“With this security hole, it’s possible to eavesdrop on traffic without being detected. We discovered this in our theoretical calculations, and our colleagues in Stockholm were subsequently able to demonstrate it experimentally,” says Jan-Åke Larsson, professor at Linköping University’s Division of Information Coding.

Professor Mohamed Bourennane and his colleagues have shown that quantum cryptography is possible to hack.

Quantum cryptography, a technology commercially available today, is considered a completely safe method for information transfer. Theoretically it should be impossible to crack. Many research groups around the world are working to make quantum cryptography resistant to various types of disturbance, and so far it has been possible to handle the disturbance that has been detected.

“Quantum cryptography is completely secure in theory, but you have to be careful when you use it, says Mohamed Bourennane, professor at Stockholm University’s Quantum Information and Quantum Optics Group.

Can be hacked – both in theory and in practice

The energy-time entanglement technology for quantum encryption studied here is based on testing the connection at the same time as the encryption key is created. Two photons are sent out at exactly the same time in different directions. At both ends of the connection is an interferometer where a small phase shift is added. This provides the interference that is used to compare similarities in the data from the two stations. If the photon stream is being eavesdropped there will be noise, and this can be revealed using a theorem from quantum mechanics – Bell's inequality.

On the other hand if the connection is secure and free from noise, you can use the remaining data, or photons, as an encryption key to protect your message.

Quantum cryptography possible to improve

The researchers at Linköping University have – in their theoretical models – seen that if the photon source is replaced with a traditional light source, an eavesdropper can identify the key, the code string. Consequently they can also read the message without detection. The security test, which is based on Bell's inequality, does not react – even though an attack is underway.

Mohamed Bourennane and his two postgraduate students at the Department of Physics, Stockholm University have subsequently in practical experiments been able to demonstrate that it is perfectly possible to replace the light source and thus also eavesdrop on the message.

But this problem can also be solved:

“In the article we have also shown how to improve quantum cryptography and make it more secure”, Mohamed Bourennane says.

The article has been published in Science Advances, a highly respected journal with open access.


Hacking the Bell Test Using Classical Light in Energy-Time Entanglement-Based Quantum Key Distribution, J Jogenfors, A M Elhassan, J Ahrens, M Bourennane and J-Å Larsson, Science Advances 2015, DOI 10.1126/sciadv.1500793