"The practical applications of quantum encryption may be getting closer. A paper published in Physical Review Letters by Vedran Dunjko, Petros Wallden, and Erika Andersson presents a way to use Quantum Digital Signatures without requiring long term quantum memory.
provides a summary:
Quantum digital signatures (QDSs) allow the sending of messages from one sender to multiple recipients, with the guarantee that messages cannot be forged or tampered with. Additionally, messages cannot be repudiated; if one recipient accepts a message, she is guaranteed that others will accept the same message as well. While messaging with these types of security guarantees are routinely performed in the modern digital world, current technologies only offer security under computational assumptions. QDSs, on the other hand, offer security guaranteed by quantum mechanics. All of the variants of QDSs proposed thus far require long-term, high quality quantum memory, making them unfeasible in the foreseeable future. Here, we present a QDS scheme where no quantum memory is required, which also needs just linear optics. This makes QDSs feasible with current technology."
[Ed. Note] The Physical Review Letters link has all the fun details, but Phys.org provides a more understandable article for the layperson.
(I agree, the quality of editing is MUCH better than that other site! Keep up the great work!)
I'm not convinced that quantum entanglement is such a "guarantee" of security as so many stories (like this) make it out to be.I'm not a physicist, but it's my understanding there are no guarantees in the quantum world, only probabilities. That is,the premise this story assumes is that because we cannot interfere with a quantum particle without altering its state, we willtherefore know if it's been interfered with. However is that really true? The Uncertainty Principle (from what I understand) statesthere will be some diminished level of certainty about attribute A of a particle the more you know about a related attribute Bof the particle. However this is a scale of certainties whose precision changes, it's not either 0% or 100%, is it? Note there is aworld of difference between "negligable probability" and "guarantee" -- is this just poor wording on all these stories' parts?Besides, doesn't the supposed "security" of quantum entanglement in cryptography assume we only interfere once? That is, even if the Uncertainty Principle GUARANTEED with 100.0% probability that you flip the state of a particle when you look at it, couldn't you keep poking it until it either returnedto its previous state, or reached a high probability of having returned to its previous state? Folks could play the numbers gameand interfere with the quantum until they're more likely than not to have returned it to its previous state. I'd imagine empiricaldata would give you the likely sequence of events needed to return quanta back to its previous state*.
* at least for any given single attribute, or perhaps subset of total attributes, since security systems will likely onlylook at a subset of a particle's total attributes to determine whether it's been messed with.
On an entirely different point, from the phys.org article:"In the distribution stage, the quantum signatures are converted to classical information through quantum measurements, but they still retain the same level of security guaranteed by quantum mechanics."
I see this conversion process to be a major point of attack. A MITM during this conversion would defeat any security inherentin the quantum component (i.e., the "distribution" phase).
The quantum guarantees are based on the fact that you cannot measure an unknown quantum state without disturbing it. That is, if somebody would try to eavesdrop your quantum messages, you'd notice it. Given that the quantum communication is always just used to generate one-time pads, being able to detect eavesdropping means that you can avoid using OTPs which are known to the attacker.
Having said that, the security of course also depends on the attacker not being able to learn about your code any other way nor getting control of the output of your device (for example, there have been attacks on quantum encryption devices where an extra laser was used to find out the orientation of polarizators, or to blind the detectors with strong lasers and make them output whatever the attacker wanted.
As always, any scheme is only as secure as the weakest link. And that weakest link may well be the hardware which runs the quantum protocol.