Victor.Duchovni at MorganStanley.com
Fri Jun 22 12:07:51 EDT 2007
On Fri, Jun 22, 2007 at 11:33:38AM -0400, Leichter, Jerry wrote:
> | Secure in what sense? Did I miss reading about the part of QKD that
> | addresses MITM (just as plausible IMHO with fixed circuits as passive
> | eavesdropping)?
> | Once QKD is augmented with authentication to address MITM, the "Q"
> | seems entirely irrelevant.
> The unique thing the "Q" provides is the ability to detect eaves-
If I want to encrypt a fixed circuit, I assume that eavesdropping is
omni-present, and furthermore don't want to be constrained to transmit
only when the eavesdroppers have chosen to take a lunch break.
> One can argue about what this adds.
> The current approach of the QKD efforts is to assume that physical
> constraints are sufficient to block MITM.
An interesting assumption.
> It does move the center of the problem, however - and into a region
> (physical protection) in which there is much more experience and perhaps
> some better intuition.
I would conjecture that a lot more people grasp undergraduate mathematics
than undergraduate quantum mechanics...
> Valid or not, it certainly is easier to give people the warm fuzzies by
> talking about physical protection than by talking about math....
"Warm fuzzies" is not in conflict with "fiction".
> In the other direction, whether the ability to detect eavesdropping lets
> you do anything interesting is, I think, an open question. I wouldn't
> dismiss it out of hand. There's an old paper that posits related
> primitive, Verify Once Memory: Present it with a set of bits, and it
> answers either Yes, that's the value stored in me or No, wrong value.
Suppose I install a fake subway entrace, and MITM all the interactions
between the victim's card and the real turnstile where I have a card that
proxies the victims interactions with the fake terminal. Is the system
still secure? Likely not, I would bet The threat model was card forgery,
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography