Quantum eavesdropper steals quantum keys

June 20, 2011 by Lisa Zyga report

(PhysOrg.com) -- In quantum cryptography, scientists use quantum mechanical effects to encrypt and then communicate confidential information. Although quantum cryptography codes are unbreakable in principle, even the best techniques have loopholes in practice that scientists are trying to address. In a recent study, physicists have exposed one of these loopholes by hacking a quantum code, which involved copying a secret quantum key without being detected.

The researchers, Ilja Gerhardt, et al., from the National University of Singapore and the University of Trondheim, have published their study in a recent issue of Nature Communications. Although this is not the first experiment to show that quantum cryptography systems are vulnerable and that a can be secretly copied, it is the first time that someone has actually copied a quantum key.

“This confirms that non-idealities in physical implementations of QKD [quantum key distribution] can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure,” the scientists wrote in their study.

In the quantum cryptography technique explored here, the secret key is the tool that the sender and receiver (“Alice” and “Bob”) use to encode messages. For instance, Alice can send a key in the form of polarized single photons to Bob. Alice randomly polarizes the photons using either a horizontal-vertical polarizer or a polarizer with two diagonal axes. Bob also randomly uses one of the two different polarizers to detect each photon. Then, Bob asks Alice over an open channel which polarizer she used for each photon and compares them to his measurements. The measurement results for which Bob used the correct polarizer now become Alice and Bob’s secret key.

In order to copy this key and intercept a message, an eavesdropper (“Eve”) would have to correctly guess which polarizer to use on every photon that Alice sends Bob. Due to the large number of photons used, it’s unlikely that Eve could choose correctly for very long. When Eve uses an incorrect polarizer, the photon’s polarization is randomized, which makes Bob’s measurement incorrect. This error alerts Bob and Alice to an eavesdropper’s presence, which they can confirm by comparing a small subset of the key on an open line.

In the new study, the showed how to steal the quantum key without being detected in an experiment on a 290-meter-long fiber link at the National University of Singapore. First, they intercepted single photons traveling along the fiber, and then re-emitted bright light pulses with the same polarization to “blind” the photodioides that Bob uses to detect photons.

When blinded, Bob’s photodiodes cannot detect single photons, but instead they respond to the intensity of incoming light pulses. For this reason, Bob can no longer randomly choose a polarizer for each measurement. In their experiment, the researchers intercepted more than 8 million photons in a five-minute span, and then re-emitted corresponding bright pulses; Bob correctly measured all of these bright pulses in the correct detector. So if Alice and Bob were to compare the subset of the key, there would be no errors, and no hint of an eavesdropper on the line.

Now that they have shown how to steal a quantum key without detection, the scientists are working on preventing these attacks from happening and making more secure. One possibility is for Bob to set up a single-photon source in front of his detectors and randomly switch it on just to make sure that his detectors can still register single . If not, the detectors may have been “blinded” by an eavesdropper.

Explore further: 'Dead time' limits quantum cryptography speeds

More information: Ilja Gerhardt, et al. "Full-field implementation of a perfect eavesdropper on a quantum cryptography system." Nature Communications, Volume: 2, Article number: 349, DOI: 10.1038/ncomms1348
via: Physics World

Related Stories

'Dead time' limits quantum cryptography speeds

September 28, 2007

Quantum cryptography is potentially the most secure method of sending encrypted information, but does it have a speed limit" According to a new paper by researchers at the National Institute of Standards and Technology and ...

Making quantum cryptography truly secure

June 14, 2011

Quantum key distribution (QKD) is an advanced tool for secure computer-based interactions, providing confidential communication between two remote parties by enabling them to construct a shared secret key during the course ...

Quantum Mechanical Con Game

May 5, 2008

For the first time, physicists have come up with a scheme that would allow a quantum mechanical expert to win every time in a con game with a victim who only knows about classical physics. Prior quantum cons have typically ...

Recommended for you

Toward mass-producible quantum computers

May 26, 2017

Quantum computers are experimental devices that offer large speedups on some computational problems. One promising approach to building them involves harnessing nanometer-scale atomic defects in diamond materials.

New technology could revolutionize 3-D printing

May 26, 2017

A technology originally developed to smooth out and pattern high-powered laser beams for the National Ignition Facility (NIF) can be used to 3-D print metal objects faster than ever before, according to a new study by Lawrence ...


Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Jun 20, 2011
Yea, quantum computers are to crack quantum mechanics not for human concerns(other than curiosity which is what humans are for).
5 / 5 (1) Jun 20, 2011
This is a problem with one set of hardware, not a problem with quantum cryptography. The receiver is obviously very poorly designed.
not rated yet Jun 20, 2011
Why does the whole message ( photons ) have to be polarized the same way ? Why can't it alternate between 2 polarization states ?
not rated yet Jun 20, 2011

I agree, poorly designed experiment and doesn't address
quantum entanglement.
5 / 5 (1) Jun 20, 2011
So who is going to use this communication when its working properly? Companies or the government?
not rated yet Jun 21, 2011
Banks are already using it (and I expect some govrnments are probably using it, too). There are at least two companies on the market that sell quantum key enryption systems (MagiQ and IDQ)
not rated yet Jun 21, 2011
Thanks antialias, wonder why the author didn't include that info.
not rated yet Jun 21, 2011
When will people learn there is no such thing as secure key transfer. Short of creating a wormhole between two points (which we're not even sure is possible), any message can be intercepted. I wish people would learn underlying concepts before running their mouths as to what is and is not possible.
not rated yet Jun 21, 2011
secure key transfer is possible, and a medium which allows for complete security is achievable. As stated this is more of an engineering issue than anything else. Quantum cryptography is essentially uncrackable - if there is a man in the middle they are instantly detectable - this exploit is in the hardware having low tolerances for light intensity.
not rated yet Jun 21, 2011
Do not worry! Everything will be fine! Congress will take care of it just like they did with the national debt!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.