Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Eavesdrop On Quantum Crypto With Lasers

Posted by timothy on from the wool-over-your-own-eyes dept.

Martin Hellman writes "According to an article in Nature magazine, quantum hackers have performed the first 'invisible' attack on two commercial quantum cryptographic systems. By using lasers on the systems — which use quantum states of light to encrypt information for transmission —' they have fully cracked their encryption keys, yet left no trace of the hack.'"

15 of 161 comments (clear)

  1. Re:pwned by neumayr · · Score: 5, Informative
    Not really. From the article:

    "We have exploited a purely technological loophole that turns a quantum cryptographic system into a classical system, without anyone noticing," says Makarov.

    --
    Truth arises more readily from error than from confusion. -Francis Bacon
  2. So OK... by hyades1 · · Score: 5, Funny

    ...maybe they've cracked it in this universe, but what about all the others?

    --
    I've calculated my velocity with such exquisite precision that I have no idea where I am.
  3. Re:Lessons by neumayr · · Score: 5, Informative
    The underlying principle still is valid, those people exploited a technical loophole - in a process that's part of

    [..] years of dedicated effort in an open environment.

    --
    Truth arises more readily from error than from confusion. -Francis Bacon
  4. Re:pwned by Unipuma · · Score: 5, Informative

    If you read the article, you'll notice that the 'hack' is a classic man in the middle attack, and the receiving end can receive both classic and quantum messages. The man in the middle (after reading the quantum message) passes it on as a classic message, and the receiving device does not give a warning that the message received is a classic message, instead of a quantum message.

    So it's really an design error on the device side, not a true hack in that quantum states were undisturbed regardless of reading them.

  5. not really that bad by mogness · · Score: 4, Informative
    The problem isn't really with quantum encryption, it's with the technical implementation. And anyway, according to the article, they've already figured out a way to detect the hack and defeat it, so it's still pretty solid.

    Makorov informed both companies of the details of the hack before publishing, so that patches could made, avoiding any possible security risk.

    --
    that's teh shizzle bizzle
  6. Re:pwned by PseudonymousBraveguy · · Score: 5, Insightful

    No, it IS a huge problem. If you turn a quantum computing system into a classical system, you basically revert it to sending the key in plaintext. While it does not break the theory of quantum encryption, breaking all (commonly) available implementations of quantum crypto should be enough to be qualified as "huge kick in the balls".

  7. Re:It seems that you could detect this by PseudonymousBraveguy · · Score: 5, Insightful

    Yes, and if I understand the article correctly, the manufacturers developped a patch to fix the hole.

    However, the hack shows (once again), that a system may be secure in theory, but actual implementations of that system may, and will, have bugs that render them insecure. This negates one of the most strong arguments for quantum crypto, i.e. the "proveable" security. If that argument does not hold, you could as well use any common "classical" key exchange algorithm, which also delivers "good, but not 100%" practical security, does not need fixed point-to-point fiber and expensive equipment, and is probably much better tested than the quantum systems.

  8. Re:Commercial Systems by PseudonymousBraveguy · · Score: 4, Interesting

    Quantum cryptography is academic at this point. It is not as strong as old fashioned cryptography (like AES) and is much more expensive. Then I realized that there is no reason that someone can't use both.

    Quantum crypto (at this point) is a key exchange mechanism. Thus, it doesn't compare to AES at all. You HAVE to use quantum crypto together with a classical exncryption algorithm. However, if you use quantom crypto you care about 100% theoretical security. Else you would simply use DH or any other well-known classical key exchange. And if you care about 100% theoretical security, there is no alternative to OTP.

  9. a kick in the balls by davidwr · · Score: 5, Insightful

    A kick in the balls (breaking all current implementations) is not the same as cutting them out and mounting them in a trophy case (proving there can be no secure implementation).

