How To Build a Quantum Eavesdropper

KentuckyFC writes "Quantum encryption is perfectly secure, in theory. In practice, however, there are loopholes. Now Japanese scientists have designed a quantum eavesdropper that exploits one of these loopholes to listen in to quantum conversations. QC's security arises from the impossibility of making a perfect copy of a quantum object without destroying it — so the sender and receiver can always tell if they've been overheard. But it turns out that an eavesdropper can make imperfect copies and use them to extract information from a quantum message without alerting sender or receiver (abstract). The Japanese design does just this. That should worry banks and government agencies that have begun to use some of the commercial quantum encryption systems now available."

Long time lurker, first time poster

[Anonymous Coward]

Having been involved in abstract quantum physics in my college grad student days, I can say that this is quite a tall order. The whole point of quantum cryptography is that the observation changes the system to the point that (a) eavesdropping disturbs the communications to the point of making it unusable and (b) due to (a) it is detectable oh what the hell am I talking about. First post. That's right, I just nailed a frosty.

Banks using modern crypto? Hah!

[StandardCell]

The banking sector is probably one of the slowest in terms of uptake of new crypto technologies. A huge number are still using 3DES or RC4 for symmetric to protect customers transactions. If you don't believe me, check out Citibank's Online Banking [citibank.com] with "highly modern" RC4. I've seen 40-bit encryption on current express-pay keytags at a certain coffee chain which is almost trivial to crack with little cost by today's computers. In too many cases, it's the same old HSMs accelerating crypto transactions in servers as were in the last decade.

Granted, 3DES is actually not truly that bad in terms of its 112-bit effective security compared to AES-128 (though it's not the weak point when you use 80-bit effective RSA1024). However, just because ANSI X9 has started including modern technologies like ECC and AES or other technologies like quantum crypto are promising, you can bet that the banking industry will be one of the last groups to take up more modern crypto technology. Heck, even the NSA is mandating Suite B with ECC and AES by 2010 for government security! It's one of the few government agencies to actually act faster than the private sector.

Finally, I wonder if the original poster could show the relevant ANSI X9 aka banking security standard which calls out quantum crypto. I don't think I've seen one, and the banking industry typically lives and dies by X9.

Multi-layered security

[janvo]

If the 'eavesdropper' can only make 'imperfect' copies then it seems to me using multiple levels of security would defeat the eavesdropper. For example private key encrypted data being tunneled over the quantum channel. Using this technique they would get a copy of imperfect encrypted data - which would be impossible to decrypt even if you had the private key .

Re:Not so hard

[mea37]

If N is too high, you don't get enough information.

If N is too low, you drive the error rate high enough that the communication is no longer regarded by the parties as secure.

N is always either too high, too low, or both.

tough abstract

[Main Gauche]

It's a lucky thing the summary was good, because the only thing I could learn from the linked abstract is that "Francesco" is a Japanese name.