http://www.kurzweilai.net/news/frame.html?main=/news/news_single.html? id%3D8471 Quantum cryptography broken KurzweilAI.net, April 20, 2008 Two Swedish scientsts, Jorgen Cederlof, now of Google, and Jan-Ake Larsson of Link In a paper published in IEEE Trans. Inf Theory, 54: 1735-1741 (2008), they point out that an eavesdropper could gain partial knowledge on the key in quantum cryptography that may have an effect on the security of the authentication in the later round. By accessing the quantum channel used in quantum cryptography, the attacker can change the message to be authenticated (since the message is influenced by attacker-initiated events on the quantum channel). This, combined with partial knowledge of the key (transmitted on the quantum channel), creates a potential security gap, they suggest. Their proposed solution: simply transmit an extra exchange of a small amount of random bits on the classical (Internet) channel. FAQ: http://www.mai.liu.se/~jalar/qkg/faq.html -- Crypto ergo sum. https://www.subspacefield.org/~travis/ My password is easy to remember; it's the digits of Pi. All of them. If you are a spammer, please email john@subspacefield.org to get blacklisted. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com