[cryptography] Well, that's depressing. Now what?

Sven Moritz Hallberg pesco at khjk.org
Fri Jan 27 16:49:40 EST 2012


On Fri, 27 Jan 2012 13:39:44 -0500, Warren Kumari <warren at kumari.net> wrote:
> If your security widget vendor is malicious, they may include some
> sort of storage in devices you purchase, record secret bits and
> someone might pull them out in the future....
> 
> Surely I am missing something here? Or is that really the news?

I thought the same thing and skimmed (very incompletely) through the
paper. They do talk about how to hide the saved bits in later sessions
of particular QKD protocols, so maybe there is something inherent there
that would make such an attack, say, especially hard to detect in the
QKD setting?

-SMH



More information about the cryptography mailing list