'Unbreakable' quantum cryptography hacked without detection using lasers
<http://www.tgdaily.com/index2.php?option=com_content&task=view&id=39599&pop=1&page=0&Itemid=108
TG Daily 'Unbreakable' quantum cryptography hacked without detection using lasers Security By Rick C. Hodgin Friday, October 03, 2008 22:20 Oslo (Norway) - A Norwegian University of Science student named Vadim Makarov has discovered a vulnerability in what was previously thought to be unbreakable quantum encryption. He is using a form of high intensity laser light to intercept the encrypted data stream covertly. While quantum encryption is regularly used to secure Swiss bank transactions, as well as their much publicized 2007 election results, Makarov claims it's easily hacked. He claims to have developed a black box device which he says, "turns the equipment into a puppet-box that an eavesdropper can control." Quantum encryption is a complex process wherein a stream of paired photons are created at the source. Each has a specific and unique quantum signature that can be detected. The sender and receiver both obtain a secret key used to encrypt the message, without which the message is lost. This form of encryption can be used to determine if the message was intercepted en route. It won't tell who intercepted it, only that it was intercepted. And this form of encryption is often relied upon to insure privacy and security. And now it appears it may all be for naught. According to Makarov, the secret is in the way the sender and receiver communicate their secret key. And it is exactly here where the exploit can be found. His team demonstrated that it is possible to allow the entire transmission to go from sender to receiver without being altered or an intrusion being detected. The intruder simply hooks into what the receiver is receiving (which is actually very complex). Then, by continuing to monitor the follow-on communications back and forth from sender to receiver wherein the secret key is obtained, the intruder is able to decode the transmission without ever having been detected. Makarov and his colleagues say they have developed systems that can defeat two out of the three primary forms of quantum encryption used today. And their research is continuing on the third.
http://arxiv.org/abs/0809.3408 Can Eve control PerkinElmer actively-quenched single-photon detector? Authors: Vadim Makarov, Andrey Anisimov, Sebastien Sauge (Submitted on 19 Sep 2008) Abstract: We show how PerkinElmer SPCM-AQR detector module can be controlled by an eavesdropper using bright optical pulses, by exploiting an obscure flaw in the detector electrical circuit. First experimental results are reported. This loophole may make possible an attack against quantum cryptosystems that use these detectors. Comments: 2 pages, 3 figures. Accepted for poster presentation at the SECOQC international conference in Vienna, October 8-10, 2008 _________ Quantum Hacking http://www.iet.ntnu.no/groups/optics/qcr/
Is this real? are they able to eavesdrop on the channel without being detected? The article also says that the Swiss bank uses quantum crypto? Sarad. --- On Mon, 10/6/08, R.A. Hettinga <rah@shipwright.com> wrote:
From: R.A. Hettinga <rah@shipwright.com> Subject: 'Unbreakable' quantum cryptography hacked without detection using lasers To: "Cryptography" <cryptography@metzdowd.com>, gold-silver-crypto@rayservers.com, cypherpunks@al-qaeda.net Date: Monday, October 6, 2008, 1:11 AM <http://www.tgdaily.com/index2.php?option=com_content&task=view&id=39599&pop=1&page=0&Itemid=108
On Oct 5, 2008, at 9:48 PM, Sarad AV wrote:
Is this real? are they able to eavesdrop on the channel without being detected?
I have no idea.
The article also says that the Swiss bank uses quantum crypto?
There is a QC fiber loop running around Zurich, I believe, though it's been a while since I've heard about it. Cheers, RAH
Schneier today is dogging quantum crypto. And whether he's right or wrong in the long run, the notion that's getting clearly in my own mind is that it's almost impossible for a company to legitimately need such a system, simply because it's so easy to screw up everything else. In other words, QC can only make sense in a near state-of-the-art information security infrastructure, because what us is quantum encrypting your keys if someone can merely grab them in the electronic domain? And what need to for an interloper to do that if you'[ve screwed up the basics and your network is wide open? No, In can't see quantum crypto being practically useful in almost any real-world company. If someone gets ahold of that paper I'd like to see it. Are those detectors burst mode? -TD
Date: Sun, 5 Oct 2008 16:38:26 -0400 To: cypherpunks@al-qaeda.net; rah@shipwright.com From: jya@pipeline.com Subject: Re: 'Unbreakable' quantum cryptography hacked without detection using lasers
http://arxiv.org/abs/0809.3408
Can Eve control PerkinElmer actively-quenched single-photon detector?
Authors: Vadim Makarov, Andrey Anisimov, Sebastien Sauge
(Submitted on 19 Sep 2008)
Abstract: We show how PerkinElmer SPCM-AQR detector module can be controlled by an eavesdropper using bright optical pulses, by exploiting an obscure flaw in the detector electrical circuit. First experimental results are reported. This loophole may make possible an attack against quantum cryptosystems that use these detectors.
Comments: 2 pages, 3 figures. Accepted for poster presentation at the SECOQC international conference in Vienna, October 8-10, 2008
_________
Quantum Hacking
_________________________________________________________________ You live life beyond your PC. So now Windows goes beyond your PC. http://clk.atdmt.com/MRT/go/115298556/direct/01/
participants (4)
-
John Young
-
R.A. Hettinga
-
Sarad AV
-
Tyler Durden