Quantum Cryptography
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Fri Jun 22 15:33:52 EDT 2007
On Fri, Jun 22, 2007 at 10:44:41AM -0700, Ali, Saqib wrote:
> Paul: Here you are assuming that key exchange has already taken place.
> But key exchange is the toughest part. That is where Quantum Key
> Distribution QKD comes in the picture. Once the keys are exchanged
> using QKD, you have to rely on conventional cryptography to do bulk
> encryption using symmetric crypto.
QKD fails to "come into the picture", because its key exchange is
unauthenticated.
I can do secure unauthenticated key exchange at zero cost using EECDH
with no special quantum hardware. If the link is MITM-proof, I am done.
> Using Quantum Crypto to do bulk encryption doesn't make any sense. It
> is only useful in key distribution.
What bulk-encryption system am I going to use that is usefully stronger
than EECDH over secp384r1 (or tinfoil hat secp521r1). It is also not
useful for key distribution. It remains (charitably) "fiction".
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list