Dear Cryptoexperts,

With

  http://www.magiqtech.com/press/navajounveiled.pdf

and the general hype about quantum cryptography, I am bugged by
a question that I can't really solve. I understand the quantum
theory and how it makes it impossible for two parties to read the
same stream. However, what I don't understand is how that adds to
security.

The main problem I have with understanding the technology is in the
fact that any observation of the quantum stream is immediately
detectable -- but at the recipient's side, and only if checksums are
being employed, which are not disturbed by continual or sporadic
photon flips.

So MagiQ and others claim that the technology is theoretically
unbreakable. How so? If I have 20 bytes of data to send, and someone
reads the photon stream before the recipient, that someone will have
access to the 20 bytes before the recipient can look at the 20
bytes, decide they have been "tampered" with, and alert the sender.
So I use symmetric encryption and quantum cryptography for the key
exchange... the same situation here. Maybe the recipient will be
able to tell the sender about the junk it receives, but Mallory
already has read some of the text being ciphered.

In addition to that, the MITM attack seems to be pertinent, unless
I use public-key encryption and authentication. But then I am back
to cryptography whose strength is based on intractability and not on
a proof. And now I fail to see why quantum crypto is hyped so much.

Maybe I am completely misguided, but I would really appreciate some
explanation or even pointers. Or someone wants to spend a couple of
minutes to explain the process of theoretically unbreakable quantum
cryptography step-by-step.

Note: I am reading MagiQ's press release with the
subtract-marketing-b/s grain of salt. Of course, their technology is
superior to everything. However, most of my information and the food
for my questions stem from the more scientific side, having read
about it in articles in renowned magazines and mailing list posts.

Thanks,

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED]
 
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
 
joan of arc heard voices too.

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to