I'm curious on one point of terminology - my understanding of the term "EVE" was that she could not be active, and could not repeat. Is this defined anywhere?

In Quantum Cryptography, Eve is allowed to not only observe, but also transmit (in the quantum world observing modifies state, so the notion of read only doesn't make sense). Also, Eve is typically accorded unlimited computational power. So, you can think of the QC Eve as the classical Mallory with infinite CPU. A consequence of the infinite CPU assumption is that ciphers like AES, hash functions like SHA-1, etc. are all considered useless by the purist QC community. Thus, people talk about doing authentication with families of universal hash functions. This has the practical problem that the original (courier-transported) secret keying material for authentication is used up, and the typical scheme talked about is using some of the agreed-upon QKD bits to replenish the authentication keying material. This does not seem very robust. Note that the press release completely ignored all of these hard problems :-) -- Greg Troxel <[EMAIL PROTECTED]> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]