Making quantum cryptography truly secure

Jun 14, 2011
Dr. Ilja Gerhardt, professor Antía Lamas-Linares and professor Christian Kurtsiefer set up a quantum cryptography system. Credit: 2009 Vadim Makarov www.vad1.com

Quantum key distribution (QKD) is an advanced tool for secure computer-based interactions, providing confidential communication between two remote parties by enabling them to construct a shared secret key during the course of their conversation.

QKD is perfectly secure in principle, but researchers have long been aware that loopholes may arise when QKD is put into practice. Now, for the first time, a team of researchers at the Centre for (CQT) at the National University of Singapore, the Norwegian University of Science and Technology (NTNU) and the University Graduate Center (UNIK) in Norway have created and operated a "perfect eavesdropper" for QKD that exploits just such a loophole in a typical QKD setup. As reported in the most recent issue of Nature Communications, this eavesdropper enabled researchers to obtain an entire shared secret key without alerting either of the legitimate parties that there had been a . The results highlight the importance of identifying in the implementation of QKD as a first step towards fixing them.

Cryptography has traditionally relied on mathematical conjectures and thus may always be prone to being "cracked" by a clever mathematician who can figure out how to efficiently solve a mathematical puzzle, aided by the continual development of ever-faster computers. , however, relies on the and should be infinitely more difficult to crack than traditional approaches. While there has been much discussion of the technological vulnerabilities in quantum cryptography that might jeopardize this promise, there have been no successful full field-implemented hacks of QKD security – until now.

"Quantum key distribution has matured into a true competitor to classical . This attack highlights where we need to pay attention to ensure the security of this technology," says Christian Kurtsiefer, a professor at the Centre for Quantum Technologies at the National University of Singapore.

In the setup that was tested, researchers at the three institutions demonstrated their eavesdropping attack in realistic conditions over a 290-m fibre link between a transmitter called "Alice" and a receiver called "Bob". Alice transmits light to Bob one photon at a time, and the two build up their secret key by measuring properties of the photons. During multiple QKD sessions over a few hours, the perfect eavesdropper "Eve" obtained the same "secret" key as Bob, while the usual parameters monitored in the QKD exchange were not disturbed – meaning that Eve remained undetected.

The researchers were able to circumvent the quantum principles that in theory provide QKD its strong security by making the photon detectors in Bob behave in a classical way. The detectors were blinded, essentially overriding the system's ability to detect a breach of security. Furthermore, this technological imperfection in QKD security was breached using off-the-shelf components.

"This confirms that non-idealities in the physical implementations of QKD can be fully and practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure," says Vadim Makarov, a postdoctoral researcher at the University Graduate Center in Kjeller, Norway. "We can not simply delegate the burden of keeping a secret to the laws of quantum physics; we need to carefully investigate the specific devices involved," says Kurtsiefer.

The open publication of how the "perfect eavesdropper" was built has already enabled this particular loophole in QKD to be closed. "I am sure there are other problems that might show that a theoretical security analysis is not necessarily exactly the same as a real-world situation," says Ilja Gerhardt, currently a visiting scholar at the University of British Columbia in Vancouver, Canada. "But this is the usual game in cryptography – a secure communications system is created and others try to break into it. In the end this makes the different approaches better."

Explore further: Longer distance quantum teleportation achieved

More information: Ilja Gerhardt, Qin Liu, Antía Lamas-Linares, Johannes Skaar, Christian Kurtsiefer, and Vadim Makarov, "Full-field implementation of a perfect eavesdropper on a quantum cryptography system," Nature Communications 2, 349 (2011). Article will be available at www.nature.com/ncomms/journal/… full/ncomms1348.html

A free preprint is available at arxiv.org/abs/1011.0105

Provided by National University of Singapore

5 /5 (1 vote)

Related Stories

Researchers weight safety of quantum cryptology

Mar 31, 2011

Scientists in Belgium and Spain have proved for the first time that new systems of quantum cryptology are much safer than current security systems. The study was published in the journal Nature Communications.

Recommended for you

How cloud chambers revealed subatomic particles

3 hours ago

Atoms are made of electrons, protons and neutrons. Protons and neutrons are in turn made up of quarks. These are just some of the elementary particles that make up the foundation of modern particle physics. ...

When a doughnut becomes an apple

4 hours ago

In experiments using the wonder material graphene, ETH researchers have been able to demonstrate a phenomenon predicted by a Russian physicist more than 50 years ago. They analyzed a layer structure that ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

TabulaMentis
not rated yet Jun 15, 2011
I hope they can design a secure quantum cryptography system before quantum computers become available or we all are going to have a big mess on our hands.