Quantum Cryptography

Victor Duchovni Victor.Duchovni at MorganStanley.com
Fri Jun 22 15:33:52 EDT 2007


On Fri, Jun 22, 2007 at 10:44:41AM -0700, Ali, Saqib wrote:

> Paul: Here you are assuming that key exchange has already taken place.
> But key exchange is the toughest part. That is where Quantum Key
> Distribution QKD comes in the picture. Once the keys are exchanged
> using QKD, you have to rely on conventional cryptography to do bulk
> encryption using symmetric crypto.

QKD fails to "come into the picture", because its key exchange is
unauthenticated.

I can do secure unauthenticated key exchange at zero cost using EECDH
with no special quantum hardware. If the link is MITM-proof, I am done.

> Using Quantum Crypto to do bulk encryption doesn't make any sense. It
> is only useful in key distribution.

What bulk-encryption system am I going to use that is usefully stronger
than EECDH over secp384r1 (or tinfoil hat secp521r1). It is also not
useful for key distribution. It remains (charitably) "fiction".

-- 

 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list