Wednesday, October 8, 2008
Many media are currently reporting that a Norwegian student, Vadim Makarov, cracked quantum cryptography. According to them, he has broken the unbreakable cryptosystem.
Let’s investigate a little bit. The easiest is to go on his personal site. There is a link to a poster session from SECOQ conference. This poster session of course explains the hack. He found a weakness in the implementation of the photonics receiver. This allows him to setup a Man In the Middle attack. He can then impersonate Alice.
Thus, it is a good piece of reverse engineering and hacking. It highlights that often flaws come from implementation and that Law 1 is always true. Nevertheless, quantum cryptography is not yet broken. It would be equivalent to state that AES broken because AACS was broken:-(
Once more, media are using appealing titles. Unfortunately, they are misleading. In some cases, it is that the journalist does not understand what he is writing about. In other cases, it is to be more attractive.