Quantum Cryptography
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Sat Jun 30 12:46:29 EDT 2007
On Jun 29, 2007, at 10:44 AM, Steven M. Bellovin wrote:
> It's very valid to criticize today's products, and it's almost
> obligatory to criticize over-hyped marketing. As I said, I don't
> think
> today's products are useful anywhere, and the comparisons vendors draw
> to conventional cryptography are at best misleading. But let's not
> throw the baby out with the bathwater.
The problem I have with QC is that, as others have amply pointed out,
there is a lot of bathwater but not much of a baby to speak of. If
someone created a protocol that does a DH exchange at the beginning
and then throws away the secret and performs the rest of the
communication in plaintext, we'd hardly call the resulting system a
"cryptographic protocol". Really, we'd be hesitant to use any form of
the word cryptography in the description.
"QC", however, does something exactly analogous: it performs a
quantum key exchange and then falls back on classical primitives.
It's at best confusing, fallacious and disingenuous to refer to such
setups as quantum cryptography, though I understand "classical
encryption with quantum key exchange" has less of a marketable ring
to it.
So, by all means, let the QKD and related research continue. It's
interesting, it's cool, it's *important* work. But when the folks
behind it are talking to those of us who understand and work with
cryptography every day, they need to do a much better job at not
letting their own imprecise and almost deceitful terminology paint
themselves in a corner and trigger our snakeoil detectors. I deeply
support Jon's proposal of renaming the whole thing "quantum secrecy",
in which case I'd get off my snark horse and show more respect for
the whole thing.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list