Re: Quantum Cryptography can not work

In article <es5bkt$ovt$1@xxxxxxxx>, Unruh <unruh-spam@xxxxxxxxxxxxxx> wrote:

Francois Grieu <fgrieu@xxxxxxxxx> writes:

In article <es00fe$r6$1@xxxxxxxx>, Unruh <unruh-spam@xxxxxxxxxxxxxx>
wrote:

"Francois Grieu" <fgrieu@xxxxxxxxx> writes:
Contrary to popular belief (should I say successful PR brainwash),
a trusted courier is also needed to setup a QC link.

Yes, the two parties must share some secret to start with. But the
difference from the classical is that when they have successfully used that
secret to assure each other that they really are who they say they are,
then can then use the quantum channel to exchange another secret-- a far
far larger secret, than before. Ie the quantum system has the attribute of
being able to amplify secrecy. This is not true in the classical system.
Thus they need a one time secret.

If we believe in a courier to convey information with confidentiality
and integrity, and believe in the strength of some crypto primitive,
even a symmetrical one (e.g. 3DES), we can use the courier to setup
a base key, use that initial secret to setup a session key each time
we need to talk, and further expand that session key to exchange huge
secrets.

No, because your enemy could copy all of your discussions.

I agree that QC has the nice property that a future advance in the capacity
of the adversary seems quite unlikely to allow her to break past messages
(since she could not grab them in the first place), something that classical
crypto (including asumetric) can not achieve. For long-term secrets, this
indeed is a plus.


If I'm correctly informed, early QC systems used hypothesis that
have been proved wrong soon after, making the original system unsafe,
thus that notion of trust in physics laws is not just rethoric.

There was no change in the physical laws believed or used. The question
was what, given the physical laws, could one discover about the message.
It was slightly more than they inially thought, so that the algorithms
were refined.

My point is that trust in QC security proofs must be taken with more than
a grain of salt in practice, since past assertion of unbreakability have
been wrong (even though, I'm ready to agree, no change in quantum physics
laws assumed was involved in any attack).
I especially like (because I think I understood it) an attack where
Eve finds the state of the gismo used by Alice to condition the
(hopefully single) photon that she sends to Bob; Eve senses this state
by sending a (relatively massive) light pulse thru the optical path
towards that gismo, when Alice is busy preparing the photon; Eve then
analyze the reflection, deduce the state of the gizmo, disapears
from the path while Alice actually sends her photon, then reenters
the path. Down the drain goes the trust in unconditional security.


Francois Grieu
.

Relevant Pages

  • Re: Quantum Cryptography can not work
    ... a trusted courier is also needed to setup a QC link. ... the two parties must share some secret to start with. ... Eve finds the state of the gismo used by Alice to condition the ...
    (sci.crypt)
  • Re: Quantum Cryptography can not work
    ... a trusted courier is also needed to setup a QC link. ... the two parties must share some secret to start with. ... If we believe in a courier to convey information with confidentiality ... one can serialize classic crypto and QC (much like one can ...
    (sci.crypt)
  • Re: Quantum Cryptography can not work
    ... a trusted courier is also needed to setup a QC link. ... the two parties must share some secret to start with. ... to trusting that quantum physics laws used to prove the QC ...
    (sci.crypt)
  • Re: Security of using sudo rather than su?
    ... Thank you for writing about some of your interesting ideas about using a ... legacy 'su' setup. ... let into the administrator's super secret club. ...
    (Ubuntu)