## How to build a quantum eavesdropper

In the cat and mouse game of preparing and eavesdropping on secret messages, quantum encryption trumps all. At least, that’s what we’ve been told.

The truth is a little more complex. Quantum key distribution, the quantum technique by which a classical encryption key can be transferred, is perfectly secure in theory. In practice, there are a number of loopholes that can give an eavesdropper a grandstand view of the conversation.

Here’s one loophole. The security of quantum encryption schemes depends on our inability to make a copy of a quantum state. If that were possible, Eve could make a copy of the message and pass on the original without anybody being the wiser. But in the quantum world, copying anything destroys the original, so the sender and receiver can always tell if they’ve been overheard by examining the error rates in their message. If it rises above a certain limit, the line is not secure.

That would be pretty convincing were it not for our ability to make imperfect copies of quantum states without destroying the original. That’s a loophole that an eavesdropper can exploit to extract information from a quantum message without the sender or receiver knowing. It should work as long as Eve is careful to keep the error rate below the critical limit.

Today, Yuta Okubo from the University of Tskuba in Japan and a few mates outline the design of a quantum eavesdropper that works on just this principle. They’ve yet to build their device but the publication of its plans should raise the blood pressure in a few government agencies and more than one hi-tech start up that has been selling quantum encryption as a new generation of perfectly secure communication.

Ref: arxiv.org/abs/0806.1778: Proposal of an Eavesdropping Experiment for BB84 QKD Protocol with 1→3 Phase-covariant Quantum Cloner

This entry was posted
on Friday, June 13th, 2008 at 12:39 am and is filed under Hellraisin', Weird 'n' spooky.
You can follow any responses to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.

[...] eavesdropper the physics arXiv blog

Give Yuta an oscar a nobel prize or whatever!!! There’s no reasons for a secret to be *that* secret. Every system must have flaws, for the sake of humankind.

Riv: this is science, not social policy. I happen to have my own views there, but I keep them separate from research.

[...] by rjbiii on June 16, 2008 An interesting post on quantum encryption is found at arXiv. The post explains why quantum encryption is not bullet-proof: Here’s one [...]

Don`t play with quantum physics! This is a forbidden territory for humankind! Only God can access to quantum physics! This warning will not be repeated!

[...] they can already snoop on quantum encryption.

This is good news for advocates of institutional transparency and better ways to implement it. Screw secrets. We need democracy.

As coauthor of the cited paper, due to the incredible attention this post received in some technology related blogs (like SlashDot), I would like here to clarify what it has been done.

The post here profoundly mistakes our work and claims something which is indeed never said in our manuscript. In fact, Quantum Key Distribution is secure (against, of course, reasonable models of eavesdropping attacks–an allmighty eavesdropper could always intercept the key, this is the reason why, for example, the situation is excluded where the eavesdropper is allowed to directly read the monitor of the computer on which the secure data appear). The security proofs we have now are rigorous mathematical theorems. Therefore, QKD is secure (as long as Quantum Mechanics is the “true” description of reality).

What we did in the cited manuscript is to propose a new experimental realization of one amongst many possible attacks which could succeed only against QKD systems presenting some flaws. Our attack is also called “cloning attack”, and is well-known in the literature since years. We simply proposed a different way to implement it, which can be easier and more efficient than some others.

Concluding, I want to stress here that we never claimed in any part of the manuscript that Quantum Cryptography is more insecure now than before. Sorry to delude with my answer the dreams of many frustrated quantum hackers wannabe, but I felt like a clarification was in order.

I’m really confused with the posts that completely misunderstood our paper.

In our paper, we would like to realize one of the optimal cloning attacks

that Eve may attempt during the communication phase, and verify the relation

between the information leakage and disturbance.

As can be seen in the security proofs of QKD protocols, security is based on

the fact that Eve’s information obtained during quantum communication is

bounded by the error probability in the legitimate users.

The information leakage into Eve will thus finally disappear by the privacy

amplification between Alice and Bob.

Therefore, our proposal will not challenge the security of the QKD

protocols, but support it.

We also hope we will learn more about quantum mechanics by exploring

experimental verification of the security on the QKD protocols.

[...] have to think more deeply about this one.

By my opinion, if the practical realization of quantum cryptography depends on the usage of amplifiers to avoid decoherence and occasional lost of signal, everybody can use such redundancy for obtaining private copy of information transferred. This is the consequence of fact, the signal generated by the source must be stronger, then the detection limit at the target for compensation of the losses.