Notes on Recent Approaches Concerning the Kirchhoff-Law-Johnson-Noise-based Secure Key Exchange

We critically analyze the results and claims in [Physics Letters A 373 (2009) 901-904]. We show that the strong security leak appeared in the simulations is only an artifact and not caused by “multiple reflections”. Since no wave modes exist at cable length of 5% of the shortest wavelength of the signal, no wave is present to reflect it. In the high wave impedance limit, the conditions used in the simulations are heavily unphysical (requiring cable diameters up to 28000 times greater than the measured size of the known universe) and the results are modeling artifacts due to the unphysical values. At the low cable impedance limit, the observed artifacts are due to violating the recommended (and tested) conditions by neglecting the cable capacitance restrictions and using about 100 times longer cable than recommended without cable capacitance compensation arrangement. We implement and analyze the general circuitry of Liu’s circulator and confirm that they are conceptually secure against passive attacks. We introduce an asymmetric, more robust version without feedback loop. Then we crack all these systems by an active attack: a circulator-based man-in-the middle attack. Finally, we analyze the proposed method to increase security by dropping only high-risk bits. We point out the differences between different types of high-risk bits and show the shortage of this strategy for some simple key exchange protocols.

💡 Research Summary

The paper provides a thorough critique of recent claims concerning the security of Kirchhoff‑Law‑Johnson‑Noise (KLJN) based key exchange and of Liu’s circulator‑based variants. It begins by revisiting the “multiple reflections” argument presented in the 2009 Physics Letters A article, demonstrating that under the simulation conditions the cable length is only 5 % of the shortest wavelength of the noise signal. In this regime no propagating wave modes exist, so physical reflections cannot occur. The apparent voltage fluctuations observed in the original simulations are therefore identified as numerical artifacts arising from inappropriate boundary conditions rather than genuine electromagnetic phenomena.

In the high‑impedance regime the authors point out that the simulations used cable impedances on the order of tens of kilohms. To achieve such impedances with realistic conductor materials would require a cable diameter roughly 28 000 times larger than the observable universe, an obviously unphysical assumption. Consequently, the security “leak” reported for high‑impedance cables is a modeling artifact caused by the use of impossible parameter values.

The low‑impedance case is examined next. Here the simulations ignored the cable’s shunt capacitance and employed cables about one hundred times longer than the length recommended for KLJN operation without any capacitance‑compensation network. The KLJN protocol assumes that the line capacitance is small enough not to distort the Johnson‑noise spectrum; when this condition is violated the noise power at each end becomes asymmetric, allowing an eavesdropper to infer the resistance configuration and thus the secret bit. The authors therefore attribute the observed security degradation to a breach of the protocol’s design constraints rather than to a fundamental flaw in the KLJN principle.

The paper then turns to Liu’s circulator circuit. By reconstructing the full circuit diagram, the authors verify that the original symmetric design with a feedback loop is theoretically secure against passive attacks: an eavesdropper measuring only voltages and currents cannot distinguish the two possible resistance states because the circulator enforces a balanced noise exchange. The authors propose an asymmetric variant that removes the feedback loop, simplifying implementation while preserving passive security.

However, the authors demonstrate that both the original and the asymmetric circulator schemes are vulnerable to an active, circulator‑based man‑in‑the‑middle (MITM) attack. The attacker inserts two identical circulators between the legitimate parties, injects his own noise sources, and adjusts them so that each side observes the expected noise statistics. From the attacker’s perspective the key exchange proceeds normally, but the secret bits are actually generated under the attacker’s control, completely breaking the claimed unconditional security. This attack works regardless of whether a feedback loop is present, showing that the circulator architecture does not inherently protect against active tampering.

Finally, the authors evaluate the strategy of discarding “high‑risk bits” – bits that appear to be more vulnerable because of large voltage differences or other anomalies. They distinguish several classes of high‑risk bits (those caused by impedance mismatch, excessive line capacitance, temperature drift, etc.) and argue that a simple post‑selection rule cannot reliably identify all of them. Moreover, in protocols that already incorporate error‑correction and privacy‑amplification, discarding bits reduces key rate without providing additional security against the active MITM attack described earlier.

In summary, the paper concludes that the apparent security weaknesses reported in earlier KLJN simulations are artifacts of unrealistic modeling choices. When the protocol is implemented within its prescribed physical limits (short cables, proper capacitance compensation), KLJN remains secure against passive eavesdropping. Nevertheless, both KLJN and Liu’s circulator‑based schemes are vulnerable to active attacks that exploit the physical layer, and simple countermeasures such as high‑risk‑bit removal are insufficient. Future work must therefore focus on realistic hardware constraints, robust capacitance‑compensation techniques, and active‑attack detection mechanisms to achieve truly unconditional security in practical noise‑based key exchange systems.