 |
| Light damage: the new hacks involve laser-heating components to thwart security measures. (Courtesy: iStock/Arttanja) |
Topics: Computer Science, Cryptography, Internet, Lasers, Quantum Computer, Quantum Hacking, Quantum Mechanics
Somewhat like Richard Feynman that never meet a safe he didn't want to crack, there will be some of us that will take on the task of solving any puzzle before us, even those meant to safeguard and make us feel at least some sense of security. I guess it's good to know now before we all get our hopes too high. My father used to say: "locks are made for honest people." I think he may have been right.
A new way to hack quantum-cryptography systems has been unveiled by physicists in Canada. The method involves using a powerful laser to physically damage the optical equipment used to send and receive secret keys in "quantum key distribution" (QKD) systems. QKD systems are already in commercial use, and this latest disruption comes as quantum-cryptography experts have already modified their systems to make them immune to other eavesdropping techniques.
QKD uses the laws of quantum mechanics to guarantee complete security when two people exchange a cryptographic key. This secret key then allows them to exchange information using conventional communications. The sender and receiver – usually called Alice and Bob, respectively – share a secret key made up of a series of quantum states that an eavesdropper, Eve, is in principle unable to intercept without altering those states and thereby revealing her presence. [1]
Abstract
Quantum communication protocols such as quantum cloud computing, digital signatures, coin-tossing, secret-sharing, and key distribution, using similar optical technologies, claim to provide unconditional security guaranteed by quantum mechanics. Among these protocols, the security of quantum key distribution (QKD) is most scrutinized and believed to be guaranteed as long as implemented devices are properly characterized and existing implementation loopholes are identified and patched. Here we show that this assumption is not true. We experimentally demonstrate a class of attacks based on laser damage, capable of creating new security loopholes on-demand. We perform it on two different implementations of QKD and coin-tossing protocols, and create new information leakage side-channels. Our results show that quantum communication protocols cannot guarantee security alone, but will always have to be supported by additional technical countermeasures against laser damage. [2]
1. Physics World: Lasers burn holes in quantum security systems
Edwin Cartlidge, science writer based in Rome
2. Physics arXiv: Laser damage creates backdoors in quantum communications
Vadim Makarov, Jean-Philippe Bourgoin, Poompong Chaiwongkhot, Mathieu Gagne, Thomas Jennewein, Sarah Kaiser, Raman Kashyap, Matthieu Legre, Carter Minshull, Shihan Sajeed
Comments