Google Play icon

Attack on classical cryptography system raises security questions

Share
Posted December 18, 2014

How secure is completely secure? In the world of secure communication, a scheme may be completely secure until it’s not—that is, until an attack is proposed that reveals a weak spot in the scheme. This is what’s currently going on for Kish key distribution (KKD), which claims to derive total and unconditional security using classical rather than quantum techniques, thus avoiding the complexity and expense of quantum cryptographic schemes. But now a new paper has uncovered a vulnerability in KKD that enables an eavesdropper to correctly determine more than 99.9% of the transmitted bits. Fortunately, countermeasures may exist to protect against this attack and regain the system’s security.

kkd attack

In the Kish key distribution (KKD) system, the two resistance values represent the states of an information bit. A cryptographic key is transmitted along the wire by randomly switching between the two resistance values, which can be detected by the sender and receiver via their thermal noise on the line. Since no net power flows through the line, the only way that an eavesdropper can measure the resistance values is by injecting current into the wire and measuring the voltage and current changes in each direction, but the extra current would be quickly noticed. Credit: Gunn, et al. ©2014 Nature Scientific Reports

“The worthiness of a cryptographic scheme is measured by the number of papers that try to attack it,” Derek Abbott, Professor at The University of Adelaide in Australia and coauthor of the new paper, told Phys.org. Abbott and coauthors Lachlan J. Gunn and Andrew Allison have published their paper in a recent issue of Nature’s Scientific Reports.

Read more at: Phys.org

Featured news from related categories:

Technology Org App
Google Play icon
83,222 science & technology articles