A Quick Glance at Quantum Cryptography

1
A Quick Glance at Quantum Cryptography

• Samuel J. Lomonaco, Jr.

Presented By Stuart Ford
Cryptologia, Volume XXIII, Number 1, 1999
2
Overview

• Classic Cryptosystems
• Key Problems
• Quantum Cryptology
• Heisenberg and Youngs Slits
• BB84
• B92
• EPR

3
Classic Cryptosystems
4
Key Problems

• There are perfectly good ways to communicate in
  secret, provided we can communicate in secret
  (Catch 22)
• Alice needs to determine with certainty that she
  is actually talking to Bob, and not to an
  imposter such as Eve. (Authentication)
• Alice needs a means of determining whether or not
  Eve is eavesdropping. (Intrusion Detection)

5
Public Key Cryptosystems

• Computationally Secure
• RSA, AES, etc
• Provide for Authentication
• Partially Solve the Catch 22 Problem
• Central Key Bank
• Still No Intrusion Detection

6
Quantum Cryptosystems
7
Heisenbergs Uncertainty Principle

• A limitation on what can be observed
• Youngs Two Slit Experiment

• Intrusion Detection!

8
BB84 Protocol without Noise

• Use two quantum alphabets with incompatible basis

Vertical/Horizontal (V/H) Basis
Oblique Basis
9
Stage 1 Protocol Quantum Channel

• Step 1.
• Alice generate random sequence for key
  construction.
• Step 2.
• She then randomly choose a quantum alphabet for
  each key bit.
• Alice transmits the polarized photons to Bob.
• Step 3.
• Bob picks a quantum alphabet at random to measure
  the bits.
• 50 of the time he will use the correct alphabet.
• 50 of the other time the his measurements will
  agree with Alices.

10
BB84
11
Stage 2 Protocol Public Channel

• Phase 1 Raw Key Extraction
• Step 1.
• Bob tells Alice which alphabet he used for each
  measurement.
• Step 2.
• Alice tells Bob which ones were correct.
• Step 3.
• Alice and Bob delete all bits that used
  incompatible quantum alphabets, producing a raw
  key.
• If there has been no eavesdropping, the raw keys
  should be the same.

• Phase 2
• Step 1.
• Alice and Bob compare small sections of the raw
  keys and delete these bits afterwards.
• Generate an estimate of error-rate R.
• If R 0, no eavesdropping
• If R gt 0, eavesdropping has occurred and they
  should restart the entire process.

12
BB84
13
BB84 Protocol with Noise

• Bob cannot distinguish between environment noise
  and Eve.
• Therefore he must assume that all noise is from
  Eves intrusion.
• The raw key is only partially secret now.
• A method called Privacy Amplification is used to
  extract a smaller secret key from the larger
  partially secret key.

14
Stage 1 Protocol Quantum Channel

• Exactly the same as before.
• Step 1.
• Generate random sequence for key construction.
• Step 2.
• Randomly choose a quantum alphabet for each key
  bit.
• Transmit polarized photons
• Step 3.
• Receiver picks a quantum alphabet at random to
  measure the bits.
• 50 of the time he will use the correct alphabet.
• 50 of the other time the his measurements will
  agree with the senders.

15
Stage 2 Protocol Public Channel

• The same except now Bob and Alice delete bit
  locations that didnt come through the channel.
• Phase 1 Raw Key Extraction
• Step 1.
• Bob tells Alice which alphabet he used for each
  measurement.
• Step 2.
• Alice tells Bob which ones were correct.
• Step 3.
• Alice and Bob delete all bits that used
  incompatible quantum alphabets, producing a raw
  key.
• If there has been no eavesdropping, the raw keys
  should be the same.

• Phase 2
• Step 1.
• Alice and Bob compare small sections of the raw
  keys and delete these bits afterwards.
• Generate an estimate of error-rate R.
• If R exceeds a certain threshold, Rmax, then
  privacy amplification cannot occur.
• If R is less than Rmax, then Alice and Bob can
  continue.

