Quantum Key Distribution: the bad idea that won't die...

[Perry E. Metzger]

silky <michaelslists at gmail.com> writes:
> On Thu, Apr 22, 2010 at 12:04 PM, Perry E. Metzger <perry at piermont.com> wrote:
>> > > No one is doing that, though. People are working on things like faster
>> > > bit rates, as though the basic reasons the whole thing is useless were
>> > > solved.
>> >
>> > I don't think you can legitimately speak for the entire community as
>> > to what or not they may be doing.
>>
>> I think I can, actually. I know of very few people in computer security
>> who take QKD seriously. I feel pretty safe making these sorts of
>> statements.
>
> But QKD is more about Physics than computer security.

I agree it is an interesting physics trick -- considerable fun to read
about. I disagree that it is of use in making computer systems secure.

> Yes, I never stated the opposite (quote tree left intact). You were
> saying that it is only as "strong" as the classical system. It is
> clearly shown that the security of a QKD system *after* authentication
> is *stronger* than classical, due to the OTP.
>
> If what you meant to say was "it is broken if authentication is
> broken" then the answer is obviously "yes". But the strength, in
> cryptographic terms, is clearly better.

Lets look at the two possible scenarios.

If the conventional crypto is secure, then the whole system is secure.
If the conventional crypto is insecure, then the whole system is
insecure.

Looks to me like the system is only as strong as the classical
system. If the classical system is unbroken, you don't need the QKD
box. If the classical system is broken, the QKD box adds no
security. Ergo, the system is only as strong as the classical system.


Perry
-- 
Perry E. Metzger		perry at piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com