1. If all communication channels are created by an attacker and there is neither pre-shared randomness nor a trusted third party, you cannot guarantee that you're talking to anyone in particular as you have no way of cryptographically verifying their identity. I believe this is unavoidable, quantum crypto or no.
2. However you please. Email, telephone call, in person, etc. Authentication happens during the communication; if the notice of which channel to use were modified, the authentication will fail.
3. I believe the typical approach here is to use a classical authentication scheme (using pre-shared randomness, or some certification system, etc.). All that is needed is to establish the identity of the other entity; encryption is handled using QKD.
(Disclaimer: I am not a cryptographer.)
Slashdot Mirror
1. If all communication channels are created by an attacker and there is neither pre-shared randomness nor a trusted third party, you cannot guarantee that you're talking to anyone in particular as you have no way of cryptographically verifying their identity. I believe this is unavoidable, quantum crypto or no. 2. However you please. Email, telephone call, in person, etc. Authentication happens during the communication; if the notice of which channel to use were modified, the authentication will fail. 3. I believe the typical approach here is to use a classical authentication scheme (using pre-shared randomness, or some certification system, etc.). All that is needed is to establish the identity of the other entity; encryption is handled using QKD. (Disclaimer: I am not a cryptographer.)