Quantum Cryptography

Victor Duchovni Victor.Duchovni at MorganStanley.com
Fri Jun 22 15:33:52 EDT 2007

On Fri, Jun 22, 2007 at 10:44:41AM -0700, Ali, Saqib wrote:

> Paul: Here you are assuming that key exchange has already taken place.
> But key exchange is the toughest part. That is where Quantum Key
> Distribution QKD comes in the picture. Once the keys are exchanged
> using QKD, you have to rely on conventional cryptography to do bulk
> encryption using symmetric crypto.

QKD fails to "come into the picture", because its key exchange is

I can do secure unauthenticated key exchange at zero cost using EECDH
with no special quantum hardware. If the link is MITM-proof, I am done.

> Using Quantum Crypto to do bulk encryption doesn't make any sense. It
> is only useful in key distribution.

What bulk-encryption system am I going to use that is usefully stronger
than EECDH over secp384r1 (or tinfoil hat secp521r1). It is also not
useful for key distribution. It remains (charitably) "fiction".


 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list