CyptoBlog

Encryption, Information Theory and Codes

« Technology security firm sounds alarm over VoIP phone vulnerabilities
Another review for the AMS »

Attacks on Quantum Cryptography

Posted by Mario on May 8, 2008

As recently reported in an IEEE On-line magazine, practical implementations of quantum cryptographic systems are exposed to attack. The weakness arises from the need to authenticate the communicating parties. The laws of physic determine that the proverbial eavesdropper Eve will reveal her presence when snooping from a quantum channel.
However, to avoid a trivial man-in-the-middle attack, quantum encryption protocols need to exchange information over a classic channel for authentication purposes. Authentication over a classic channel is subjected to classic attacks targeting the weaknesses of the underlying protocol.
My two comments on this:
Authentication is still ‘the’ problem for many cryptographic systems and;
Prof. Lomonaco’s dictum* is applicable also to quantum encryption.

[*] To be able to communicate in secret one must first communicate in secret

related post

This entry was posted on May 8, 2008 at 5:48 am and is filed under Authentication, Quantum Cryptography, Technology, in the News. . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Attacks on Quantum Cryptography”

  1. Magazine » Attacks on Quantum Cryptography Says:
    May 8, 2008 at 7:49 am

    [...] CyptoBlog wrote an interesting post today on Attacks on Quantum CryptographyHere’s a quick excerptAs recently reported in an IEEE On-line magazine, practical implementations of quantum cryptographic systems are exposed to attack…. [...]

  2. fauzan Says:
    May 26, 2008 at 10:14 am

    Dear Mr,
    I ‘m very interisting in quantum cryptography, would u give more explanation about the practical attack against quantum crypto protocol.
    my best regard

  3. Mario Says:
    May 27, 2008 at 4:42 am

    Fauzan,
    The attack is not on the quantum encryption itself but in the authentication scheme used in this particular implementation. As any other system, quantum encryption can be defeated if the eavesdropper (Eve) has the ability to communicate with Alice and with Bob. This is the classic Man in the Middle attack by which Eve talks to Alice pretending she is Bob and to Bob pretending she is Alice. To start an encrypted communication over a Quantum Channel, a secret key needs to be generated between Alice and Bob and to do that, they need to exchange some information over a classical channel. In one particular implementation the authentication scheme used for the key generation was insecure, opening the possibility for an attacker to mount a Man in the Middle attack.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« Technology security firm sounds alarm over VoIP phone vulnerabilities
Another review for the AMS »