|
|
|
|
|
|
by mikeiz404
1571 days ago
|
|
|
> The article suggests that quantum key distribution (QKD) is a replacement for a courier, but that is not true. Distributing an initial small secret key (which allows authenticity of the post-processing of the quantum measurements) is still required. Is checking authenticity needed if you’re communicating with just one party? From what I understood from the article the data received can be assumed to be random and private between two parties if a high enough win rate is achieved. Or is checking authenticity to guard against another party taking the entangled particles but not the key used for authenticating? FYI I don’t have very strong knowledge in this area. |
|
|
Otherwise the standard Person-in-the-Middle attack would apply: Eve (claiming to be Bob) first runs a full protocol session (quantum + classical communication) with Alice, resulting in a shared key X. Then she does the same to Bob, resulting in a key Y. When Alice wants to encrypt a message to Bob, she encrypts with X. Eve can decrypt (and optionally re-encrypt with Y and forward the message to Bob).