On Jan 27, 2012, at 8:22 PM, Noon Silk wrote: > On Sat, Jan 28, 2012 at 6:01 AM, Steven Bellovin <[email protected]> wrote: >>> >>> Or at least that's what everyone thought. More recently, various groups >>> have begun to focus on >>> a fly in the ointment: the practical implementation of this process. While >>> quantum key distribution >>> offers perfect security in practice, the devices used to send quantum >>> messages are inevitably >>> imperfect. >> >> This is only surprising if you assume large values of "everyone". Anyone in >> the real world has >> long since worried about implementations. Remember Bob Morris' Rule 1 of >> cryptanalysis: check >> for plaintext. >> (http://www.ieee-security.org/Cipher/ConfReports/conf-rep-Crypto95.html) > > So why didn't one of these "real world" people point this out, to > researchers? It's a bit too easy to claim something as obvious when > someone just told you.
https://www.cs.columbia.edu/~smb/blog/2007-06/2007-06-29.html is something I wrote 4.5 years ago. You'll note that it mentions the issue of sending more than one photon per bit. Bruce Schneier has often written on it: http://www.schneier.com/blog/archives/2010/09/successful_atta.html http://www.schneier.com/blog/archives/2009/12/quantum_cryptog_1.html http://www.wired.com/politics/security/commentary/securitymatters/2008/10/securitymatters_1016 If you go to http://www.mail-archive.com/[email protected]/msg07680.html you'll see a whole thread that I, among many others, participated in. --Steve Bellovin, https://www.cs.columbia.edu/~smb _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
