quantum hype
David Wagner
daw at cs.berkeley.edu
Sat Sep 13 17:43:32 EDT 2003
> On 09/13/2003 05:06 PM, David Wagner wrote:
> > Quantum cryptography *assumes* that you
> > have an authentic, untamperable channel between sender and receiver.
>
> Not true. The signal is continually checked for
> tampering; no assumption need be made.
Quantum crypto only helps me exchange a key with whoever
is on the other end of the fibre optic link. How do I know
that the person I exchanged a key with is the person I wanted
to exchange a key with? I don't ... unless I can make extra
assumptions (such as that I have a guaranteed-authentic channel
to the party I want to communicate with).
If I can't make any physical assumptions about the authenticity
properties of the underlying channel, I can end up with a scenario
like this: I wanted to exchange a key securely with Bob, but instead,
unbeknownest to me, I ended up securely exchanging key with Mallet.
I believe the following is an accurate characterization:
Quantum provides confidentiality (protection against eavesdropping),
but only if you've already established authenticity (protection
against man-in-the-middle attacks) some other way.
Tell me if I got anything wrong.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list