[11110] in cryptography@c2.net mail archive
Re: Quantum Computing Puts Encrypted Messages at Risk
daemon@ATHENA.MIT.EDU (Hannes R. Boehm)
Sun Jul 14 10:50:31 2002
Date: Sun, 14 Jul 2002 16:45:36 +0200
From: "Hannes R. Boehm" <hannes@boehm.org>
To: Ian Hill <Ian@Protonic.com>
Cc: cryptography@wasabisystems.com
In-Reply-To: <20020711195029.A2690@Katmai.IanHill.org.uk>
--0F1p//8PRICkK4MW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jul 11, 2002 at 07:50:30PM +0100, Ian Hill wrote:
> >=20
> > Hammond said that his company, scheduled for a public launch this
> > September, will have a "commercially available solution" in 2003. The
> > Somerville, Massachusetts-based company is developing a prototype
> > quantum cryptographic device that can be used on telecom fiber and is
> > immune to eavesdropping, or so the company claims.
> >=20
> > The device is also "future-proof" because, according to MagiQ
> > Technologies, it is invulnerable to advances in algorithms and
> > computing technology.
> Now I'm neither a professional cryptographer or professional quantum
> physicist, so any of the above could be incorrect. I'd love to be proven
> wrong - I fancy the idea of unbreakable encrption as much as the next
> man, but surely the way mankind has broken cipher after cipher, and
> challenged theorum after theorum should have made people a little
> dubious when the word "unbreakable" is bounded around. Besides, we all
> know the devil is in the implementation. Even if QKD is unbreakable on
> paper, an engineer is sure to break it ;-)
>=20
> When I first read The Code Book (Simon Singh), I drooled endlessly at
> the idea of Unbreakable Encryption, until I became a little more
> cynical. I questioned Dr Singh on this when he came and gave a lecture
> in Cheltenham UK recently, and his best answer was that QKD is so secure
> because "its a different kind of system. Its not like conventional
> encryption." [synopsis - not direct quotation]. I'm not thorougly
> convinced.
>=20
> Can anyone (politely) prove this mere outsider wrong?
QKD is a way to prevent a possible eavesdropper to listen to the=20
Key Distribution System. In classical encryption the fist step is
always to intercept the encrypted message - this is where QC starts.
The key, which is later used as a classical One-Time-Pad, is distributed in=
a way
a eavesdropper can be detected, it can not be prevented though. This opens
the doors for DoS attacks. But: If the key has been transmitted without
an eavesdropper, than we have a 100% truly random one-time pad which has=20
been prooven to be unbreakable.
An eavesdropper can be detected by the amount of Quantum Noise he introduce=
s in the
Quantum channel. Since a Qubit (Qutrit or Qunit) can not be cloned perfectly
every attempt to listen to the Quantum Channel introduces some noise. This =
noise
is added to the noise already present on the Quantum channel. If the Quantu=
m noise
reaches a certain theoretical ratio, we know that someone listens to the ch=
annel.
One word on cloning: Yes, cloning is possible ! No, it does not break QKD !
Copying of quantum states is possible, but not in a deterministic fashion. =
The=20
maximum (theoretical) probability to get an identical copy of a qubit is 5/=
6.=20
This has been demonstrated already experimentaly. Since there is a functona=
l=20
dependence between noise and extracted information, this is just an additi=
onal=20
factor. It just reduces the distances we can reach, and the bitrates we can=
achieve.=20
(It can be shown that perfect quantum cloning is not possible for what type=
of cloning
mechanism whatsoever - AND (independently of the proof): if it would be po=
ssible, we could=20
communicate with speeds faster than that of light and therefore it would =
also violat
special relativity)
What we have here is a theory which is almost as old as the special theory =
of relativity
and has not yet prooven wrong. This theory tells us that there is no way wh=
atever, that
a possible eavesdropper can listen to the key exchange. It also tells us th=
at if we=20
use either a Quantum random number generator or an entangled photon QKD sys=
tem, that=20
we get absolutly random numbers.
I recomend everyone who is interested in QKD to read an introduction to qua=
ntum=20
theory. Everything QKD is about is just plain vector multiplication. It is =
a=20
beautiful (=3Dsimple) theory.=20
Okay. If you have questions, please feel free to drop me an email.
I am currently in my final year of graduate studies in physics. For=20
my diploma thesis, I am working on a project in the field of=20
Experimental Quantum Information. So hopfully I might be able to answer som=
e of=20
your questions :-)
http://www.quantum.univie.ac.at/research/crypto/index.html
BTW: there are already comercial QKD systems available
Hannes
--=20
---------------------------------------------------------------------
Hannes R. Boehm
---------------------------------------------------------------------
Institute of Experimental Physics
University of Vienna=20
Boltzmanngasse 5=20
1090 Wien
Austria
web : http://www.quantum.univie.ac.at/
email: hannes.boehm@exp.univie.ac.at
---------------------------------------------------------------------
email: hannes@boehm.org=20
web : http://hannes.boehm.org
--0F1p//8PRICkK4MW
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD4DBQE9MY6P0yN0VkxRWWERAmIfAJdDzT43Dafhks2tMEJIOB4/U6R8AJ4vVAQ2
IBzSbTlEtariVlwdXSdOFw==
=Oex9
-----END PGP SIGNATURE-----
--0F1p//8PRICkK4MW--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
