavesdropper can be detected by the amount of Quantum Noise he introduces in the
Quantum channel. Since a Qubit (Qutrit or Qunit) can not be cloned perfectly
every attempt to listen to the Quantum Channel introduces some noise. This noise
is added to the noise already present on the Quantum channel. If the Quantum noise
reaches a certain theoretical ratio, we know that someone listens to the channel.

One word on cloning: Yes, cloning is possible ! No, it does not break QKD !

Copying of quantum states is possible, but not in a deterministic fashion. The 
maximum (theoretical) probability to get an identical copy of a qubit is 5/6. 
This has been demonstrated already experimentaly. Since there is a functonal 
dependence between noise and  extracted information, this is just an additional 
factor. It just reduces the distances we can reach, and the bitrates we can achieve. 
(It can be shown that perfect quantum cloning is not possible for what type of cloning
 mechanism whatsoever - AND (independently of the proof): if it would be possible, we could 
 communicate with speeds faster than that of light  and therefore it would also violat
 special relativity)

What we have here is a theory which is almost as old as the special theory of relativity
and has not yet prooven wrong. This theory tells us that there is no way whatever, that
a possible eavesdropper can listen to the key exchange. It also tells us that if we 
use either a Quantum random number generator or an entangled photon QKD system, that 
we get absolutly random numbers.

I recomend everyone who is interested in QKD to read an introduction to quantum 
theory. Everything QKD is about is just plain vector multiplication. It is a 
beautiful (=simple) theory. 

Okay. If you have questions, please feel free to drop me an email.

I am currently in my final year of graduate studies in physics. For 
my diploma thesis, I am working on a project in the field of 
Experimental Quantum Information. So hopfully I might be able to answer some of 
your questions :-)

http://www.quantum.univie.ac.at/research/crypto/index.html


BTW: there are already comercial QKD systems available

Hannes


-- 
---------------------------------------------------------------------
Hannes R. Boehm
---------------------------------------------------------------------
Institute of Experimental Physics
University of Vienna 
Boltzmanngasse 5 
1090 Wien
Austria

web  : http://www.quantum.univie.ac.at/
email: hannes.boehm at exp.univie.ac.at
---------------------------------------------------------------------
email:  hannes at boehm.org 
web  :  http://hannes.boehm.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20020714/89090642/attachment.pgp>

More information about the cryptography mailing list