Published online 29 August 2010 | Nature | doi:10.1038/news.2010.436

News

Hackers blind quantum cryptographers

Lasers crack commercial encryption systems, leaving no trace.

representation of photonsA way to intercept photons of light to create a security leak has been discovered.Punchstock

Quantum hackers have performed the first 'invisible' attack on two commercial quantum cryptographic systems. By using lasers on the systems — which use quantum states of light to encrypt information for transmission — they have fully cracked their encryption keys, yet left no trace of the hack.

Quantum cryptography is often touted as being perfectly secure. It is based on the principle that you cannot make measurements of a quantum system without disturbing it. So, in theory, it is impossible for an eavesdropper to intercept a quantum encryption key without disrupting it in a noticeable way, triggering alarm bells.

Vadim Makarov at the Norwegian University of Science and Technology in Trondheim and his colleagues have now cracked it. "Our hack gave 100% knowledge of the key, with zero disturbance to the system," he says.

In standard quantum cryptographic techniques, the sender — called 'Alice' for convenience — generates a secret key by encoding classical bit values of 0 and 1 using two different quantum states of photons, or particles of light. The receiver, 'Bob', reads off these bit values using a detector that measures the quantum state of incoming photons. In theory, an eavesdropper, 'Eve', will disturb the properties of these photons before they reach Bob, so that if Alice and Bob compare parts of their key, they will notice a mismatch.

In Makarov and colleagues' hack, Eve gets round this constraint by 'blinding' Bob's detector — shining a continuous, 1-milliwatt laser at it. While Bob's detector is thus disabled, Eve can then intercept Alice's signal. The research is published online in Nature Photonics today1.

Breaking the rules

The cunning part is that while blinded, Bob's detector cannot function as a 'quantum detector' that distinguishes between different quantum states of incoming light. However, it does still work as a 'classical detector' — recording a bit value of 1 if it is hit by an additional bright light pulse, regardless of the quantum properties of that pulse.

That means that every time Eve intercepts a bit value of 1 from Alice, she can send a bright pulse to Bob, so that he also receives the correct signal, and is entirely unaware that his detector has been sabotaged. There is no mismatch between Eve and Bob's readings because Eve sends Bob a classical signal, not a quantum one. As quantum cryptographic rules no longer apply, no alarm bells are triggered, says Makarov.

"We have exploited a purely technological loophole that turns a quantum cryptographic system into a classical system, without anyone noticing," says Makarov.

Makarov and his team have demonstrated that the hack works on two commercially available systems: one sold by ID Quantique (IDQ), based in Geneva, Switzerland, and one by MagiQ Technologies, based in Boston, Massachusetts. "Once I had the systems in the lab, it took only about two months to develop a working hack," says Makarov.

This is the latest in a line of quantum hacks. Earlier this year, a group led by Hoi-Kwong Lo at the University of Toronto in Ontario, Canada, also showed that an IDQ commercial system could be fully hacked. However, in that case, the eavesdropper did introduce some noticeable errors in the quantum key2.

Grégoire Ribordy, chief executive of IDQ, says that the hack of Makarov and his group is "far more practical to implement and goes further than anything that has gone before".

Both IDQ and MagiQ welcome the hack for exposing potential vulnerabilities in their systems. Makorov informed both companies of the details of the hack before publishing, so that patches could made, avoiding any possible security risk.

ADVERTISEMENT

"We provide open systems for researchers to play with and we are glad they are doing it," says Anton Zavriyev, director of research and development at MagiQ.

Ribordy and Zavriyev stress that the open versions of their systems that are sold to university researchers are not the same as those sold for security purposes, which contain extra layers of protection. For instance, the fully commercial versions of IDQ's system also use classical cryptographic techniques as a safety net, says Ribordy.

Makarov agrees that the hack should not make people lose confidence in quantum cryptography. "Our work will ultimately make these systems stronger," he says. "If you want state-of-the-art security, quantum cryptography is still the best place to go." 

Comments

If you find something abusive or inappropriate or which does not otherwise comply with our Terms or Community Guidelines, please select the relevant 'Report this comment' link.

Comments on this thread are vetted after posting.

  • #60947

    TIL that there are actual commercial quantum crypto systems. I thought all of this stuff was still theoretical and in labs.

Commenting is now closed.