‘Unbreakable’ Quantum Cryptography is vulnerable say Swedish researchers
Quantum cryptography which is considered as a fully secure encryption method for information transfer is not as secure as it seems, according to researchers from Linköping University and Stockholm University. They found that there’s a loophole in how energy-time entanglement-based quantum encryption works that puts QKD devices at risk.
“With this security hole, it’s possible to eavesdrop on traffic without being detected. We discovered this in our theoretical calculations, and our colleagues in Stockholm were subsequently able to demonstrate it experimentally,” says Jan-Åke Larsson, professor at Linköping University’s Division of Information Coding.
Many research groups around the world are working to make quantum cryptography unaffected to various types of disturbance, and so far it has been possible to handle the disturbance that has been detected. While Quantum cryptography technology is commercially available, there is much doubt as to whether it is actually used.
“It’s mostly rumours, I haven’t seen any system in use. But I know that some universities have test networks for secure data transfer,” says Prof Larsson.
The energy-time entanglement technology for quantum encryption studied here is based on testing the connection at the same time as the encryption key is created. Two photons are sent out at exactly the same time in different directions. At both ends of the connection is an interferometer where a small phase shift is added. This provides the interference that is used to compare similarities in the data from the two stations. If the photon stream is being eavesdropped there will be noise, and this can be revealed using a theorem from quantum mechanics – Bell’s inequality.
In quantum cryptography, the two parties send a photon at each other at the exact same time at different locations, but also add a small phase shift at each side. This provides the interference that is used to compare similarities in the data from the two stations. But if there’s somebody eavesdropping on the exchange, there will be noise in the communication channel, and the phase shift will be smaller, if not, the photons use the phase shift itself as an encryption key.
In their tests, the researchers discovered that data integrity can only be assured if the two parties communicating with each other use a photon source, and not traditional light sources. Consequently they can also read the message without detection.
Physicists at Stockholm University have successively been able to illustrate in practical experiments that it is perfectly possible to replace the light source and thus also eavesdrop on the message.
But this problem can also be solved.
“In the article we propose a number of countermeasures, from simple technical solutions to rebuilding the entire machine,” said Jonathan Jogenfors.
The results of the research have been published in Science Advances.