Quantum Cryptography - PowerPoint PPT Presentation

1 / 44
About This Presentation
Title:

Quantum Cryptography

Description:

Cryptography is the art of rendering a message unintelligible to any unauthorized party ... proposed by Charles H. Bennett and Gilles Brassard in 1984 ... – PowerPoint PPT presentation

Number of Views:130
Avg rating:3.0/5.0
Slides: 45
Provided by: par87
Category:

less

Transcript and Presenter's Notes

Title: Quantum Cryptography


1
Quantum Cryptography
  • Cryptography
  • Quantum Key Distribution

2
Main Point
  • Cryptography
  • Quantum Key Distribution
  • BB84
  • continuous
  • Security
  • Attack model
  • Information

3
Introduction
  • What is Cryptography?
  • Cryptography is the art of rendering a message
    unintelligible to any unauthorized party
  • dkssudgktpdy
  • ?????(Korean)
  • It is part of the broader field of cryptology,
    which also includes cryptoanalysis, the art of
    code breaking

4
Introduction
  • Why do we need cryptography?
  • Suppose Mark want to send a secret message to his
    girl friend over an insecure channel!

I could know what you said!
5
Cryptography
  • Key Whats key?
  • Encryption combine a message with some
    additional information - known as the key and
    produce a cryptogram.
  • Decryption combine a cryptogram with some
    additional information - known as the key and
    produce a message.

6
Cryptography
  • Asymmetrical(public-key) cryptosystem
  • Symmetrical(secret-key) cryptosystem

7
Cryptography
  • Asymmetrical(public-key) cryptosystem
  • ElGamal Cryptosystem
  • Elliptic curve Cryptosystem
  • The Merkle-Hellman Knapsack Cryptosystem
  • RSA(Ronald Rivest, Adi Shamir,Leonard Adleman)
  • etc..

8
Cryptography
  • RSA(Ronald Rivest, Adi Shamir,Leonard Adleman)
  • If Bob wants to be able to receive messages
    encrypted with a public key cryptosystem, he must
    first choose a "private" key, which he keeps
    secret. Then, he computes from this private key a
    "public" key, which he discloses to any
    interested party. Alice uses this public key to
    encrypt her message. She transmits the encrypted
    message to Bob, who decrypts it with the private
    key

9
Cryptography
  • RSA(Ronald Rivest, Adi Shamir,Leonard Adleman)
  • Big Prime number factorization is so difficult
    problem
  • Public-key cryptosystems are convenient and they
    have thus become very popular over the last 20
    years
  • What is problem?
  • Not proven security
  • Shors algorithm

10
Cryptography
  • Symmetrical(secret-key) cryptosystem
  • Block type
  • DES
  • AES
  • etc..
  • Stream type
  • LFSR
  • One-time pad
  • etc..

11
Cryptography
  • One-time pad
  • first proposed by Gilbert Vernam in 1926
  • This cryptosystem is thus provably secure in the
    sense of information theory (Shannon 1949)
  • Actually, this is today the only provably secure
    cryptosystem
  • What is problem?
  • Difficult to implementation

12
Cryptography
  • One-time pad

Difficult to implementation
00101000..

Secret channel
01000101..
01000101..


01101101..
01101101..
Classical channel

00101000..
13
Quantum Key Distribution
  • sending a secret key by using the laws of
    physics to warrant the complete security of the
    transmission
  • Discrete variable
  • BB84
  • B92
  • Etc..
  • Continuous variable
  • Squeezed state
  • Gaussian distribution
  • Quantum Physics
  • Principle of Complementary
  • Heisenberg Uncertainty Principle
  • Correspondence Principle
  • etc..

14
Quantum Key Distribution
15
Quantum Key Distribution
  • BB84
  • proposed by Charles H. Bennett and Gilles
    Brassard in 1984
  • Two state( 0gt, 1gt), but four bases(0,Vgt,
    1,Hgt, 0,Lgt, 1,Rgt)
  • Bases with such a property are called conjugate
    gt Unpredictable

16
Quantum Key Distribution
  • BB84(Protocol)
  • Alice sends random bits (0 or 1) encoded in two
    2 different basis
  • Bob randomly chooses either the or the
    basis and records the transmitted and reflected
    photons
  • Bob announces openly his choice of basis (but not
    the result!) and Alice answers ok or no. Bits
    with different basis are discarded
  • The remaining bits give the secret key

