There are lots of types of QC. I'll just mention two.

In "classic" QC Alice generates polarised photons at randomly chosen either
"+" or "x" polarisations. Bob measures the received photons using a randomly
chosen polarisation, and tells Alice whether the measurement polarisation he
chose was "+" or "x", on a authenticated but non-secret channel. Alice
replies with a list of correct choices, and the shared secret is calculated
according as to whether the "+" polarisations are horizontal or vertical,
similar for the "slant" polarisations.

If the channel is authentic then a MitM is hard - but not impossible. The
"no-cloning" theorem is all very well, but physics actually allows imperfect
cloning of up to 5/6 of the photons while retaining polarisation, and this
should be allowed for as well as the noise calculations. I don't know of any
existing OTS equipment that does that.

A lasing medium can in theory clone photons with up to 5/6 of them retaining
enough polarisation data to use as above, though in practice the noise is
usually high.

There is also another less noisy cloning technique which has recently been
done in laboratories, though it doubles the photon's wavelength, which would
be noticeable, and I can't see ofhand how in practice to half the wavelength
again without losing polarisation (except perhaps using changing
gravitational fields and the like); but there is no theory that says that
that can't be done.

In another type of QC Alice and Bob agree on the measurement angles (any
angles, not just multiples of 45 deg) they will use, and Alice generates a
pair of entangled photons, sending one to Bob. Both measure the individual
photons at that angle, and the shared secret is generated according to
whether the photons pass the filter.

If the agreed-on measurement angles are kept secret, and noise bounds etc
are obeyed, then a MitM is hard as before except the theoretical maximum
ratio of "clonable" photons is lower - but it isn't much use, except as an
"otp key multiplier".

There are a zillion variations on these themes, and other types of QC. For
instance Alice can send Bob data rather than generating a random shared
secret, and without a separate channel, if she generates the quantum string
using a preshared secret. Mallory can get 1/2 of the bits, but AONT's can
defend against that, and if properly implemented no MitM is possible.

And so on.

Peter Fairbrother

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to