> Date: Thu, 18 Sep 2003 18:02:50 +0200 > From: martin f krafft <[EMAIL PROTECTED]> > > <lots of questions about quantum key distribution>
I don't know a lot about QKD, but I believe the following is true: The eavesdropper Eve doesn't know with which basis to measure the polarity of the each intercepted photon. When she guesses right, she gets the correct information and can send it on undetectably. When she guesses wrong, she gets a zero or one with equal probability (*) and half the time sends on the wrong bit (which is again randomized when Bob reads it with the correct basis). By eavesdropping Eve thus introduces a 25% error rate, which is detectable. After Alice sends the random bits over the quantum channel, Alice and Bob tell each other over an insecure (even public) classical channel which bases they used (these were randomly chosen between rectilinear and diagonal), and they throw away the bits for which they used different bases. Bob now knows all the remaining bits but still only about half of them were measured correctly by Eve unless she was very lucky. The information available to Eve is further reduced via a privacy amplification step (using universal hash functions, I think). There are proofs of the security of QKD and mechanisms for quantum authentication. A google search will find these. Ray (*) This assumes that Eve's wrong basis is 45 degrees off from the correct basis. A different basis will introduce a bias, but that doesn't help Eve. Also, this simple description assumes that there is no transmission error, that single photons can be sent and detected, etc., which in practice is not true and needs to be corrected for. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]