There is a recent BBC article on a new attack against a key component of Quantum Cryptography: Key Transportation.
There are 3 main components to a cryptographic system:
– The strength of the algorithms used (close/open, random generator, collision, etc)
– The integrity of the system (implementation, key storage, devices security, etc)
– The transportation of keys (no full or partial interception of the keys, etc)
Quantum Cryptography has for some been seen as the future for ensuring the integrity and detection of any interception attempts during key transportation.
I am not a Quantum Physic expert, but what I understand is that key transportation is done through light, where photons of light are sent to the receiver who will inspect the states of those photons to reconstruct the key. It is similar of sending a stream of bits which make the key, apart from the fact that in Quantum Physics a photon has not just a binary state (0/1 or -/+) but multiple values at the same time.
One of the key Quantum property useful for cryptography is that once a stream of photons is inspected, it is “destroyed” or changed. Therefore if someone was trying to evesdrop the receiver would know.
As a side comment, there are a few things that still puzzle me how this can only be a good thing. What about repeaters? you would need those to exchange keys to very far distances? So even if you can guarantee the key hasn’t been intercepted you cannot apply the same “quantum” guarantees to the repeaters (ref Integrity of the System). Furthermore, this could lead to a Denial of Service attack, I don’t see how Quantum Physic Key Exchange infrastructure could be as resilient as today’s internet. You would need specific “light tunnels”, if it gets damaged or if someone tries to intercept the key exchange even in the sole goal of disrupting the exchange process, then keys cannot be exchanged and the communication cannot take place…
Anyway, I would hope they must have thought about all this and have an answer. But what a team of scientists has just done, is to prove they could intercept the key and “blind” both ends into believing the exchange had been successful.
However some scientists have replied it was just a “configuration” problem with the system implementation and that it was possible to detect that attack after all.
Nonetheless, this adds weight to those who believe Quantum Cryptography is not the Saint Graal some claim it is, and that similar implementation issues there are today in “standard” cryptography also exist in “Quantum” Cryptography.
The BBC Article (Summary)
The Norwegian University Article where the paper came from (Original Article)
The Quantum Hacking Group responsible for the discovery (More info)
Below is a great video from the Quantum Hacking Group Website explaining the attack: