Shostack + Friends Blog Archive


Quantum Cryptography Cracked!


Nature reports that, “Simulation proves it’s possible to eavesdrop on super-secure encrypted messages.” A summary of the attack is that the attacker instigates a quantum entanglement of properties of the photons so that they can infer the information (encoded in polarization) by measuring the entangled property (like momentum). It isn’t a real attack, but as they say, attacks don’t get worse, they only get better.

Despite the fact that quantum cryptography is an extremely cool technology, the quantum crypto crowd has hyped it to the point of being snake oil salesfolks.

It’s understandable why they get overenthusiastic. Let’s suppose you have two buildings and you want a secure link between them. You can set up quantum crypto, or you could use something off-the-shelf, like IPsec. IPsec is cheap. A couple of vpn boxes costing about $50 each would do it. Or you could set it up yourself using open source. On the other hand, a quantum crypto box costs about $50,000. They have to justify why you’d spend three orders of magnitude more for the coolness.

In the past, their justification has included some non-entirely-unfair slams at mathematical cryptography (there is, for example, no proof that factoring is hard), but it’s been followed up with claims that somehow quantum mechanics is better than math.

This has ignored the fact that the math of quantum mechanics has had to dance around dividing by zero as one of the least of the counter-intuitive things in it. If you believe in RSA, you have to believe factoring is hard. If you believe in quantum crypto, you have believe that we understand quantum mechanics and there’s nothing else really weird in it. As near as we can tell, Einstein was wrong when he grumbled about God not playing with dice. It’s a stretch to think that God plays with dice, but doesn’t make them come up snake eyes when someone’s getting pompous.

Apparently, not only does God play with dice, but God has an evil sense of humor, is making faces, thumbing his nose, and snickering behind our backs. Me, I like it that way.

3 comments on "Quantum Cryptography Cracked!"

  • Chris says:

    Is it a coincidence that this happens just after RAW shuffled off this mortal coil?
    I think not.

  • Shamir worked out an attack on the polarization-style quantum key exchange (NOT encryption!) devices years ago. It’s a classic of how to think about security.
    Don’t be seduced by the abstraction of white boxes on a Powerpoint slide exchanging photons. They will be real physical pieces of equipment, they will have a nonzero coefficient of reflection, the fact that something is labeled “transmit” doesn’t stop you from aiming a light at it, and Mallory can read the polarization settings directly without ever looking at an entangled photon by simply firing a laser pulse toward the polarizer on the “transmitter”.

  • Phill says:

    We don’t need to worry about quantum cryptography for decades. Even if the technology is possible nobody who builds a quantum computer is going to let on that they can do it.
    The intelligence value of breaking RSA would be so great that it could only be applied to the very most important material. Using it for Nixonian purposes would quickly lead to the ability becoming public and the loss of the sources.
    A criminal mastermind building a machine would be detected if they tried to use it more than a few times and cryptography is not the only control in the financial systems in any case.

Comments are closed.