Vulnerability in quantum crypto products

Team of European researchers has demonstrated that commercial implementations of quantum key distribution (QKD) are subject to eavesdropping. Quantum key distribution uses the quantum state of individual photons for the exchange of data.

Each photon properly detected conveys a single bit of data, which in theory cannot be read without detection. The researchers presented that the detectors in two QKD systems can be fully remote-controlled using specially tailored bright illumination. They wrote that the vulnerability they exploited is likely to be present in most QKD systems because their photon detectors can be spoofed using a bright laser. However, a scientist from NIST (National Institute of Standards and Technology) institute disputed their conclusion, saying that attack can be prevented. This type of attack is not new, and is based on the idea of a man-in-the-middle attackin which the eavesdropper intercepts information and then passes it along to the intended recipient. The whole story can be found on gcn web site.