Quantum crypto boffins in successful backdoor sniff
Erroneous error-handling undermines bulletproofness
Computer scientists have pulled off what is claimed to be the first successful attack against a commercial system based on theoretically uncrackable quantum cryptography.
Quantum key exchange, which forms the basis of quantum cryptography, relies on a principle of quantum physics that means it is not possible to eavesdrop on single quanta - generally photons in an optical fibre - without changing their state. Alterations would be detected as errors, immediately alerting the intended recipient of a key that there's a problem. When properly implemented, quantum key distribution/exchange offers bullet-proof security.
In practice, however, it is not possible to completely eliminate errors in electronic communications because of factors such as noise and signal degradation. So practical systems accept key exchanges where the error rate is less than 20 per cent.
Feihu Xu, Bing Qi and Hoi-Kwong Lo at the University of Toronto in Canada have developed a subtle "intercept and resend attack" where they eavesdrop on some of the quantum bits sent during a quantum key exchange but not so many as push the error rate over the 20 per sent threshold. The boffins demonstrated such a "phase remapping" attack against commercial quantum cryptography systems from ID Quantique.
As the boffins explain, their attack takes advantage of the mistaken assumption that the sender can prepare the required quantum states without errors.
The ID Quantique system is not broken, they say, but requires tweaking to get over the unsafe assumption that error rates of less than 20 per cent must be due to noise and can be safely disregarded. The attack, as is so often the case in the history of the battle between code makers and code breakers, is an implementation weakness rather than a systemic one.
The work of the Canadian team follows lab-based attacks on quantum crypto set-ups that relied on exploiting internal reflections in kit that generates quantum bits, or the interception of stray photons between detectors and lasers to eavesdrop on supposedly secure communications channels. The Canadian team's paper, Experimental demonstration of phase-remapping attack in a practical quantum key distribution system, can be found here.
A summary of their work can be found in a story by Technology Review here. ®
nice. heh heh
However, I feel compelled to point out that with photons, there is no uncertainty between position and speed. Photons *always* travel at the speed of light in a vacuum (when travelling through anything else, they are statistically 'slowed' by being absorbed and readmitted by intervening atoms, but still travel at c between them). As I understand it, since photons always travel at a known speed, their position cannot be known until they interact with some physical matter (e.g. the back of your eye) and give up their energy. At this point, their position can be known precisely, but they have *no* speed (the 'uncertainty' element that actually comes into play here is that the time at which this interaction occurs cannot be co-measured with the position with perfect precision).
The most common method of quantum cryptography exploits the 'no cloning' theory which you mention above. A secret key is generated as follows:
Alice generates a random sequence of 1s and zeroes. These are encoded in the polarisation of the photons, with one state corresponding to horizontal polarisation, and one as vertical.
For example, 10111100010 would be encoded as -|----|||-|.
The clever bit is then that Alice randomly rotates half of these through 45 degrees, e.g. -/\--\|/|-/
When bob measures the photons, he randomly measures half of the bits with a 45 degree bias. Only the bits which are generated and measured with the same bias remain, Bob informs Alice of which photons he measured, but not the values. Both parties then know the exact state of half the photons, which are used as teh cryptographic key.
Any observer in the middle would affect the polarisation of the photons by measuring them, and also introduce a delay if they attempted to recreate the photons with the same polarisation. This alerts Alice and Bob, who would discard the values encoded in those photons, and send new ones.
A good explanation of this is here: http://en.wikipedia.org/wiki/Quantum_cryptography
And the mathematical basis for it here: http://en.wikipedia.org/wiki/BB84
Sorry but fail to see how this is a big achievement...
They've managed to get less then 20% of a message without setting off alarm bells. Sorry but that doesnt seem like a huge achievement. With less then 20% your not going to be able to decipher what the original message was.
If they had managed to intercept 20% of the message without any error messages being received at all then thats somethiing to crow about, but this - meh! It just says we need to reduce the allowable error percentage. Problem solved.