Swedish Researchers Break 'Unbreakable' Quantum Cryptography

New submitter etnoy writes: Quantum key distribution is supposed to be a perfectly secure method for encrypting information. Even with access to an infinitely fast computer, an attacker cannot eavesdrop on the encrypted channel since it is protected by the laws of quantum mechanics. In recent years, several research groups have developed a new method for quantum key distribution, called "device independence." This is a simple yet effective way to detect intrusion. Now, a group of Swedish researchers question the security of some of these device-independent protocols. They show that it is possible to break the security by faking a violation of the famous Bell inequality. By sending strong pulses of light, they blind the photodetectors at the receiving stations which in turn allows them to extract the secret information sent between Alice and Bob.

Submitter has no clue what QC is.

[AchilleTalon]

"Quantum key distribution is supposed to be a perfectly secure method for encrypting information. Even with access to an infinitely fast computer, an attacker cannot eavesdrop on the encrypted channel since it is protected by the laws of quantum mechanics. In recent years, several research groups have developed a new method for quantum key distribution, called "device independence." This is a simple yet effective way to detect intrusion. Now, a group of Swedish researchers question the security of some of these device-independent protocols. They show that it is possible to break the security by faking a violation of the famous Bell inequality. By sending strong pulses of light, they blind the photodetectors at the receiving stations which in turn allows them to extract the secret information sent between Alice and Bob."

First of all, quantum key distribution is not a method for encrypting information. As its name judiciously indicates, it is a method to securely exchange encryption keys. This is not the same thing at all.

Second, the speed of the attacker's computer has no role in this attack and quantum key distribution has never claimed a code is unbreakable since there is no code to break here.

Third, quantum key exchange is a protocol, not a cipher. It relies on quantum mechanics features to tell Alice or Bob the just receive key is compromised or not since it is not possible for a man in the middle to observe the key without being noticed. That is the idea behind this mechanism. Once keys are securely exchanged between both parties, a classically encrypted communication can take place between both parties.

Of course, if you are blinding the receiver, it may be possible to tamper with the key, however, the blinded party should notice it has been blinded. The whole thing rests on very low luminosity photons exchange. If the light beam is too strong, it clearly no longer depicted the quantum characteristics needed to secure the key exchange. I don't really see where the problem is here since it is easy to determine the exchange can no longer be trusted due to high luminosity.

And finally, it seems to me this is old news.

Re:Submitter has no clue what QC is.

[etnoy]

You can surely detect my attack by using an optical power meter, but eventually I'll figure out a way around this as well. What our paper really shows is that there is a missing link in the security proof. Fix the proof and you'll be safe forever.

Could you explain your attack in laymans terms? From what you said here, you've not really "broken" quantum encryption and worked around the wave function collapse, rather you've discovered that quantum encryption as currently defined is flawed and immune to the observer effect?

Any QKD protocol relies on a security proof, and the observer effect is only a small part of the puzzle. In this case, we attack the Franson interferometer which uses a security test in the form of a Bell inequality violation to make sure no attack is occurring. We have discovered a way to fake this Bell inequality violation.

Bell's theorem is a very interesting part of physics on it's own, I really recommend looking into the recent Vienna and NIST experiments (good writeup here). The short version is that it allows us to distinguish between "quantum" things and "classical" things with a surprisingly powerful tool, Bell's inequality.

In essence, when measuring Bell's inequality you need data on the form of Probability(A,B), where A is the setting Alice uses for her box and B the setting Bob uses for his box. However, the Franson interferometer is very deceptive here and gives you data on the form Probability(A,B | coincidence), which means you condition on coincidence, i.e. you remove half of the events from the statistical ensemble.

The net result is that you don't really measure Bell's inequality, but a similar but (unfortunately) useless cousin. This paper shows why this happens. Therefore, we can start attacking the system and at the same time, fool the security test. Again, the Franson interferometer removes half of the events, which means the apparent detector efficiency is 50% even in the ideal case.

For even more info, see our previous paper: http://iopscience.iop.org/1751...

Re:It just shows that...

[gtall]

No, it shows that this method of key distribution might be borked, nothing more.

Short logic lesson, your reasoning is indistinguishable in form from: 3 is prime, therefore all numbers are prime.

Or more bluntly: (Ex) P(x) --> (Ax) P(x)

is falsifiable in first-order logic. In English, this is "if there exists some x such that P(x), then for all x it is the case that P(x)."