On the security of key distribution based on Johnson-Nyquist noise
This work addresses security flaws in noise-based key distribution protocols, which is important for cryptography researchers and practitioners, but it is incremental as it builds on existing critiques and extends analysis.
The paper critiques the security of Kish's noise-based cryptographic protocol, showing that its security arguments rely on an unphysical limit and that classical electromagnetic protocols cannot establish a secret key under perfect eavesdropper monitoring, but notes that such protocols can be secure in practice against eavesdroppers with noisy equipment.
We point out that arguments for the security of Kish's noise-based cryptographic protocol have relied on an unphysical no-wave limit, which if taken seriously would prevent any correlation from developing between the users. We introduce a noiseless version of the protocol, also having illusory security in the no-wave limit, to show that noise and thermodynamics play no essential role. Then we prove generally that classical electromagnetic protocols cannot establish a secret key between two parties separated by a spacetime region perfectly monitored by an eavesdropper. We note that the original protocol of Kish is vulnerable to passive time-correlation attacks even in the quasi-static limit. Finally we show that protocols of this type can be secure in practice against an eavesdropper with noisy monitoring equipment. In this case the security is a straightforward consequence of Maurer and Wolf's discovery that key can be distilled by public discussion from correlated random variables in a wide range of situations where the eavesdropper's noise is at least partly independent from the users' noise.