Quantum crypto broken?

Hannes R. Boehm hannes at boehm.org
Mon May 13 17:15:17 EDT 2002

On Fri, Apr 26, 2002 at 09:36:22AM -0500, Michael_Heyman at NAI.com wrote:
> Would anybody with more knowledge care to comment on this?
> This article leads one to believe that one can eavesdrop without being
> detected and with nearly 5/6ths confidence of the data on a quantum crypto
> communication. This is in contrast to the claim to fame of quantum crypto
> that the receiver will know if there is an eavesdropper. (This is what makes
> quantum crypto work when all public key crypto gets broken.)

This is a result from the non-cloning theorem and is well studied in 
Quantum Cryptography. Even though a practical realization which hits the 
theoretical limit is quite impressive.

A simpliefied introduction to the consequences of imperfect cloning of quantum 
states in QKD is found in a recent paper of Gisin et. al. called "Quantum Cryptography"
and was published in the "Review of Modern Physics" (sorry no exact citation - i have 
only the pre-print).

Back to the problem:

The 16% in which the cloning is "wrong", introduce a QBER (equiv to the classical
Bit Error Rate (BER)) in the Quantum channel. Since a system without an eavesdropper
has QBERs of about a few percent this makes it possible to detect the eavesdropper.

[in the case the cloned photon is sent to Bob - in the other case, where the cloned
 photon is used for a measurment, the information gathered by Eve is simply reduced to 84%]

If you use the Wigner protocol, this should also prevent a violation of the Bell inequalities.
(is there a paper which shows the relation between QBER and the Bell inequalities ?)

I think it has been shown that if the information that Eve gathered is less than the information 
of Bob, then it is possible to create a secret key through privacy amplification. This is
important since it tells us that even if our Eavesdropper reduces the cloning attempts (which 
reduces the QBER) it is not possible to reconstruct the key.

Summery: Eve either intruduces enough QBER to detect her, or she does not get enough information
         to reconstruct the key

Result: QC is not broken but it makes the job harder and the achievable QKD bitrates lower


Hannes R. Boehm
Institute of Experimental Physics
University of Vienna 
Botzmanngasse 5 
1090 Wien

web  : http://www.quantum.univie.ac.at/
email: hannes.boehm at exp.univie.ac.at
email:  hannes at boehm.org 
web  :  http://hannes.boehm.org
PGP  :  http://hannes.boehm.org/hannes-pgp.asc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20020513/26811c16/attachment.pgp>

More information about the cryptography mailing list