Imagine a world where the most widely-used cryptographic methods turn out to be broken: quantum computers allow encrypted Internet data transactions to become readable by anyone who happened to be listening. No more HTTPS, no more PGP. It sounds a little bit sci-fi, but that’s exactly the scenario that cryptographers interested in post-quantum crypto are working to save us from. And although the (potential) threat of quantum computing to cryptography is already well-known, this summer has seen a flurry of activity in the field, so we felt it was time for a recap.
How Bad Is It?
If you take the development of serious quantum computing power as a given, all of the encryption methods based on factoring primes or doing modular exponentials, most notably RSA, elliptic curve cryptography, and Diffie-Hellman are all in trouble. Specifically, Shor’s algorithm, when applied on a quantum computer, will render the previously difficult math problems that underlie these methods trivially easy almost irrespective of chosen key length. That covers most currently used public-key crypto and the key exchange that’s used in negotiating an SSL connection. That is (or will be) bad news as those are what’s used for nearly every important encrypted transaction that touches your daily life.
Continue reading “Quantum Computing Kills Encryption”
Quantum cryptography is an emerging field, but low install base hasn’t kept researchers from exploring attacks against it. It’s an attractive technology because an attacker sniffing the key exchange changes the quantum state of the photons involved. All eavesdroppers can be detected because of this fundamental principal of quantum mechanics.
We’ve seen theoretical side-channel attacks on the hardware being used, but had yet to see an in-band attack until now. [Vadim Makarov] from the University of Science and Technology in Trondheim has done exactly that. Quantum key distribution systems are designed to cope with noise and [Makarov] has taken advantage of this. The attack works by firing a bright flash of light at all the detectors in the system. This raises the amount of light necessary for a reading to register. The attacker then sends the photon they want detected, which has enough energy to be read by the intended detector, but not enough for the others. Since it doesn’t clear the threshold, the detectors don’t throw any exceptions. The attacker could sniff the entire key and replay it undetected.
This is a very interesting attack since it’s legitimate eavesdropping of the key. It will probably be mitigated using better monitoring of power fluctuations at the detectors.