[14265] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: Can Eve repeat?

daemon@ATHENA.MIT.EDU (Greg Troxel)
Wed Sep 24 11:58:51 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: iang@systemics.com
Cc: cryptography@metzdowd.com
From: Greg Troxel <gdt@ir.bbn.com>
Date: 24 Sep 2003 08:34:57 -0400
In-Reply-To: <3F6C85C5.520EE398@systemics.com>

  I'm curious on one point of terminology - my understanding
  of the term "EVE" was that she could not be active, and
  could not repeat.  Is this defined anywhere?

In Quantum Cryptography, Eve is allowed to not only observe, but also
transmit (in the quantum world observing modifies state, so the notion
of read only doesn't make sense).  Also, Eve is typically accorded
unlimited computational power.

So, you can think of the QC Eve as the classical Mallory with infinite
CPU.

A consequence of the infinite CPU assumption is that ciphers like AES,
hash functions like SHA-1, etc. are all considered useless by the
purist QC community.  Thus, people talk about doing authentication
with families of universal hash functions.  This has the practical
problem that the original (courier-transported) secret keying material
for authentication is used up, and the typical scheme talked about is
using some of the agreed-upon QKD bits to replenish the authentication
keying material.  This does not seem very robust.  Note that the press
release completely ignored all of these hard problems :-)

-- 
        Greg Troxel <gdt@ir.bbn.com>

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post