Quantum crypto, from BBC

Dave Howe DaveHowe at gmx.co.uk
Sat Jun 7 14:08:53 EDT 2003 

Udhay Shankar N wrote:
> I haven't seen this discussed here yet. Is there something to this?

For limited applications, yes

QC in the form usually found in recent tests is actually quite simple.

The sender generates some good random binary data (from an unknown source,
doesn't really matter) and sends it encoded in the polarization of a photon
(one of four states - so two bits are needed at this point per photon; the
first encodes a choice of axes (horizontal+vertical or the diagonals) and
the second an orientation (so for example a 0 could be represented by
horizontal and 1 by vertical, or if the diagonal filter is in use, 0 by a \
and 1 by a /) )
The recipient filters the photons using a random choice of filter - and
transmits the choice of filter back to the sender. From this, the sender
will know if the recipient received the photon encoded properly or not - a
vertical filter would "see" a photon for a vertically encoded 1, not see one
for a horizontally encoded 0, and have a chance to see either a \ or a / but
if it is a decent filter, would not see them at all; the same idea rotated
45 degrees applies to the diagonal filter.
The sender then tells the recipient which filters he got right. Both now
have a set of bits that they alone know, are completely randomly generated,
and can be used as a key for conventional crypto (or if it is important
enough, OTP)

>From this, it should be obvious that you need a fairly clean, predictable
photon path - usually a fiberoptic, so that you can predetermine the
reference axes at both ends of the cable. even a free-air path is usually
too vunerable to distortion and/or photon loss, so is unsuitable.  So, for
the limited case where you can create a single, unbroken optic path between
two sites, and maintain it in a state where it can't be broken by a third
party for a literal mitm attack, it is a perfectly feasable scheme for
transmitting keys. Not likely to replace a trusted courier with a dozen
cheap CDR burnt with keydata in the near future though


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list