Quantum Cryptography In-band Attack

Quantum cryptography is an emerging field, but low install base hasn’t kept researchers from exploring attacks against it. It’s an attractive technology because an attacker sniffing the key exchange changes the quantum state of the photons involved. All eavesdroppers can be detected because of this fundamental principal of quantum mechanics.

We’ve seen theoretical side-channel attacks on the hardware being used, but had yet to see an in-band attack until now. [Vadim Makarov] from the University of Science and Technology in Trondheim has done exactly that (Internet Archive). Quantum key distribution systems are designed to cope with noise and [Makarov] has taken advantage of this. The attack works by firing a bright flash of light at all the detectors in the system. This raises the amount of light necessary for a reading to register. The attacker then sends the photon they want detected, which has enough energy to be read by the intended detector, but not enough for the others. Since it doesn’t clear the threshold, the detectors don’t throw any exceptions. The attacker could sniff the entire key and replay it undetected.

This is a very interesting attack since it’s legitimate eavesdropping of the key. It will probably be mitigated using better monitoring of power fluctuations at the detectors.

[via I)ruid]

10 thoughts on “Quantum Cryptography In-band Attack

  1. funny thing.. Just the other day I was watching a program on Discovery channel about hackers and they mentioned quantum cryptography. the scientist/techie being interviewed about it made a grand statement about how it could not be hacked, since the by observing the photon, it would be altered.

    hehehhe.. soooo funny how many times someone has made such a statement, only to have it proven wrong by the march of progress/hackers.

    no one will ever need more than 256k of ram.

  2. Ingenious. I’m very impressed.

    I’ll admit that like most people my experience with this tech is non-existent, however I think I see a few other ways to attack along this vector.

    The idea of this tech becoming widespread freaks me out and makes me excited all at the same time. Think DRM on your internet connection.

  3. It would be uncrackable if you could use only one photon at a time. At the moment you have to use a pack of photons, because (useable) detectors aren’t sensitive enough to just recogonise one photon. In addition, they use the quantum encryption just for key exchange, the actual data is encrypted with e.g. AES and the like, for speed reasons. That might be a problem in future, as it adds possible attacks (as does every additional step).

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.