| How QSA works: (a) In classical authentication of an optical un-clonable physical key, a “challenge wavefront” of sufficient complexity is sent to the key. The “response wavefront” is compared with those stored in a database (yellow) to make a pass (green) or fail (red) decision. However, this verification can be spoofed by an emulation attack (b) in which the challenge wavefront is completely determined and the expected response is constructed by the adversary who knows the challenge–response behavior of the key. (c) In QSA, the challenge is a quantum state for which an emulation attack (d) fails because the adversary cannot determine the quantum state, and, hence, any attempt to generate the correct response will fail. |
