Vulnerability in commercial quantum cryptography

August 29, 2010
A security researcher (Ph.D. student Lars Lydersen) is testing a commercial quantum cryptography system in a laboratory, to confirm the security vulnerability. Credit: NTNU

The Norwegian University of Science and Technology (NTNU) and the University of Erlangen-Nurnberg together with the Max Planck Institute for the Science of Light in Erlangen have recently developed and tested a technique exploiting imperfections in quantum cryptography systems to implement an attack.

Countermeasures were also implemented within an ongoing collaboration with leading manufacturer ID Quantique.

is a technology that allows one to distribute a cryptographic key across an optical network and to exploit the laws of to guarantee its secrecy. It makes use of the Heisenberg uncertainty principle - observation causes perturbation - to reveal eavesdropping on an .

The technology was invented in the mid-eighties, with first demonstration less than a decade later and the launch of commercial products during the first years of the century.

Although the security of quantum cryptography relies in principle only on the laws of quantum physics, it is also dependent on the lack of loopholes in specific implementations, just like any other security technology.

"The security of quantum cryptography relies on quantum physics but not only... It must also be properly implemented. This fact was often overlooked in the past," explains Prof. Gerd Leuchs of the University of Erlangen-Nurnberg and the Max Planck Institute for the Science of Light.

Recently, NTNU in collaboration with the team in Erlangen has found a technique to remotely control a key component of most of today's quantum cryptography systems, the , which is reported today in advance online publication.

"Unlike previously published attempts, this attack is imple-mentable with current off-the-shelf components," says Dr. Vadim Makarov, a researcher in the Quantum Hacking group at NTNU, who adds: "Our eavesdropping method worked both against MagiQ Technology's QPN 5505 and ID Quantique Clavis2 systems."

In the framework of a collaboration initiated with ID Quantique, the researchers shared their results with the company prior to publication. ID Quantique has then, with a help of NTNU, developed and tested a countermeasure.

Academic researchers of the two laboratories will continue testing security aspects of quantum cryptography solutions from ID Quantique. "Testing is a necessary step to validate a new technology and the fact that this proc-ess is applied today to quantum cryptography is a sign of maturity for this technology," ex-plains Grégoire Ribordy, CEO of ID Quantique.

Explore further: Quantum cryptography: No Signaling and quantum key distribution

More information: Paper: doi:10.1038/nphoton.2010.214
"How we did it":

Related Stories

Cryptic messages boost data security

November 29, 2007

The Swiss national elections in October 2007 provided the opportunity to witness quantum cryptography in ‘real-life’ action for the first time. Geneva was first in line to test the unbreakable data code developed by Swiss ...

Researchers unite to distribute quantum keys

July 2, 2009

Researchers from across Europe have united to build the largest quantum key distribution network ever built. The efforts of 41 research and industrial organisations were realised as secure, quantum encrypted information ...

World Cup Security Uses Physics To Thwart Hackers

June 21, 2010

South African physicists working to protect data networks at the World Cup hope to provide something that no goalkeeper can promise: perfect defense. They're tapping the laws of physics to prevent hackers from monitoring ...

Recommended for you

Fusion reactors 'economically viable' say experts

October 2, 2015

Fusion reactors could become an economically viable means of generating electricity within a few decades, and policy makers should start planning to build them as a replacement for conventional nuclear power stations, according ...

Iron-gallium alloy shows promise as a power-generation device

September 29, 2015

An alloy first made nearly two decades ago by the U. S. Navy could provide an efficient new way to produce electricity. The material, dubbed Galfenol, consists of iron doped with the metal gallium. In new experiments, researchers ...

Extending a battery's lifetime with heat

October 1, 2015

Don't go sticking your electronic devices in a toaster oven just yet, but for a longer-lasting battery, you might someday heat them up when not in use. Over time, the electrodes inside a rechargeable battery cell can grow ...

Invisibility cloak might enhance efficiency of solar cells

September 30, 2015

Success of the energy turnaround will depend decisively on the extended use of renewable energy sources. However, their efficiency partly is much smaller than that of conventional energy sources. The efficiency of commercially ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Sep 03, 2010
So.... What was the hack? This article reads like a tease to an article. Where's the beef?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.