• Phase 3 Remove all errors to produce common
  error-free key (Reconciled Key).
• Step 1.
• Alice and Bob agree on a permutation and apply
  it.
• Partion key into blocks of length L such that a
  block of length L is unlikely to have more than
  one error.
• Compare parity checks, discarding last bit of
  block each time.
• When parity check doesnt agree, do a binary
  search for the error.
• Repeat step 1 until you are tired.

• Phase 3 Remove all errors to produce common
  error-free key (Reconciled Key).
• Step 2.
• Alice and Bob select subsets of the remaining
  key, and compare parities, discarding an agreed
  upon bit each time.
• Use binary search from step 1 if parities do not
  agree.
• After some number of N consecutive error-free
  rounds of step 2, Alice and Bob can assume that
  this reconciled key, to a high probability, is
  without error.

• Phase 4 Privacy Amplification
• Step 1.
• Alice and Bob compute from the error-rate R an
  upper bound k of the number of bits of reconciled
  key known to Eve.
• Let n denote the length of the reconciled key,
  and s be a security parameter.
• Step 2.
• Alice and Bob select n k s random subsets of
  the key.
• The parities of these subsets become the final
  secret key.
• Eves average information about this final secret
  key is less than 2-s/ln 2 bits.

16
B92 Protocol

• Very similar to BB84 except only one quantum
  alphabet is used.
• Bob uses a positive operator valued measure
  (POVM) receiver to make the measurements.
• Eve is detected through unusual error rates in
  Bobs raw key.

17
EPR Protocols

• Described by Einstein, Podosky, and Rosen (EPR)
  in a 1935 paper.
• Spatially separated pairs of particles, EPR
  pairs, with the property that a measurement of
  one observable automatically determines the
  result of the measurement of the other particle.

18
EPR Quantum Protocol

• 3-state protocol
• Ex. Polarization states of an EPR photon pair

19
EPR Quantum Protocol

• For these states there are corresponding mutually
  non-orthogonal alphabets, A0, A1, A2

• Measurement Operators for these alphabets

20
Stage 1 Communication over a Quantum Channel

• For each time slot, a state is randomly select
  with equal probability from the set of states.
• An EPR pair is created in this state.
• One photon is sent to Alice, the other to Bob
• Alice and Bob randomly and individually select a
  measurement operator and measure their photon.
• Alice records her measured bit.
• Bob records the compliment of his measured bit.

21
Stage 2 Communication over a Public Channel

• Phase 1
• Alice and Bob determine which slots they used
  measurement operator for.
• They each separate their sequence into two
  subsequences a raw key containing the bit slots
  that matched measurement operators, and a
  rejected key containing all the rest of the bit
  slots.

• Phase 2
• Instead of throwing away the rejected key, use it
  to detect Eve.
• Alice and Bob use their rejected keys to figure
  out if Bells inequality has been satisfied
  (quantum mechanics does not satisfy the
  inequality)
• If it is satisfied, Eve has been detected.
• If not, Eve is not there.

• Phase 3
• If there is noise, use same procedure described
  in BB84 and B92 protocols.

22
Conclusions

• Quantum Cryptography provides intrusion detection
• When quantum computing arrives traditional
  cryptosystems will be computationally feasible.
• EPR protocols hold greatest potential for quantum
  cryptography but are also the furthest away.
• May eventually provide ultimate security

23
Further Work

• Physical Implementation
• Single-quantum emitting devices
• Better error detection and correction
• Protect against offensive crypto attacks using
  quantum mechanics

24
References

• Lomonaco, Samuel J., Jr. A Quick Glance at
  Quantum Cryptography. Cryptologia. 23, 1.
  1999.
• Lomonaco, Samuel J., Jr. A Talk on Quantum
  Cryptography or How Alice Outwits Eve. 8 May.
  lthttp//www.cs.umbc.edu/lomonaco/qcryptotalk/Cryp
  toDrama.pdfgt
• All graphics taken from A Talk on Quantum
  Cryptography.

25
Questions?