|
| related topics |
| {key, protocol, security} |
| {theory, mechanics, state} |
| {state, phys, rev} |
| {measurement, state, measurements} |
| {algorithm, log, probability} |
| {light, field, probe} |
| {force, casimir, field} |
| {state, algorithm, problem} |
| {information, entropy, channel} |
| {state, states, coherent} |
| {photon, photons, single} |
| {equation, function, exp} |
| {particle, mechanics, theory} |
| {qubit, qubits, gate} |
| {cos, sin, state} |
|
On the security of AlphaEta: Response to `Some attacks on quantum-based
cryptographic protocols'
Horace P. Yuen, Ranjith Nair, Eric Corndorf, Gregory S. Kanter, Prem Kumar
abstract: Lo and Ko in [1] have developed some attacks on the cryptosystem called
AlphaEta [2], claiming that these attacks undermine the security of AlphaEta
for both direct encryption and key generation. In this paper, we show that
their arguments fail in many different ways. In particular, the first attack in
[1] requires channel loss or length of known-plaintext that is exponential in
the key length and is unrealistic even for moderate key lengths. The second
attack is a Grover search attack based on `asymptotic orthogonality' and was
not analyzed quantitatively in [1]. We explain why it is not logically possible
to ``pull back'' an argument valid only at n=infinity into a limit statement,
let alone one valid for a finite number of transmissions n. We illustrate this
by a `proof' using a similar asymptotic orthogonality argument that
coherent-state BB84 is insecure for any value of loss. Even if a limit
statement is true, this attack is a priori irrelevant as it requires an
indefinitely large amount of known-plaintext, resources and processing. We also
explain why the attacks in [1] on AlphaEta as a key-generation system are based
on misinterpretations of [2]. Some misunderstandings in [1] regarding certain
issues in cryptography and optical communications are also pointed out. Short
of providing a security proof for AlphaEta, we provide a description of
relevant results in standard cryptography and in the design of AlphaEta to put
the above issues in the proper framework and to elucidate some security
features of this new approach to quantum cryptography.
- oai_identifier:
- oai:arXiv.org:quant-ph/0509091
- categories:
- quant-ph
- comments:
- Accepted for publication in QIC; Reset in Journal format; some minor
typos and language changes
- arxiv_id:
- quant-ph/0509091
- created:
- 2005-09-13
- updated:
- 2006-07-12
Full article ▸
|
|
| related documents |
| 0609094v1 |
| 0608199v3 |
| 0601130v2 |
| 0701168v1 |
| 0608030v3 |
| 0703099v5 |
| 0703069v1 |
| 0603234v1 |
| 0611145v1 |
| 0603135v1 |
| 0605041v4 |
| 0509211v1 |
| 0511163v2 |
| 0610096v2 |
| 0612016v1 |
| 0603024v2 |
| 0612052v2 |
| 0701091v1 |
| 0511219v3 |
| 0608156v1 |
| 0509189v2 |
| 0702155v3 |
| 0606017v1 |
| 0609160v1 |
| 0606242v3 |
|