[cryptography] Well, that's depressing. Now what?

Noon Silk noonslists at gmail.com
Sat Jan 28 18:39:11 EST 2012

On Sun, Jan 29, 2012 at 1:23 AM, Steven Bellovin <smb at cs.columbia.edu> wrote:
> On Jan 27, 2012, at 8:22 PM, Noon Silk wrote:
>> On Sat, Jan 28, 2012 at 6:01 AM, Steven Bellovin <smb at cs.columbia.edu> wrote:
>>>> Or at least that's what everyone thought. More recently, various groups have begun to focus on
>>>> a fly in the ointment: the practical implementation of this process. While quantum key distribution
>>>> offers perfect security in practice, the devices used to send quantum messages are inevitably
>>>> imperfect.
>>> This is only surprising if you assume large values of "everyone".  Anyone in the real world has
>>> long since worried about implementations.  Remember Bob Morris' Rule 1 of cryptanalysis: check
>>> for plaintext.  (http://www.ieee-security.org/Cipher/ConfReports/conf-rep-Crypto95.html)
>> So why didn't one of these "real world" people point this out, to
>> researchers? It's a bit too easy to claim something as obvious when
>> someone just told you.
> https://www.cs.columbia.edu/~smb/blog/2007-06/2007-06-29.html is something I wrote 4.5
> years ago.  You'll note that it mentions the issue of sending more than one photon per
> bit.  Bruce Schneier has often written on it:
> http://www.schneier.com/blog/archives/2010/09/successful_atta.html
> http://www.schneier.com/blog/archives/2009/12/quantum_cryptog_1.html
> http://www.wired.com/politics/security/commentary/securitymatters/2008/10/securitymatters_1016
> If you go to http://www.mail-archive.com/cryptography@metzdowd.com/msg07680.html
> you'll see a whole thread that I, among many others, participated in.

Right, but I said *specifically about the mentioned issue, in the
original post*. Of course it would be ridiculous and wrong to claim
the non-research world hasn't spoken about the issue with QKD in
general, and commented on specific proposals.

In your original post it looked to me that you claimed the found issue
was obvious; not that side channel attacks were obvious (I addressed
this in an earlier email).

>                --Steve Bellovin, https://www.cs.columbia.edu/~smb

Noon Silk

Fancy a quantum lunch? https://sites.google.com/site/quantumlunch/

"Every morning when I wake up, I experience an exquisite joy — the joy
of being this signature."

More information about the cryptography mailing list