    Either one hurts though.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  10. alice and bob by brainscauseminds · · Score: 4, Funny

    Poor Alice and Bob, they do not have a chance ever to live normal lives without hordes of geeky cryptographers debating/fighting over every bloody bit they exchange.

  11. Why 'hackers' and not 'researchers'? by RevWaldo · · Score: 5, Insightful

    Even respecting the working-all-day-and-night-in-the-basement-computer-lab origin of the term, using 'hacker' in the article seems like a blatant attempt to jazz it up, making it at first glance seem to be more about something akin to bank heist than a story about funded researches working in a university lab trying to find flaws in a security system, with the manufacturer's full approval to boot.

    .

    --
    Prisencolinensinainciusol. Ol Rait!
    1. Re:Why 'hackers' and not 'researchers'? by Vadim+Makarov · · Score: 4, Interesting

      with the manufacturer's full approval to boot

      I'm not sure the manufacturers would approve the existence of our lab if they could dictate it. Thankfully we are independent and need not seek their approval. The manufacturers did appreciate responsible disclosure, though. I don't know how this hacking affects their business in the short term (may as well be detrimental to sales), even though it is surely good for business in the long term as it leads to more secure systems.

      --
      17779 eligible voters in a district, 17779 'vote' as one. This is Russia.
  12. Re:pwned by maxwell+demon · · Score: 5, Interesting

    Well, there are several points here:

    • Every cryptographic security is only up to possible bugs in the implementation (remember the Debian ssh problem?), so exactly 100% security is impossible. However, one difference betweeen the classical and quantum case is that in the quantum case any possible exploit has to be "online" (i.e. you have to actually intercept the actual sent message and manage to manipulate the receiving system), while for classical key exchange the breaking can also be after the fact (i.e. if all you want is the exchanged information, you can passively record all data and then try to break it afterwards). This means that
      1. all communications performed before that exploit was found remains secure (unlike classical protocols where you only need the recorded data to apply any exploit), and
      2. since the attacker has to manipulate the systems during operation, as soon the exploit is known you can take additional measures in order to detect it (e.g. in this case, I think it should be quite easy to detect a relatively strong laser which is continuously shining at the receiving device), thus detecting whether someone tries to exploit it (unlike classical systems, where you have no clue if someone tries to attack your cryptographic system). That is, instead of replacing your whole cryptographic infrastructure (which may be expensive), you can simply add detectors for the manipulation needed for the exploit, so that you only transmit confidential information in case the exploit isn't applied.
    • As the article mentions, the commercial systems add the quantum cryptography on top of the classical cryptography. So if the quantum cryptography is broken, you still have the security of the classical system. On the other hand, if the classical system used is broken (be it because the underlying cryptographic scheme is broken, or be it by exploiting a bug in the specific implementation) then you still have the security of the quantum cryptography.
    --
    The Tao of math: The numbers you can count are not the real numbers.
  13. Article Makes No Sense by SeekerDarksteel · · Score: 4, Interesting

    The article is either missing massive details or these researchers are vastly overstating the power of their technique. The entire _point_ of quantum key exchange is that if Eve intercepts the signal she cannot tell if she read a 0 or a 1 because she does not know which basis the 0 or 1 was generated in. Even IF Eve passed a 1 along every time she read a 1, when Alice and Bob go to do the basis comparison over the standard channel they will notice errors because Eve read the signal in the wrong basis and passed along an incorrect value.

    I've tried reading the actual journal paper, but unfortunately they just seem to handwave this problem away. Maybe there's a reason they can, but its sure as hell not explained as far as I can see unless they're assuming Eve has also compromised the classical channel as well as the quantum channel.

    --
    The laws of probability forbid it!
  14. Re:pwned by WED+Fan · · Score: 4, Interesting

    Why the GP was modded troll is beyond me. This is a "huge kick in the balls". Isn't the point of QC to make it easy to detect if someone has even listened in, let alone broken anything? I'd have to say that what it means is the current implementation of QC is an epic fail. Back to the old drawing board.

    --
    Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.