> Date: Thu, 18 Sep 2003 18:02:50 +0200
> From: martin f krafft <[EMAIL PROTECTED]>
> <lots of questions about quantum key distribution>

I don't know a lot about QKD, but I believe the following is true:

The eavesdropper Eve doesn't know with which basis to measure the
polarity of the each intercepted photon.  When she guesses right, she
gets the correct information and can send it on undetectably.  When
she guesses wrong, she gets a zero or one with equal probability (*)
and half the time sends on the wrong bit (which is again randomized
when Bob reads it with the correct basis).  By eavesdropping Eve thus
introduces a 25% error rate, which is detectable.

After Alice sends the random bits over the quantum channel, Alice and
Bob tell each other over an insecure (even public) classical channel
which bases they used (these were randomly chosen between rectilinear
and diagonal), and they throw away the bits for which they used
different bases.  Bob now knows all the remaining bits but still only
about half of them were measured correctly by Eve unless she was very
lucky.  The information available to Eve is further reduced via a
privacy amplification step (using universal hash functions, I think).

There are proofs of the security of QKD and mechanisms for quantum
authentication.  A google search will find these.


(*) This assumes that Eve's wrong basis is 45 degrees off from the
correct basis.  A different basis will introduce a bias, but that
doesn't help Eve.  Also, this simple description assumes that there is
no transmission error, that single photons can be sent and detected,
etc., which in practice is not true and needs to be corrected for.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to