Published online 27 April 2007 | Nature | doi:10.1038/news070423-10


Quantum cryptography is hacked

Simulation proves it's possible to eavesdrop on super-secure encrypted messages.

Hackers might be able to pick up on quantum encrypted messages.Hackers might be able to pick up on quantum encrypted messages.Punchstock

A team of researchers has, for the first time, hacked into a network protected by quantum encryption.

Quantum cryptography uses the laws of quantum mechanics to encode data securely. Most researchers consider such quantum networks to be nearly 100% uncrackable. But a group from the Massachusetts Institute of Technology (MIT) in Cambridge was able to 'listen in' using a sort of quantum-mechanical wiretap. The trick allowed them to tease out about half of the data, in a way that couldn't be detected by those transmitting or receiving the message.

The group admits that their hack isn't yet capable of eavesdropping on a real network. "It is not something that currently could attack a commercial system," says Jeffrey Shapiro, a physicist at MIT and one of the authors on the study.

But they expect that one day it will be able to do so, if quantum encryption isn't adequately adapted to stop such hackers from succeeding.

Tangled message

“It is not something that currently could attack a commercial system.”

Jeffrey Shapiro

Most quantum networks send secret data in the polarization of photons. The sender encodes each photon's polarization such that the receiver who tries to measure it will only get the right information out about half of the time. When this information does come through, the duo can agree to use that particular bit of data as a key to encode and decode a message.

The system ensures secrecy because anyone intercepting a transmitted photon will disrupt its polarization, and affect the rate at which the receiver can correctly measure it. So the sender and receiver can detect the eavesdropper by noticing a spike in the transmission error rate. They can then stop communicating or try again on a different network.

Shapiro and his co-authors have successfully executed a trick that gets at least part-way around this. To listen in, the team used a quantum-mechanical principle known as entanglement, which can link together two different traits of a particle. Using an optical setup, the team was able to entangle the transmitted photon's polarization with its momentum. The eavesdropper could then measure the momentum in order to get information about the polarization, without affecting the original polarization.

But the tap isn't perfect, says co-author Franco Wong. The entanglement does sometimes perturb the polarization, and Wong says that the team can only extract about 40% of the transmitted data without causing the error rate to rise noticeably.

The idea for this cunning trick has been around since 1998, but nobody had put it into practice until now. The team's experimental proof-of-concept is published in the 25 April issue of the journal Physical Review A1.

Simulated attack


Aside from the occasional perturbation to the polarization, there is a more important reason why the team's particular setup wouldn't work in the real world, says Hoi-Kwong Lo, a quantum cryptographer at the University of Toronto in Canada. Their apparatus destroys the photon by measuring its momentum. So in this setup, the detector has to measure both polarization and momentum simultaneously, giving one bit of information to the eavesdropper and the other bit to the receiver. This means both people have to be sitting in the same room, using the same photon detector, notes Lo. That might just give the eavesdropper away.

To grab the information en-route would require a 'quantum non-demolition box' — a theoretically possible but as-yet-unbuilt device that could measure the photon and pass it along. "What they have done is a simulation of an attack, not a real one," says Lo.

Shapiro and Wong agree. And they add that a quantum cryptographic network can be simply tweaked to beat their attack. By making the key out of a lot of photons instead of just a few, the sender and receiver could ensure that the eavesdropper never got enough of the key to use it. Still, they say, the work shows that secrets — even quantum ones — are never entirely safe.

Visit our cryptographyis_hacked.html">newsblog to read and post comments about this story.  


  • References

    1. Kim T., et al. Phys. Rev. A, 75. 042327 (2007).