Over the past few years, the fact that QKD had been broken has been reported several times in scientific journals, in spite of the fact that its proponents claim that its security is based on quantum physics. What does this mean? Does the security of QKD really rely on quantum physics?
Yes, the security of quantum cryptography is based on the laws of quantum physics, but not only… It is also essential to ensure that a specific implementation conforms to the model and does not include any loopholes. If you see a headline claiming that “QKD has been broken”, you should actually understand “a specific implementation of QKD technology has been broken”. This is no news to IDQ, whose founders wrote in a review article in 2002 “Despite the elegance and generality of security proofs, the ideal of a Quantum Cryptography system whose security relies entirely on quantum principles is unrealistic. The technological implementation of abstract principles will always be questionable. It is likely that they will remain the weakest point in all system.” How to ensure that QKD holds its promises?
The only way to ensure that QKD technology holds its promises is to test it, just like in the case of conventional security techniques. Ideally, these tests should be carried out by independent groups. This is why IDQ collaborates with the leading research groups in the area of quantum hacking. How strong are the attacks that have been demonstrated?
Some of the attacks that have been proposed by research groups are quite powerful, but it is important to stress that they remain academic and do not apply in practice. They usually require an adjustment phase that would introduce noticeable perturbations in the link. Moreover, they require an in-depth characterization of the actual QKD system to be attacked. This is possible in the lab, but not in the field. >> Back to topWhat is the advantage of QKD over conventional key establishment methods?
There are two requirements for a key establishment method – whether conventional or quantum – to be considered secure:
Quantum Key Distribution is the only technology that can fulfil both of these conditions. It is indeed possible to rigorously prove its security of principle, with only an assumption that the laws of quantum physics apply. This is not the case for conventional key establishment methods, where one must make assumptions on computing resources available to an adversary as well as possible theoretical progress in the field of mathematics. As for implementation security, the problem is similar in the case of conventional and quantum key establishment methods. Could QKD actually be weaker than conventional key establishment techniques?
No, at least not in the case of IDQ’s QKD products. These are at least as secure as conventional encryption technology, because they implement dual key agreement. QKD does not replace but complements conventional key distribution techniques. Two keys are exchanged – one using conventional techniques and one using QKD – before being combined to produce a resulting key as strong as the strongest of the two keys. This approach guarantees that the communications will remain protected as long as at least one of the two key distribution techniques is secure. Is it possible to certify a QKD product to guarantee its security level?
No, QKD certification does not exist yet. Certification procedures have not been developed yet. In 2008, an Industry Specification Group was formed at the European Telecom Institute (ETSI) in Sophia-Antipolis, France to develop the first standards for this technology and establish certification procedures. IDQ plays an important role in this group. The first specifications are expected to be published in 2010 and they will pave the way for QKD certification. IDQ’s QKD products have however received in 2009 Common Criteria EAL4+ certification, but this certification covers only the conventional key distribution part and the dual key agreement. QKD cannot open up a loophole in IDQ’s products. |
products  Conventional Encryption
White Papers Videos RESource centerS
|
