How to reduce your enemy's information
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Experimental quantum cryptography
Journal of Cryptology - Eurocrypt '90
Quantum Key Distribution and String Oblivious Transfer in Noisy Channels
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Quantum Cryptography with Imperfect Apparatus
FOCS '98 Proceedings of the 39th Annual Symposium on Foundations of Computer Science
Hi-index | 0.00 |
Quantum Cryptography, or more accurately, Quantum Key Distribution (QKD) is based on using an unconditionally secure "quantum channel" to share a secret key among two users. A manufacturer of QKD devices could, intentionally or not, use a (semi-)classical channel instead of the quantum channel, which would remove the supposedly unconditional security. One example is the BB84 protocol, where the quantum channel can be implemented in polarization of single photons. Here, use of several photons instead of one to encode each bit of the key provides a similar but insecure system. For protocols based on violation of a Bell inequality (e.g., the Ekert protocol) the situation is somewhat different. While the possibility is mentioned by some authors, it is generally thought that an implementation of a (semi-)classical channel will differ significantly from that of a quantum channel. Here, a counterexample will be given using an identical physical setup as is used in photon-polarization Ekert QKD. Since the physical implementation is identical, a manufacturer may include this modification as a Trojan Horse in manufactured systems, to be activated at will by an eavesdropper. Thus, the old truth of cryptography still holds: you have to trust the manufacturer of your cryptographic device. Even when you do violate the Bell inequality.