[staunton]

> Only the key exchange step with an authenticated endpoint is 100% secure.

It's 100% secure in theory, assuming a model of the hardware (which is impossible to verify even if you could build it to "perfectly" satisfy all model assumptions, which of course you also can't).

[SAI_Peregrinus]

Yeah, the key exchange portion is secure. The resulting shared secret in RAM, on the other hand, is only as secure as the computer it's on. The moment you're out of the quantum realm by measuring the exchanged quanta, you lose the 100% security guarantee of the quantum portion of the key exchange. The Q part of QKD is actually secure, it's just that it's also useless and QKD as a whole exists mostly to fleece investors. It's a nerdy party trick, not a serious security mechanism.

[staunton]

There is no such thing as a magical "quantum realm". Devices performing quantum state preparation or measurements are just devices. They aren't perfect and can never be made to "100%" satisfy any assumptions.

The Q part is secure in theory, assuming your devices satisfy a specific theoretical model. That's not a 100% guarantee. In fact, it's just the same kind of guarantee as we get for any other security system: "We carefully examined the system and it seems like it satisfies the assumptions of our theoretical model, thus promising security".

Not that this is a bad thing, it's just that "quantum" doesn't make anything "magically 100% secure". There's no such thing as "100% security".

[SAI_Peregrinus]

Yeah, I should have specified "the photon packet in the fiber" instead of generic "quantum", but there isn't always actually a photon packet even when light is the medium, and there isn't always a fiber, and just mashing it all up as "quantum" was faster. Any interference with the actual stuff that's doing the information exchange will cause the communication to fail, so that one part of the system can't be eavesdropped on passively.