Quantum crack in cryptographic armour

"A commercial quantum encryption system has been fully hacked for the first time." - Nature News.

A hacker of quantum cryptography
can disguise his interference as
acceptable levels of noise.
Image: A. Prokhorov/iStockphoto

Quantum cryptography isn't as invincible as many researchers thought: a commercial quantum key has been fully hacked for the first time.

In theory, quantum cryptography — the use of quantum systems to encrypt information securely — is perfectly secure. It exploits the fact that it is impossible to make measurements of a quantum system without disturbing it in some way. So, if two people — Alice and Bob, say — produce a shared quantum key to encode their messages, they can be safe in the knowledge that no third party can eavesdrop without introducing errors that will show up when they compare their keys, setting off warning bells.

In practice, however, no quantum cryptographic system is perfect and errors will creep in owing to mundane environmental noise. Quantum physicists have calculated that as long as the mismatch between Alice's and Bob's keys is below a threshold of 20%, then security has not been breached. Now, however, quantum physicist Hoi-Kwong Lo and his colleagues at the University of Toronto in Ontario, Canada, have hacked a commercial system released by ID Quantique (IDQ) in Geneva, Switzerland, while remaining below the 20% threshold.

"Even with a relatively simple attack, the hacker can get the complete key, and nobody would know anything about it," says Lo.