So much for totally secure
Last modified on Monday, 21 April 2008 13:04
Quantum cryptography, which was being touted as totally secure against attacks on sensitive data traffic, has a flaw.
According to Swedish boffins, there is a bug in the way the system is set up, although it can be fixed, as Jan-Aake Larsson, an Associate Professor of Applied Mathematics at the Linkoeping University in southern Sweden told AFP.
Quantum cryptography was based on the idea that quantum mechanical objects cannot be measured upon without being disturbed and setting off alarm bells that the transmitted data has been manipulated. The technology is pricey and limited to short-range transmissions and is still in the testing stage.
But Larsson said he and his student Joergen Cederloef found that to send the key over the quantum channel, you must simultaneously send additional data over the traditional Internet channel, and then verify that the classical data has not been changed through an authentication process, he explained.
While the data was secure, a gap appears because this is a combined system, which complicates things so much that the usual security system in some cases does not work. The way around this is to use a handshake between legitimate users.