Strengthening Quantum Cryptography by Putting On Blinders

A Korea-UK team (contact Myungshik Kim, Queen's University, Belfast, m.s.kim@qub.ac.uk , or Chilmin Kim, Paichai University) has introduced a method for preventing several clever attacks against quantum cryptography, a form of message transmission that uses the laws of quantum physics to make sure an eavesdropper does not covertly intercept the transmission. Making the message sender and receiver a little blind to each other's actions, the researchers have shown, can bolster their success against potential eavesdroppers.

In quantum cryptography, a sender (denoted as Alice) transmits a message to a receiver (called Bob) in the form of single photons each representing the 0s and 1s of binary code. If an eavesdropper (appropriately named Eve) attempts to intercept the message, she will unavoidably disturb the photon through the Heisenberg uncertainty principle, which says that even the gentlest observation of the photon will perturb the particle. This will be instantly detectable by Alice and Bob, who can stop the message and start again. Quantum cryptography is already being used in the real world and is even available commercially as a way for companies to transmit sensitive financial data.

But in its real-world implementation, a weak pulse of light (rather than a perfect stream of single photons) is sent down a transmission line that is "lossy," or absorbs photons. So feasible attacks on quantum cryptography include the pulse-splitting attack (in which Eve splits a transmitted pulse into two pulses and examines one of them for information), the pulse-cloning attack (in which a transmitted pulse is copied to relatively high accuracy and then inspected for its information), and the "man-in-middle" or impersonation attack, in which Eve could impersonate Alice or Bob by intercepting the transmission and acting as sender or receiver.

A new paper proposes a solution to these three attacks by proposing a technique called "blind polarization." In this technique, Alice and Bob verify their identities to each other in a rather paradoxical way, by performing some actions that is their own private information. Yet these actions make the message completely indecipherable to a third party. Alice creates a pair of pulses, but with random polarizations (polarization indicates the direction or angle in which each pulse's electric field points relative to some reference, such as a horizontal line) Alice sends the pulses to Bob, who does not know the polarizations.

Nonetheless, without measuring the polarization values, Bob is able to rotate the polarization of one pulse by one amount and the other pulse by another amount, but he doesn't tell Alice which pulses got which treatment. Alice receives the pulses, and then encodes them with a message (representing the binary value 0 or 1, which could stand for "no" or "yes"), then blocks one of the pulses, without telling Bob which one was blocked. Bob then reverses the various polarizations by a certain amount to get the desired message. The various polarization adjustments are designed in such a way that either pulse Alice sends will yield the desired information.

According to researcher Myungshik Kim, Alice has her own private information on which pulse is blocked, while Bob has his own private information on which pulse he rotated by a given amount. Once Alice begins the transmission, there is no way for Eve to have this private information which makes their protocol effective against the man-in-middle and other attacks. (Kye et al., Physical Review Letters, upcoming article).

This paper is the latest in a wave that plugs up potential vulnerabilities in quantum cryptography (for an example of using "quantum decoys" to thwart attacks, see Lo et al., Physical Review Letters, 17 June 2005)