By Hamish Johnston
Over my summer holidays I read the spy-thriller Enigma by Robert Harris. It’s a rip-roaring novel about code breaking at Bletchley Park during the Second World War.
While reading, I couldn’t help wondering what the Bletchley boffins would have done if the Germans had used quantum cryptography to obscure their missives?
That’s why I was very interested to read a paper in Nature Photonics that offers a way to crack messages that are kept private using quantum key distribution (QKD).
QKD allows two parties (call them Alice and Bob) to exchange an encryption key, secure in the knowledge that the key hasn’t been read by an eavesdropper (called Eve).
This guarantee is possible because the key is transmitted in terms of quantum bits (qubits) of information. If intercepted and read by a third party, such qubits are changed irrevocably and this signals the presence of Eve to Alice and Bob.
One major problem facing the makers of any quantum information system is that no technology is “perfect” – and clever hackers could exploit differences between how a device actually operates and the performance assumed by system designers.
Many such “loopholes” have been identified and either fixed by changing the protocol – or have been shown to have a small chance of success.
But Vadim Makarov of the Norwegian University of Science and Technology and colleagues have discovered “how Eve can attack the systems with off-the-shelf components, obtaining a perfect copy of the raw key without leaving any trace of her presence”.
Chilling words…and how the “plug-and-play” system works seems like something out of science fiction.
As far as I can tell, a bright light is used to “blind” the highly-sensitive photon detectors used by Alice and Bob. This allows Eve to seize control of the dazzled correspondents’ QKD kit using a sequence of light pulses. Unaware that this is going on, Alice and Bob deliver the keys straight into Eve’s hands.
The systems in question are commercial QKD products made by ID Quantique and MagiQ Tecnologies. According to Marakov and colleagues, the MagiQ 5505 system has been discontinued and ID Quantique has implemented countermeasures.
Makarov works in the quantum hacking group at Trondheim – which I would like to think is a Nordic Bletchley Park!
You can read about the research at doi:10.1038/nphoton.2010.214.