Quantum eavesdropper steals quantum keys

Jun 20, 2011 by Lisa Zyga report

(PhysOrg.com) -- In quantum cryptography, scientists use quantum mechanical effects to encrypt and then communicate confidential information. Although quantum cryptography codes are unbreakable in principle, even the best techniques have loopholes in practice that scientists are trying to address. In a recent study, physicists have exposed one of these loopholes by hacking a quantum code, which involved copying a secret quantum key without being detected.

The researchers, Ilja Gerhardt, et al., from the National University of Singapore and the University of Trondheim, have published their study in a recent issue of Nature Communications. Although this is not the first experiment to show that quantum cryptography systems are vulnerable and that a can be secretly copied, it is the first time that someone has actually copied a quantum key.

“This confirms that non-idealities in physical implementations of QKD [quantum key distribution] can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure,” the scientists wrote in their study.

In the quantum cryptography technique explored here, the secret key is the tool that the sender and receiver (“Alice” and “Bob”) use to encode messages. For instance, Alice can send a key in the form of polarized single photons to Bob. Alice randomly polarizes the photons using either a horizontal-vertical polarizer or a polarizer with two diagonal axes. Bob also randomly uses one of the two different polarizers to detect each photon. Then, Bob asks Alice over an open channel which polarizer she used for each photon and compares them to his measurements. The measurement results for which Bob used the correct polarizer now become Alice and Bob’s secret key.

In order to copy this key and intercept a message, an eavesdropper (“Eve”) would have to correctly guess which polarizer to use on every photon that Alice sends Bob. Due to the large number of photons used, it’s unlikely that Eve could choose correctly for very long. When Eve uses an incorrect polarizer, the photon’s polarization is randomized, which makes Bob’s measurement incorrect. This error alerts Bob and Alice to an eavesdropper’s presence, which they can confirm by comparing a small subset of the key on an open line.

In the new study, the showed how to steal the quantum key without being detected in an experiment on a 290-meter-long fiber link at the National University of Singapore. First, they intercepted single photons traveling along the fiber, and then re-emitted bright light pulses with the same polarization to “blind” the photodioides that Bob uses to detect photons.

When blinded, Bob’s photodiodes cannot detect single photons, but instead they respond to the intensity of incoming light pulses. For this reason, Bob can no longer randomly choose a polarizer for each measurement. In their experiment, the researchers intercepted more than 8 million photons in a five-minute span, and then re-emitted corresponding bright pulses; Bob correctly measured all of these bright pulses in the correct detector. So if Alice and Bob were to compare the subset of the key, there would be no errors, and no hint of an eavesdropper on the line.

Now that they have shown how to steal a quantum key without detection, the scientists are working on preventing these attacks from happening and making more secure. One possibility is for Bob to set up a single-photon source in front of his detectors and randomly switch it on just to make sure that his detectors can still register single . If not, the detectors may have been “blinded” by an eavesdropper.

Explore further: Quantum physics just got less complicated

More information: Ilja Gerhardt, et al. "Full-field implementation of a perfect eavesdropper on a quantum cryptography system." Nature Communications, Volume: 2, Article number: 349, DOI: 10.1038/ncomms1348
via: Physics World

Related Stories

'Dead time' limits quantum cryptography speeds

Sep 28, 2007

Quantum cryptography is potentially the most secure method of sending encrypted information, but does it have a speed limit" According to a new paper by researchers at the National Institute of Standards and Technology and ...

Making quantum cryptography truly secure

Jun 14, 2011

Quantum key distribution (QKD) is an advanced tool for secure computer-based interactions, providing confidential communication between two remote parties by enabling them to construct a shared secret key ...

Quantum Mechanical Con Game

May 05, 2008

For the first time, physicists have come up with a scheme that would allow a quantum mechanical expert to win every time in a con game with a victim who only knows about classical physics. Prior quantum cons have typically ...

Recommended for you

Quantum physics just got less complicated

Dec 19, 2014

Here's a nice surprise: quantum physics is less complicated than we thought. An international team of researchers has proved that two peculiar features of the quantum world previously considered distinct ...

Controlling light on a chip at the single-photon level

Dec 16, 2014

Integrating optics and electronics into systems such as fiber-optic data links has revolutionized how we transmit information. A second revolution awaits as researchers seek to develop chips in which individual ...

Fraud-proof credit cards possible with quantum physics

Dec 15, 2014

Credit card fraud and identify theft are serious problems for consumers and industries. Though corporations and individuals work to improve safeguards, it has become increasingly difficult to protect financial ...

User comments : 10

Adjust slider to filter visible comments by rank

Display comments: newest first

flashgordon
not rated yet Jun 20, 2011
Yea, quantum computers are to crack quantum mechanics not for human concerns(other than curiosity which is what humans are for).
fmfbrestel
5 / 5 (1) Jun 20, 2011
This is a problem with one set of hardware, not a problem with quantum cryptography. The receiver is obviously very poorly designed.
Isaacsname
not rated yet Jun 20, 2011
Why does the whole message ( photons ) have to be polarized the same way ? Why can't it alternate between 2 polarization states ?
holoman
not rated yet Jun 20, 2011
fmfbrestel,

I agree, poorly designed experiment and doesn't address
quantum entanglement.
KillerKopy
5 / 5 (1) Jun 20, 2011
So who is going to use this communication when its working properly? Companies or the government?
antialias_physorg
not rated yet Jun 21, 2011
Banks are already using it (and I expect some govrnments are probably using it, too). There are at least two companies on the market that sell quantum key enryption systems (MagiQ and IDQ)
KillerKopy
not rated yet Jun 21, 2011
Thanks antialias, wonder why the author didn't include that info.
scorpio
not rated yet Jun 21, 2011
When will people learn there is no such thing as secure key transfer. Short of creating a wormhole between two points (which we're not even sure is possible), any message can be intercepted. I wish people would learn underlying concepts before running their mouths as to what is and is not possible.
El_Nose
not rated yet Jun 21, 2011
secure key transfer is possible, and a medium which allows for complete security is achievable. As stated this is more of an engineering issue than anything else. Quantum cryptography is essentially uncrackable - if there is a man in the middle they are instantly detectable - this exploit is in the hardware having low tolerances for light intensity.
TabulaMentis
not rated yet Jun 21, 2011
Do not worry! Everything will be fine! Congress will take care of it just like they did with the national debt!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.