Boffins find quantum cryptography loophole

Quantum cryptography, thought to be an almost impenetrable system for protection, is not completely secure, researchers have claimed.

Encryption

Vulnerabilities can be exploited in quantum cryptography, a method believed to have been close to flawless in terms of security, researchers have claimed.

Quantum cryptography uses the Heisenberg uncertainty principle that rules observation causes perturbation, meaning anyone who is trying to spy on a quantum key distribution system should be caught with ease.

However, the technology also requires no vulnerabilities to be present during implementation, just like with standard security products, and this is where systems could be exploited.

The loophole found by researchers, who sent their preliminary findings in a letter to Nature Photonics, involved using specially tailored bright illumination to effectively blind detectors in quantum key distribution systems.

This flaw could allow attackers to gain control over the detectors and get a perfect copy of the encryption key, without leaving any sign of a hack.

The team consisted of academics from the Norwegian University of Science and Technology (NTNU), the University of Erlangen-Nrnberg and the Max Planck Institute for the Science of Light.

They said the eavesdropping method was effective against both MagiQ Technology's QPN 5505 and ID Quantique Clavis2 quantum cryptography systems, both of which are commercially available.

ID Quantique has been working with NTNU on securing products and they will continue to collaborate on testing security aspects of the company's quantum cryptography solutions.

"Testing is a necessary step to validate a new security technology and the fact that this process is applied today to quantum cryptography is a sign of maturity for this technology," said Gregoire Ribordy, chief executive (CEO) of ID Quantique.

The researchers are working with other manufacturers to create countermeasures for identifying security holes.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021