Hackers crack commercial quantum encryption systems

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Hackers crack commercial quantum encryption systems

It’s just asking for trouble to describe an encryption system as ‘unhackable – and now a Norwegian team claims to have cracked what’s been hailed as the ultimate in secure communications, quantum cryptography.

Quantum cryptography makes use of the Heisenberg uncertainty principle – observation causes perturbation – to reveal eavesdropping on an optical fiber. Any interference with the signal changes it, revealing the tampering.

But although this might seem fool-proof, the security of quantum cryptography is still dependent on the lack of loopholes.

“The security of quantum cryptography relies on quantum physics but not only – it must also be properly implemented. This fact was often overlooked in the past,” says professor Gerd Leuchs of the University of Erlangen-Nürnberg and the Max Planck Institute for the Science of Light.

And now the team in Erlangen, together with the Norwegian University of Science and Technology (NTNU), has found a technique to remotely

control a key component of most of today’s quantum cryptography systems, the photon detector.

“Unlike previously published attempts, this attack is implementable with current off-the-shelf components,” says Dr Vadim Makarov, a researcher in the Quantum Hacking group at NTNU.

“Our eavesdropping method worked both against MagiQ Technology’s QPN 5505 and ID Quantique Clavis2 systems.”

The hackers simply used a laser to blind the receiver’s photon detector while they intercepted the signal and generated a new one to send on to the receiver.

Blasting the photon detector stops it acting as a specific photon detector, but still causes it to read a ‘1’. The hackers simply flashed a bright pulse of light at the detector every time a ‘1’ was read in the original signal, meaning that the receiver still got the correct message.

However, this message was a ‘forgery’ – a standard signal rather than a quantum one – meaning there was no indication that it had been intercepted.

The hackers say they’re revealed their technique to both system manufacturers, who have developed and tested a countermeasure. There’s details of the hack, here.