Jonathan Barrett, Roger Colbeck, Adrian Kent
Device-independent quantum cryptographic schemes aim to guarantee security to
users based only on the output statistics of any components used, and without
the need to verify their internal functionality. Since this would protect users
against untrustworthy or incompetent manufacturers, sabotage or device
degradation, this idea has excited much interest, and many device-independent
schemes have been proposed. We point out here a critical weakness of
device-independent quantum cryptography protocols that rely on public
communication between secure laboratories. Untrusted devices may record their
inputs and outputs and reveal encoded information about them in their outputs
during later runs. Reusing devices thus compromises the security of a protocol
and risks leaking secret data. Immediate solutions include securely destroying
used devices, or isolating them until previously generated data need no longer
be kept secret. However, these solutions are costly and would impose severe
constraints on the practicality of any protocol that is secure against an
untrusted supplier. We briefly consider other possible defences available in
scenarios where device reuse is restricted.
View original:
http://arxiv.org/abs/1201.4407
No comments:
Post a Comment