[10778] in cryptography@c2.net mail archive
Re: Quantum crypto broken?
daemon@ATHENA.MIT.EDU (Hannes R. Boehm)
Mon May 13 17:19:35 2002
Date: Mon, 13 May 2002 23:15:17 +0200
From: "Hannes R. Boehm" <hannes@boehm.org>
To: Michael_Heyman@NAI.com, cryptography@wasabisystems.com
Message-ID: <20020513211517.GA20342@boehm.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="tThc/1wpZn/ma/RB"
Content-Disposition: inline
In-Reply-To: <DBF2F9C6F6BAD211BB1B00A0C99D9702AFC5F8@GLE-77-205.nai.com>
--tThc/1wpZn/ma/RB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Apr 26, 2002 at 09:36:22AM -0500, Michael_Heyman@NAI.com wrote:
> Would anybody with more knowledge care to comment on this?
>=20
> This article leads one to believe that one can eavesdrop without being
> detected and with nearly 5/6ths confidence of the data on a quantum crypto
> communication. This is in contrast to the claim to fame of quantum crypto
> that the receiver will know if there is an eavesdropper. (This is what ma=
kes
> quantum crypto work when all public key crypto gets broken.)
This is a result from the non-cloning theorem and is well studied in=20
Quantum Cryptography. Even though a practical realization which hits the=20
theoretical limit is quite impressive.
A simpliefied introduction to the consequences of imperfect cloning of quan=
tum=20
states in QKD is found in a recent paper of Gisin et. al. called "Quantum C=
ryptography"
and was published in the "Review of Modern Physics" (sorry no exact citatio=
n - i have=20
only the pre-print).
Back to the problem:
The 16% in which the cloning is "wrong", introduce a QBER (equiv to the cla=
ssical
Bit Error Rate (BER)) in the Quantum channel. Since a system without an eav=
esdropper
has QBERs of about a few percent this makes it possible to detect the eaves=
dropper.
[in the case the cloned photon is sent to Bob - in the other case, where th=
e cloned
photon is used for a measurment, the information gathered by Eve is simply=
reduced to 84%]
If you use the Wigner protocol, this should also prevent a violation of the=
Bell inequalities.
(is there a paper which shows the relation between QBER and the Bell inequa=
lities ?)
I think it has been shown that if the information that Eve gathered is less=
than the information=20
of Bob, then it is possible to create a secret key through privacy amplific=
ation. This is
important since it tells us that even if our Eavesdropper reduces the cloni=
ng attempts (which=20
reduces the QBER) it is not possible to reconstruct the key.
Summery: Eve either intruduces enough QBER to detect her, or she does not g=
et enough information
to reconstruct the key
Result: QC is not broken but it makes the job harder and the achievable QKD=
bitrates lower
Hannes
--=20
---------------------------------------------------------------------
Hannes R. Boehm
---------------------------------------------------------------------
Institute of Experimental Physics
University of Vienna=20
Botzmanngasse 5=20
1090 Wien
Austria
web : http://www.quantum.univie.ac.at/
email: hannes.boehm@exp.univie.ac.at
---------------------------------------------------------------------
email: hannes@boehm.org=20
web : http://hannes.boehm.org
PGP : http://hannes.boehm.org/hannes-pgp.asc
---------------------------------------------------------------------
--tThc/1wpZn/ma/RB
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE84Czj0yN0VkxRWWERArWEAKCGuPYB/Z7eBg/FK6QylVJnT3u20gCaA/en
z5ELxOKZqdBgRl3LKZxAO6o=
=jn/z
-----END PGP SIGNATURE-----
--tThc/1wpZn/ma/RB--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
