Quantum cryptography, considered to be one of the
most complex and unbreakable methods of encryption, has been found to be
vulnerable to attack, according to a major new study.
Published in Science Advances, the paper concluded
that energy-time entanglement, which underpins many forms of quantum
cryptography, is exploitable.
Researchers from Stockholm University and Linköping
University observed in theoretical models and later in actual experiments that
the critical security flaw could allow for attackers to “eavesdrop on traffic
without being detected”.
“The energy-time entanglement technology for
quantum encryption studied here is based on testing the connection at the same
time as the encryption key is created,” the experts highlighted in an official press release.
“Two photons are sent out at exactly the same time
in different directions. At both ends of the connection is an interferometer
where a small phase shift is added. This provides the interference that is used
to compare similarities in the data from the two stations.
“If the photon stream is being eavesdropped there
will be noise, and this can be revealed using a theorem from quantum mechanics
– Bell’s inequality.”
All that said, if the connection is actually secure
– and therefore “free from noise” – the photons can be used as an
encryption key. This ensures that your communication remains inaccessible and
unreadable.
“If the photon stream is
being eavesdropped there will be noise, and this can be revealed using a
theorem from quantum mechanics – Bell’s inequality.”
What the researchers have therefore deduced from
their experiments is that if the photon source is substituted with what they
call a traditional light source, a particularly informed attacker can extract
the code string.
Armed with that insight – i.e. they now know what
the key is – the snoop can access the encrypted data surreptitiously,
rendering Bell’s inequality-inspired security test redundant.
Writing about quantum cryptography last year, the
information security consultant Rob Slade said that while he appreciates the idea behind it, “it is just
another form of key exchange”.