Making quantum cryptography truly secure

Jun 14, 2011
Dr. Ilja Gerhardt, professor Antía Lamas-Linares and professor Christian Kurtsiefer set up a quantum cryptography system. Credit: 2009 Vadim Makarov

Quantum key distribution (QKD) is an advanced tool for secure computer-based interactions, providing confidential communication between two remote parties by enabling them to construct a shared secret key during the course of their conversation.

QKD is perfectly secure in principle, but researchers have long been aware that loopholes may arise when QKD is put into practice. Now, for the first time, a team of researchers at the Centre for (CQT) at the National University of Singapore, the Norwegian University of Science and Technology (NTNU) and the University Graduate Center (UNIK) in Norway have created and operated a "perfect eavesdropper" for QKD that exploits just such a loophole in a typical QKD setup. As reported in the most recent issue of Nature Communications, this eavesdropper enabled researchers to obtain an entire shared secret key without alerting either of the legitimate parties that there had been a . The results highlight the importance of identifying in the implementation of QKD as a first step towards fixing them.

Cryptography has traditionally relied on mathematical conjectures and thus may always be prone to being "cracked" by a clever mathematician who can figure out how to efficiently solve a mathematical puzzle, aided by the continual development of ever-faster computers. , however, relies on the and should be infinitely more difficult to crack than traditional approaches. While there has been much discussion of the technological vulnerabilities in quantum cryptography that might jeopardize this promise, there have been no successful full field-implemented hacks of QKD security – until now.

"Quantum key distribution has matured into a true competitor to classical . This attack highlights where we need to pay attention to ensure the security of this technology," says Christian Kurtsiefer, a professor at the Centre for Quantum Technologies at the National University of Singapore.

In the setup that was tested, researchers at the three institutions demonstrated their eavesdropping attack in realistic conditions over a 290-m fibre link between a transmitter called "Alice" and a receiver called "Bob". Alice transmits light to Bob one photon at a time, and the two build up their secret key by measuring properties of the photons. During multiple QKD sessions over a few hours, the perfect eavesdropper "Eve" obtained the same "secret" key as Bob, while the usual parameters monitored in the QKD exchange were not disturbed – meaning that Eve remained undetected.

The researchers were able to circumvent the quantum principles that in theory provide QKD its strong security by making the photon detectors in Bob behave in a classical way. The detectors were blinded, essentially overriding the system's ability to detect a breach of security. Furthermore, this technological imperfection in QKD security was breached using off-the-shelf components.

"This confirms that non-idealities in the physical implementations of QKD can be fully and practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure," says Vadim Makarov, a postdoctoral researcher at the University Graduate Center in Kjeller, Norway. "We can not simply delegate the burden of keeping a secret to the laws of quantum physics; we need to carefully investigate the specific devices involved," says Kurtsiefer.

The open publication of how the "perfect eavesdropper" was built has already enabled this particular loophole in QKD to be closed. "I am sure there are other problems that might show that a theoretical security analysis is not necessarily exactly the same as a real-world situation," says Ilja Gerhardt, currently a visiting scholar at the University of British Columbia in Vancouver, Canada. "But this is the usual game in cryptography – a secure communications system is created and others try to break into it. In the end this makes the different approaches better."

Explore further: Simon's algorithm run on quantum computer for the first time—faster than on standard computer

More information: Ilja Gerhardt, Qin Liu, Antía Lamas-Linares, Johannes Skaar, Christian Kurtsiefer, and Vadim Makarov, "Full-field implementation of a perfect eavesdropper on a quantum cryptography system," Nature Communications 2, 349 (2011). Article will be available at… full/ncomms1348.html

A free preprint is available at

Provided by National University of Singapore

5 /5 (1 vote)

Related Stories

Researchers weight safety of quantum cryptology

Mar 31, 2011

Scientists in Belgium and Spain have proved for the first time that new systems of quantum cryptology are much safer than current security systems. The study was published in the journal Nature Communications.

Recommended for you

How the hummingbird achieves its aerobatic feats

11 hours ago

( —The sight of a tiny hummingbird hovering in front of a flower and then darting to another with lightning speed amazes and delights. But it also leaves watchers with a persistent question: How ...

New terahertz device could strengthen security

Nov 21, 2014

We are all familiar with the hassles that accompany air travel. We shuffle through long lines, remove our shoes, and carry liquids in regulation-sized tubes. And even after all the effort, we still wonder if these procedures ...

CERN makes public first data of LHC experiments

Nov 21, 2014

CERN today launched its Open Data Portal where data from real collision events, produced by experiments at the Large Hadron Collider (LHC) will for the first time be made openly available to all. It is expected ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Jun 15, 2011
I hope they can design a secure quantum cryptography system before quantum computers become available or we all are going to have a big mess on our hands.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.