Slashdot Mirror

← Back to Stories (view on slashdot.org)

Commercial Quantum Cryptography System Hacked

Posted by Soulskill on from the superposition-of-safe-and-unsafe dept.

KentuckyFC writes "Any proof that quantum cryptography is perfect relies on idealized assumptions that don't always hold true in the real world. One such assumption is related to the types of errors that creep into quantum messages. Alice and Bob always keep a careful eye on the level of errors in their messages because they know that Eve will introduce errors if she intercepts and reads any of the quantum bits in a message. So a high error rate is a sign that the message is being overheard. But it is impossible to get rid of errors entirely, so Alice and Bob have to tolerate a small level of error. This level is well known. Various proofs show that if the quantum bit error rate is less than 20 percent, then the message is secure. However, these proofs assume that the errors are the result of noise from the environment. Now, physicists have come up with an attack based on the realization that Alice also introduces errors when she prepares the required quantum states to send to Bob. This extra noise allows Eve to intercept some of the quantum bits, read them and then send them on, in a way that raises the error rate to only 19.7 percent. In this kind of 'intercept and resend attack,' the error rate stays below the 20 percent threshold and Alice and Bob are none the wiser, happily exchanging keys while Eve listens in unchallenged. The physicists say they have successfully used their hack on a commercial quantum cryptography system from the Geneva-based startup ID Quantique."

15 of 117 comments (clear)

  1. Wouldn't it be better... by jd · · Score: 3, Funny

    ...to e-mail Alice and Bob, rather than advertise that their love-letters are being snooped on?

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    1. Re:Wouldn't it be better... by SomeJoel · · Score: 3, Funny

      I'm not even sure why Eve cares... unless she is Bob's wife, or Alice's husband (Alice still calls "her" Steve).

      --
      <Complete your profile by adding a signature!>
  2. Re:the less sensational headline... by Ethanol-fueled · · Score: 3, Funny

    They could develop more sophisticated measurement techniques, similar to those utilized in modern data/telecom, as error thresholds become lower.

    They could call it the Quantum Bit Error Rate Test, or Q-BERT for short.

  3. Sure, sure, paint me as the bad one again by Anonymous Coward · · Score: 5, Funny

    Really, is a little fidelity in this relationship too much to ask for? I've caught Bob kissing that skank Alice so many fucking times and he always says he's sorry and he'll stop seeing her, but still I can tell they're exchanging information through hidden channels.

    But what I really hate is when people act like I'm so unreasonable by trying to find out what is going on and who my allegedly significant other is seeing behind my back. What the fuck.

    -
    Cryptographically Signed,

    Eve.

    (Inspired by xkcd, of course.)

  4. I don't think "prove" means what you think... by pla · · Score: 4, Interesting

    Various proofs show that if the quantum bit error rate is less than 20 percent, then the message is secure. However, these proofs assume that the errors are the result of noise from the environment.
    Then they do not "prove" anything.

    When you start from a false premise, you produce "garbage", not "proofs" (Actually, you can produce some really useful counterfactuals that way, but you wouldn't present it in the context of a proof of the original concept). Particularly when talking about security, what moron would assume any sources of error come from the environment rather than the attacker???

    1. Re:I don't think "prove" means what you think... by Opportunist · · Score: 4, Funny

      Errors are inevitable. It's a little something called the Heisenberg Uncertainty Principle. Have you heard of it? No?

      I guess the correct answer is maybe. But only possibly so.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:I don't think "prove" means what you think... by Interoperable · · Score: 3, Insightful

      Those "morons" have doctorates in math and physics. What do you have?

      The idea is that if you can account for all known systemic noise sources then anything left will be from the attacker. The proofs set bounds for what error thresholds rule out the possibility of an attacker under given, known sources of noise in the system. The proofs are not wrong, they were simply done using particular sets of assumptions. If those assumptions are not applicable to a particular system, then obviously those calculations wouldn't be used.

      It astounds me that people think they know better than an entire discipline and even more so that they get modded up for doing it. But then again...it is the internet.

      --
      So if this is the future...where's my jet pack?
    3. Re:I don't think "prove" means what you think... by Interoperable · · Score: 4, Informative

      I happen to have have read a number of such papers because it is related to the field that I work in and I have some idea of what is involved in determining bounds on error rates. They are absolutely proofs in the very strictest sense of the word. They state up-front what the assumptions are and derive rigorous proofs within the conditions that were laid out.

      The mathematical premises are completely sound. The only question is what physical system the assumptions used to arrive at those premises apply to. The idealized system is clearly laid out in the paper and can be assessed for how applicable it is to a given physical system. To say that the premises are unsound because the simplifying assumptions may not apply to real systems is to reject any mathematical analysis of the physical world.

      You are confusing the ideas of a premise in mathematics and an assumption in physics. What has been done is the different between a correct analysis of an idealized system. What you claim is that an incorrect analysis of a realistic model has occurred, which is incorrect.

      --
      So if this is the future...where's my jet pack?
  5. Isn't this obvious? by mrsteveman1 · · Score: 5, Funny

    Eve is a fucking spy, arrest her.

    I'm not too sure about Alice and Bob either, seems they're always around when these things happen.

    1. Re:Isn't this obvious? by MRe_nl · · Score: 4, Funny

      It's not that easy.

      She's only called Eve online.

      --
      "Kill 'em all and let Root sort 'em out"
  6. Re:the less sensational headline... by WrongSizeGlass · · Score: 4, Funny

    A 20% error rate isn't good enough to launch a missile, but it's better than a weatherman's accuracy. This tells us that Alice, Bob and Eve don't work for NORAD or the National Weather Service. That narrows down the field considerably. It won't be long before their identities are discovered, posted on TMZ and they won't need these silly quantum encrypted messages anymore.

  7. any lock made by a man by circletimessquare · · Score: 4, Insightful

    can be broken by a man

    depending upon your current situation in life, this is either a wonderfully hopeful or horribly depressing realization

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  8. NIST achieved 99% detection efficiency last month by ortholattice · · Score: 4, Interesting

    One the main contributors to the error rate is the photon detection efficiency, where 80% or better is considered "good". In a major breakthrough last month, NIST (yes, the National Institute of Standards and Technology, not some startup company's marketing hype) has achieved a record single-photon detection rates of 99% - and possibly better, since there currently exists no metrology to test that level of efficiency. So in terms of that source of error, things are looking up.

  9. Re:Quantum Bullshit by Interoperable · · Score: 3, Informative

    Sending out the spoofed message is trivial.

    No it isn't. It's impossible to do it with better than 50% accuracy, which will make the man-in-the-middle very, very detectable. None of the useful information is ever sent using quantum bits, it's only one-time-pad style key. If a man-in-the-middle is detected, the key is not used and no secure information is breached. I mentioned it in an above post, but the best that a "hacker" could ever do is get a few random bits of information out of every hundred, even with this attack. That isn't enough information about the key to extract any information about the message.

    Alice and Bob compare measurement results before send the message. There is theoretically no way to intercept and resend bits or eavesdrop without introducing errors.

    --
    So if this is the future...where's my jet pack?
  10. Re:So, quantum cryptography is fundamentally flawe by TheLink · · Score: 4, Insightful

    Thing is nowadays TB drives are quite cheap. Generate a huge OTP, spread it over three drives at A, spread it over another three drives and send all three to B via three different couriers/paths. Add ECC if you want.

    If they all made it safely without interception. You've got your secure channel. 1TB/128kbps = 2 years. 1TB/256kbps = 1 year.

    You could send more than one set of drives. When they all arrive, you tell the "B" let's start with drive set #5.

    --