Hacker News new | ask | show | jobs
by ianopolous 3754 days ago
Not an expert on Quantum cryptography, but an ex particle physicist here. The basic idea is that using a quantum channel (sadly means new hardware, so not over tcp), eavesdropping becomes impossible without destroying the quantum state of the signal (guaranteed by the laws of Quantum Mechanics). If an eavesdropper intercepted a message, that would be detectable and you can drop that packet. Wikipedia has a good intro: https://en.wikipedia.org/wiki/Quantum_cryptography
2 comments
smaddox 3754 days ago
And yet, isn't it true that MITM attacks still work, as long as the MITM has the same hardware?
link
roywiggins 3754 days ago
Theoretically, if you intercept in the middle, you destroy the pattern that you observe. This is a physical quantum effect, and will happen no matter what hardware you use

Since the intended use is key distribution, a MITM is fine as long as you can detect it reliably: you can keep sending new keys until one isn't eavesdropped upon, and then use that key.

link
smaddox 3752 days ago
I'm not talking about eavesdropping, I'm talking full on MITM. Cut the connection and insert a middle man. Both sides think they're communicating with their intended target, but they're communicating with you. How does quantum crypto protect you from that?
link
AnthonyMouse 3754 days ago
But how do you detect it reliably?
link
q4h555qh5 3754 days ago
If someone intercepts the quantum key, it will modify it 25% of the time. If you randomly measure (and verify publicly with the sender) a fraction of your total key and find it unmodified, it means the rest of the key probably is too, up to a certain security factor. By starting with a longer key and measuring more of it (or doing privacy amplification, for example xor-ing multiple keys together), you can get as much security as you want. It also means the security is everlasting, meaning someone cannot retroactively break your key in 100 years using some mega-computer.
link
baby 3754 days ago
I read elsewhere that this was completely untrue. I'm really confused on the issue.
link
q4h555qh5 3754 days ago
Maybe it was for a particular implementation? Funny story: the first toy impletementation of Quantum Key Distribution used a device with rotating photon polarizers. Quantum Key Distribution is completely secure so on paper the device was too. However, you could actually hear the polarizers rotating in a way you could intercept the whole secret key... as long as you were not deaf!
link
poizan42 3753 days ago
That's a really good example of a side-channel attack
link