Re:Forget Quantum - How can you beat Tempest (Score 1)

As you can see from the replies above Quantum security if venerable to Man-In-the Middle attacks where you think your talking to one person but your actually not.

this point is false, quantum cryptography is NOT vulnerable to Man-In-the Middle. Here is why.

In quantum cryptography, you have 2 channels for the quantum key distribution. First a quantum one where you encode information in quantum state of singles photons. This is the channel used to transmit the key. You also need a second (classical and public) channel for the exchange of the basis (look how BB84 works). In real life quantum crypto the quantum channel is affected by noise. So the classical channel is also used to perform error correction and a step called 'privacy amplification' where eve information is reduced.

The quantum channel doesnt need to be authenticated. Because if Eve do a man-in-the-middle in this channel, Alice and Bob will share a completely uncorrelated key after the error correction. (And after error correction they learns about the quantum bit error rate).

To do a successful man-in-the-middle attack, Eve must do a man-in-the-middle in the quantum channel AND in the classical channel. But the classical channel can be authenticated. We already know a perfect authentication protocol: the security of the Wegman-Carter authentication sheme is unconditional and independant of the calculation power of Eve. Finally, sure Alice and Bob need an initial authentication. This is done for example with an initial hardcoded value in both Alice and Bob devices.

I hope it will be clear now Quantum Key Distribution is secure against Man-In-The-Middle attacks. If not, there is a some papers around about security of QDK which explains the authentication problem more in depth.