Eavesdropping on quantum cryptography
Researchers in Singapore and Norway have just shown how it's possible to eavesdrop undetected on a communications link that's protected by one particular implementation of quantum cryptography. This isn't an attack on quantum cryptography in general. Instead, it's an attack on a particular implementation of a particular type of quantum cryptography.
This ought to be sounding very familiar to anyone with more than a casual interest in cryptography. Without the word "quantum," this really describes lots of attacks that have made the news in the past few years in which someone finds an attack that doesn't work in general, but works against one particular implementation of one particular type of cryptography.
Here's how the researchers describe their work:
The stated goal of quantum key distribution (QKD) is to grow a secret key securely between two parties with a minimum of additional assumptions. The number of assumptions has been continuously reduced, from requiring the validity of quantum mechanics in early QKD, to more general constraints on the laws of physics in device-independent QKD. Despite steady theoretical progress in dealing with known limitations of current technology, in practice the security of QKD relies not only on the quantum protocol but on the physical implementation. A variety of attacks have been conceived to exploit weaknesses of current systems. Here we demonstrate the first full field implementation of an eavesdropper attacking an established QKD connection. The eavesdropper obtains the complete 'secret' key, while none of the results measured by the legitimate parties indicate a breach in security. This confirms that non-idealities in physical implementations of QKD can be fully exploitable.
As we often see with quantum cryptography, there's a certain amount of spin involved in how the work is described. Here's what one of the researchers said about the implications of this work:
"Quantum key distribution has matured into a true competitor to classical key distribution. This attack highlights where we need to pay attention to ensure the security of this technology," says Christian Kurtsiefer, a professor at the Centre for Quantum Technologies at the National University of Singapore.
The claim that quantum cryptography has matured into a true competitor to classical key distribution is a good example of this type of spin. That's really just wishful thinking on the part of researchers who want to get funding for their future work. Except for a few proof-of-concept systems, we probably won't be seeing quantum cryptography used much in the near future. It just doesn't solve any problems that people are willing to pay to have solved. At least not yet.