A 300-km fully-connected quantum secure direct communication network

Both QKD and QSDC are vulnerable to man-in-the-middle attacks. It doesn't allow eavesdroppers, but that is not the same thing. An eavesdropper simply sniffs the packets of information transmitting between two nodes. A man-in-the-middle attack sets up two nodes in a network, let's call them X and Y, and then if A and B want to communicate, then they have X pretend to be B and Y pretend to be A, so A and B talk to X and Y and think they are talking to A and B.

You then perform either QKD or QSDC twice between nodes X and A and Y and B, which are both valid implementations of the protocol as B would expect the data to become readable at Y because they falsely think Y is A, and A would expect the data to become readable at X because they falsely think X is B. This, however, allows for the data to pass through in a completely readable form between nodes X and Y, which the man-in-the-middle could then read it at those points.

It is sort of like if I took your computer and then pretended to be you. It doesn't matter how good the encryption algorithm is, if everyone thinks I am you, they will send me information meant for you in a way that they intend for it to be readable when I receive it. A man-in-the-middle attack doesn't really exploit a flaw in the algorithm itself, but a flaw in who the algorithm is intended for / directed at. Even classical algorithms have the same problem, you can defeat Diffie-Hellman with a man-in-the-middle attack as well.

You can only solve it through public key infrastructure. My biggest issue with the "quantum internet" is that I've seen very little in the way of scalable quantum PKI. The only algorithm I've seen is fundamentally not scalable because the public keys are all consumable. If the intention really is to replace the whole internet, that's kind of a big requirement. But if the intention is just small-scale secure communication like for internal government stuff, that's not as big of an issue.

9 comments

Cool, what does this mean? Fasterer internet in 10 years or instant Jupiter-Earth internet next year?
- Definitely not the latter and probably neither (i mean, yeah, the internet will be faster in ten years but not necessarily because of this). What this means is more secure encrypted communications which is not just about national security or privacy, it has economic implications because of how electronic financial transfers are conducted.
- Neither, this is using quantum effects for ensuring private communication. The technique allows ensuring there is no man in the middle attack.
  
  Both QKD and QSDC are vulnerable to man-in-the-middle attacks. It doesn't allow eavesdroppers, but that is not the same thing. An eavesdropper simply sniffs the packets of information transmitting between two nodes. A man-in-the-middle attack sets up two nodes in a network, let's call them X and Y, and then if A and B want to communicate, then they have X pretend to be B and Y pretend to be A, so A and B talk to X and Y and think they are talking to A and B.
  You then perform either QKD or QSDC twice between nodes X and A and Y and B, which are both valid implementations of the protocol as B would expect the data to become readable at Y because they falsely think Y is A, and A would expect the data to become readable at X because they falsely think X is B. This, however, allows for the data to pass through in a completely readable form between nodes X and Y, which the man-in-the-middle could then read it at those points.
  It is sort of like if I took your computer and then pretended to be you. It doesn't matter how good the encryption algorithm is, if everyone thinks I am you, they will send me information meant for you in a way that they intend for it to be readable when I receive it. A man-in-the-middle attack doesn't really exploit a flaw in the algorithm itself, but a flaw in who the algorithm is intended for / directed at. Even classical algorithms have the same problem, you can defeat Diffie-Hellman with a man-in-the-middle attack as well.
  You can only solve it through public key infrastructure. My biggest issue with the "quantum internet" is that I've seen very little in the way of scalable quantum PKI. The only algorithm I've seen is fundamentally not scalable because the public keys are all consumable. If the intention really is to replace the whole internet, that's kind of a big requirement. But if the intention is just small-scale secure communication like for internal government stuff, that's not as big of an issue.