Hackers have performed the first 'invisible' attack on two commercial quantum cryptographic systems.
They have fully cracked their encryption keys using lasers on the systems, without leaving any trace of the hack.
Quantum cryptography is based on the principle that you cannot make measurements of a quantum system without disturbing it.
"Our hack gave 100 percent knowledge of the key, with zero disturbance to the system," Nature quoted Vadim Makarov at the Norwegian University of Science and Technology, as saying.
Makarov and his team have demonstrated that the hack works on two commercially available systems: one sold by ID Quantique, based in Geneva, Switzerland, and one by MagiQ Technologies, based in Boston, Massachusetts.
In standard quantum cryptographic techniques, the sender -- called 'Alice' for convenience -- generates a secret key by encoding classical bit values of 0 and 1 using two different quantum states of photons, or particles of light.
The receiver, 'Bob', reads off these bit values using a detector that measures the quantum state of incoming photons. In theory, an eavesdropper, 'Eve', will disturb the properties of these photons before they reach Bob, so that if Alice and Bob compare parts of their key, they will notice a mismatch.
In Makarov and colleagues' hack, Eve gets round this constraint by 'blinding' Bob's detector -- shining a continuous, 1 -- milliwatt laser at it. While Bob''s detector is thus disabled, Eve can then intercept Alice''s signal.
The cunning part is that while blinded, Bob's detector cannot function as a 'quantum detector' that distinguishes between different quantum states of incoming light.
However, it does still work as a 'classical detector' -- recording a bit value of 1 if it is hit by an additional bright light pulse, regardless of the quantum properties of that pulse.
"We provide open systems for researchers to play with and we are glad they are doing it," said Anton Zavriyev, director of research and development at MagiQ.
Makarov agrees that the hack should not make people lose confidence in quantum cryptography.
"Our work will ultimately make these systems stronger. If you want state-of-the-art security, quantum cryptography is still the best place to go," he said.
The research is published online in Nature Phototonics on Monday.
The Best Business Specials