Slashdot Mirror

← Back to Stories (view on slashdot.org)

Commercial Quantum Cryptography System Hacked

Posted by Soulskill on from the superposition-of-safe-and-unsafe dept.

KentuckyFC writes "Any proof that quantum cryptography is perfect relies on idealized assumptions that don't always hold true in the real world. One such assumption is related to the types of errors that creep into quantum messages. Alice and Bob always keep a careful eye on the level of errors in their messages because they know that Eve will introduce errors if she intercepts and reads any of the quantum bits in a message. So a high error rate is a sign that the message is being overheard. But it is impossible to get rid of errors entirely, so Alice and Bob have to tolerate a small level of error. This level is well known. Various proofs show that if the quantum bit error rate is less than 20 percent, then the message is secure. However, these proofs assume that the errors are the result of noise from the environment. Now, physicists have come up with an attack based on the realization that Alice also introduces errors when she prepares the required quantum states to send to Bob. This extra noise allows Eve to intercept some of the quantum bits, read them and then send them on, in a way that raises the error rate to only 19.7 percent. In this kind of 'intercept and resend attack,' the error rate stays below the 20 percent threshold and Alice and Bob are none the wiser, happily exchanging keys while Eve listens in unchallenged. The physicists say they have successfully used their hack on a commercial quantum cryptography system from the Geneva-based startup ID Quantique."

2 of 117 comments (clear)

  1. I don't think "prove" means what you think... by pla · · Score: 4, Interesting

    Various proofs show that if the quantum bit error rate is less than 20 percent, then the message is secure. However, these proofs assume that the errors are the result of noise from the environment.
    Then they do not "prove" anything.

    When you start from a false premise, you produce "garbage", not "proofs" (Actually, you can produce some really useful counterfactuals that way, but you wouldn't present it in the context of a proof of the original concept). Particularly when talking about security, what moron would assume any sources of error come from the environment rather than the attacker???

  2. NIST achieved 99% detection efficiency last month by ortholattice · · Score: 4, Interesting

    One the main contributors to the error rate is the photon detection efficiency, where 80% or better is considered "good". In a major breakthrough last month, NIST (yes, the National Institute of Standards and Technology, not some startup company's marketing hype) has achieved a record single-photon detection rates of 99% - and possibly better, since there currently exists no metrology to test that level of efficiency. So in terms of that source of error, things are looking up.