In the BB84 QKD or similar protocol, we know that eavesdropping or interception during secret key generation can be detected, prompting both parties to discard the transaction and attempt a new one. However, what if, as a hacker, my goal is to continuously intercept their communication, preventing them from ever successfully generating a secret key? Wouldn't this result in a denial-of-service (DoS) attack? And what fallback methods are available in such a situation apart from switching back to existing asymmetric encryption?
Asked
Active
Viewed 84 times
1 Answers
2
There's nothing that prevents you from doing such an attack. At the end of the day, it all depends on what you allow the adversary to do.
Think about a key exchange in the classical setting: what does prevent Eve to modify all messages? Sure, you can have integrity, but it doesn't mean Eve can't modify the messages, only that such modifications will be detected, resulting in a DoS attack.
There's nothing you can really do to prevent this. In QKD, you're only really interested about two things:
- if there's no adversary, under a reasonable noise model, do Alice and Bob end up with the same key?
- if there's an adversary and Alice and Bob exchange a key, what information does Eve have about the key?
If both these questions have satisfactory answers, your protocol is secure according to the state-of-the-art definitions (that is, Renner's model).
Tristan Nemoz
- 8,429
- 3
- 11
- 39