You didn't understand my (I was writing as an Anonymous Coward) criticism. I acknowledged the possibility of using RSA (even though I didn't mention it by name) to provide the authentication, but relying on the security of RSA in my opinion makes this quantum "cryptography" unneccesary:
If I trust to RSA, then I can also use it to encrypt the random session key without any need for quantum "cryptography". On the other hand, if I don't trust to RSA (because of risks of quantum coputing, advances in factorisation algorithms etc), then I cannot use RSA in the authentication mechanism in this quantum "cryptography".
I guess HMAC would be useful in many circumstances, but the advantage it would provide with this quantum "cryptography" would be just exchanging keys more often (compared to using just classical symmetrical encryption). This is because HMAC scheme the use of shared secret (which has to be passed in the first place using some orher scheme than quantum "cryptography", because you cannot trust the QC before you have usable authentication available) and if you don't require new keys often, you can just bypass this quantum "cryptography" + HMAC and just use the shared secret as the key for traditional symmetrical cryptography.
As far as I know, this quantum "cryptography" prevents just passive evesdropping (where the parties are able to notice evesdropping because of this quantum "cryptography"), but as it doesn't include any kind of authentication, active attact (where all the messages are captured and the attacker is able to send his own messages) should be successfull. It is possible for Eve to just hijack all the messages and pretend to be Bob when communicating with Alice and to pretend to be Alice when communicating with Bob.
It is of course possible to make this "cryptography" more secure by using some classical cryptographical methods, like authentication. But if we have rely to public key algorithms (which might become obsolete by advances in quantum computing), then it is not clear to me what is the advantage of using quantum cryptography in the first place. If somebody has answer to this question, I would be glad to hear it.
Slashdot Mirror
Actually, Pakistan has had nukes for several years.
You didn't understand my (I was writing as an Anonymous Coward) criticism. I acknowledged the possibility of using RSA (even though I didn't mention it by name) to provide the authentication, but relying on the security of RSA in my opinion makes this quantum "cryptography" unneccesary: If I trust to RSA, then I can also use it to encrypt the random session key without any need for quantum "cryptography". On the other hand, if I don't trust to RSA (because of risks of quantum coputing, advances in factorisation algorithms etc), then I cannot use RSA in the authentication mechanism in this quantum "cryptography".
I guess HMAC would be useful in many circumstances, but the advantage it would provide with this quantum "cryptography" would be just exchanging keys more often (compared to using just classical symmetrical encryption). This is because HMAC scheme the use of shared secret (which has to be passed in the first place using some orher scheme than quantum "cryptography", because you cannot trust the QC before you have usable authentication available) and if you don't require new keys often, you can just bypass this quantum "cryptography" + HMAC and just use the shared secret as the key for traditional symmetrical cryptography.
As far as I know, this quantum "cryptography" prevents just passive evesdropping (where the parties are able to notice evesdropping because of this quantum "cryptography"), but as it doesn't include any kind of authentication, active attact (where all the messages are captured and the attacker is able to send his own messages) should be successfull. It is possible for Eve to just hijack all the messages and pretend to be Bob when communicating with Alice and to pretend to be Alice when communicating with Bob. It is of course possible to make this "cryptography" more secure by using some classical cryptographical methods, like authentication. But if we have rely to public key algorithms (which might become obsolete by advances in quantum computing), then it is not clear to me what is the advantage of using quantum cryptography in the first place. If somebody has answer to this question, I would be glad to hear it.