A View from Emerging Technology from the arXiv
Commercial Quantum Cryptography System Hacked
Physicists have mounted the first successful attack of its kind on a commercial quantum cryptography system.
When it comes to secure messaging, nothing beats quantum cryptography, a method that offers perfect security. Messages sent in this way can never be cracked by an eavesdropper, no matter how powerful.
At least, that’s the theory. Today, Feihu Xu, Bing Qi and Hoi-Kwong Lo at the University of Toronto in Canada say they have broken a commercial quantum cryptography system made by the Geneva-based quantum technology startup ID Quantique, the first successful attack of its kind on a commercially-available system.
Here’s how they did it. Any proof that quantum cryptography is perfect relies on assumptions that don’t always hold true in the real world. Identify one of these weaknesses and you’ve found a loophole that can be exploited to hack in to such a system.
The new attack is based on assumptions made about the types of errors that creep in to quantum messages. Alice and Bob always keep a careful eye on the level of errors in their messages because they know that Eve will introduce errors if she intercepts and reads any of the quantum bits. So a high error rate is a sign that the message is being overheard.
However, it is impossible to get rid of errors entirely. There will always be noise in any real world system so Alice and Bob have to tolerate a small level of error. This level is well known. Various proofs show that if the quantum bit error rate is less than 20 per cent, then the message is secure.
However, these proofs assume that the errors are the result of noise from the environment. Feihu and co say that one key assumption is that the sender, Alice, can prepare the the required quantum states without errors. She then sends these states to Bob and together they use them to generate a secret key that can be used as a one-time pad to send a secure message.
But in the real world, Alice always introduces some errors into the quantum states she prepares and it is this that Feihu have exploited to break the system.
They say this extra noise allows Eve to intercept some of the quantum bits, read them and then send them on, in a way that raises the error rate to only 19.7 per cent. In this kind of “intercept and resend attack”, the error rate stays below the 20 per cent threshold and Alice and Bob are none the wiser, happily exchanging keys while Eve listens in unchallenged.
Feihi and co say they’ve even tested the idea successfully on a system from ID Quantique.
That’s a significant blow to commercial quantum cryptography but not because ID Quantique’s system is now breakable. It is not. Now that the weakness is known, it’s relatively easy for the company to institute more careful checks on the way Alice prepares her states so that unknown errors are less likely.
However, there is now a significant body of work showing how to break conventional quantum cryptography systems based on various practical weaknesses in the way they are set up; things like unwanted internal reflections in the gear that generates quantum bits, efficiency mismatches between photon detectors and lasers that produce extra, hidden photons that Eve can latch on to. All these have been used to find cracks in the system.
But while the known loopholes can be papered over, it’s the unknown ones that represent threats in the future. The problem that Feihu and co have opened up is in showing how easy it is with a little malicious intent to bend the assumptions behind perfect quantum cryptography. That will have a few quantum cryptographers losing sleep in the months and years to come.
Ref: arxiv.org/abs/1005.2376: Experimental Demonstration Of Phase-Remapping Attack In A Practical Quantum Key Distribution System
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today