Dear Cryptoexperts, With
http://www.magiqtech.com/press/navajounveiled.pdf and the general hype about quantum cryptography, I am bugged by a question that I can't really solve. I understand the quantum theory and how it makes it impossible for two parties to read the same stream. However, what I don't understand is how that adds to security. The main problem I have with understanding the technology is in the fact that any observation of the quantum stream is immediately detectable -- but at the recipient's side, and only if checksums are being employed, which are not disturbed by continual or sporadic photon flips. So MagiQ and others claim that the technology is theoretically unbreakable. How so? If I have 20 bytes of data to send, and someone reads the photon stream before the recipient, that someone will have access to the 20 bytes before the recipient can look at the 20 bytes, decide they have been "tampered" with, and alert the sender. So I use symmetric encryption and quantum cryptography for the key exchange... the same situation here. Maybe the recipient will be able to tell the sender about the junk it receives, but Mallory already has read some of the text being ciphered. In addition to that, the MITM attack seems to be pertinent, unless I use public-key encryption and authentication. But then I am back to cryptography whose strength is based on intractability and not on a proof. And now I fail to see why quantum crypto is hyped so much. Maybe I am completely misguided, but I would really appreciate some explanation or even pointers. Or someone wants to spend a couple of minutes to explain the process of theoretically unbreakable quantum cryptography step-by-step. Note: I am reading MagiQ's press release with the subtract-marketing-b/s grain of salt. Of course, their technology is superior to everything. However, most of my information and the food for my questions stem from the more scientific side, having read about it in articles in renowned magazines and mailing list posts. Thanks, -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" [EMAIL PROTECTED] invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver! joan of arc heard voices too.
pgp00000.pgp
Description: PGP signature