On Fri, 26 Sep 2003 09:10:05 -0400, Greg Troxel <[EMAIL PROTECTED]> wrote:
The current canoncial
paper on how to calculate the number of bits that must be hashed away
due to detected eavesdropping and the inferred amount of undetected
eavesdropping is "Defense frontier analysis of quantum cryptographic
systems" by Slutsky et al:


Up-front disclaimer: I haven't had time to study this paper with the level of attention it likely deserves, so I apologize if the following contains incorrect logic. However, from glancing over it, it appears the assumptions on which the entire paper rests are undermined by work such as that of Elitzur and Vaidman (see the article I linked previously). Specifically, note the following:

"This security is derived from encoding the data on nonorthogonal quantum states of a physical carrier particle. Since such quantum states cannot be duplicated or analyzed in transit without disturbing them, any attempt to interfere with the particle introduces transmission errors and thereby reveals itself to Alice and Bob."

"They [Alice and Bob] then assume that all errors are eavesdropping induced and estimate Eve's potential knowledge of their data in this worst-case situation."

If we do away with the idea that there are no interaction-free measurements (which was, at least to me, convincingly shown by the Quantum seeing in the dark article), this paper becomes considerably less useful; the first claim's validity is completely nullified (no longer does interference with particles necessarily introduce transmission errors), while the effect on the second statement is evil: employing the proposed key distillation techniques, the user might be given a (very) false sense of security, as only a small percentage of the particles that Eve observes register as transmission errors (<=15%, according to the LANL figure).

Best regards,
Ivan Krstic

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to