As it is well known that QKD systems are prone to simple MITM attacks… what authentication techniques are being used in QKD to prevent those attacks in practice?
Asked
Active
Viewed 722 times
7
-
2If you have a shared secret, you can use universal hashing. – CodesInChaos Oct 20 '12 at 16:29
-
yeah I was just reading about this , are there practical implementations of universal hashing ? – sashank Oct 20 '12 at 17:15
-
1GMAC and Poly1305 – CodesInChaos Oct 20 '12 at 17:23
1 Answers
7
The standard answer in the research literature is to use information-theoretically secure message authentication codes, typically universal hashing (aka Carter-Wegman authenticators). Of course, you could use computationally-secure message authentication codes, like CMAC or HMAC, if you wanted, though that would partly defeat one of the reasons for using QKD.
That said, in practice QKD is a bit silly. QKD solves a problem that most people don't have, so it is basically a fancy useless toy (albeit a very expensive one). If you're considering using QKD in some practical deployment, my advice is: skip the QKD, and just use a TLS or IPSec VPN. There, I saved you $50,000; don't spend it all in one place!
D.W.
- 36,365
- 13
- 102
- 187
-
D.W , Yes agree very much with you, am kinda working on a write up , "QKD Is cryptographic baloney" , so was getting as much info as possible to support. – sashank Oct 22 '12 at 14:38
-
1