17
Quantum Key Distribution
  • BB84(without Eve, no noise)

18
Quantum Key Distribution
  • Attack model
  • Intercept-resend model (opaque eavesdropping)
  • Error rate
  • Coherent or joint
  • Optimal individual
  • Collective

19
Quantum Key Distribution
  • BB84(with Eve, no noise)

20
Quantum Key Distribution
  • BB84(with Eve, no noise)
  • Raw key extraction
  • Over the public channel, Bob communicates to
    Alice which quantum alphabet he used for each of
    his measurements
  • Alice and Bob then delete all bits for which they
    used incompatible quantum alphabets to produce
    their resulting raw keys
  • Error estimation
  • Over the public channel, Alice and Bob compare
    small portions of their raw keys to estimate the
    error-rate R, and then delete the disclosed bits
    from their raw keys to produce their tentative
    final keys

21
Quantum Key Distribution
  • BB84(with Eve, no noise)
  • If one guesses correctly, then Alices
    transmitted bit is received with probability 1.
    On the other hand, if one guesses incorrectly,
    then Alices transmitted bit is received
    correctly with probability 1/2 . Thus in general,
    the probability of correctly receiving Alices
    transmitted bit is

22
Quantum Key Distribution
  • BB84(with Eve, no noise)
  • If there is no intrusion, then Alices and Bobs
    raw keys will be in total agreement. However, if
    Eve has been at work, then corresponding bits of
    Alices and Bobs raw keys will not agree with
    probability

23
Quantum Key Distribution
  • BB84(with Eve, with noise)
  • We must assume that Bobs raw key is noisy
  • Since Bob can not distinguish between errors
    caused by noise and by those caused by Eves
    intrusion, the only practical working assumption
    he can adopt is that all errors are caused by
    Eves eavesdropping
  • Under this working assumption, Eve is always
    assumed to have some information about bits
    transmitted from Alice to Bob. Thus, raw key is
    always only partially secret

24
Quantum Key Distribution
  • BB84(with Eve, with noise)
  • Over the public channel, Alice and Bob compare
    small portions of their raw keys to estimate the
    error-rate R, and then delete the disclosed bits
    from their raw key to produce their tentative
    final keys. If R exceeds a certain threshold
    , then privacy amplification is not possible If
    so, Alice and Bob return to stage 1 to start
    over. On the other hand, if , then
    Alice and Bob proceed to Reconciliation

25
Quantum Key Distribution
  • Reconciliation Key
  • Alice and Bob publically agree upon a random
    permutation, and apply it to what remains of
    their respective raw keys
  • Alice and Bob partition the remnant raw key into
    blocks of length L
  • For each of these blocks, Alice and Bob
    publically compare overall parity checks, making
    sure each time to discard the last bit of each
    compared block

26
Quantum Key Distribution
  • Privacy amplification
  • Alice and Bob compute from the error-rate R an
    upper bound k of the number of bits of reconciled
    key known by Eve
  • Alice and Bob publically select n-k-s random
    subsets of reconciled key, without revealing
    their contents. The undisclosed parities of these
    subsets become the final secret key

27
Quantum Key Distribution
  • BB84(with noise)

28
Quantum Key Distribution
  • Security by Information theory
  • I. Csiszar, and J. Korner, IEEE Trans. Inf.
    Theory, 24, 330 (1978)
  • Alice and Bob can establish a secret key (using
    error correction and privacy amplification) if
    and only if

29
Quantum Key Distribution
  • Security by Information theory
  • Shannons formula

30
Quantum Key Distribution
  • Security by Information theory
  • A Generic Security Proof for Quantum Key
    Distribution by M. Christandl et al,
    quant-ph/0402131
  • Shannons formula
  • Von Neumanns formula (Quantum information)
  • Key Rate R

31
Quantum Key Distribution
  • Where is quantum?
  • Measurement
  • every measurement perturbs a system
  • No-cloning theorem
  • It is impossible to copy an arbitrary quantum
    state chosen among a set of non-orthogonal states

32
Quantum Key Distribution
  • Experiment
  • Experimental Quantum Cryptography (C.Bennett et
    al, J.Cryptology 5, 3-28, 1992)
  • etc..
  • What is problem?
  • Photon Generation
  • Reliable?

33
Quantum Key Distribution
  • Essential feature quantum channel with
    non-commuting quantum observables
  • not restricted to single photon polarization!
  • New QKD protocol where
  • The non-commuting observables are the quadrature
    operators X and P
  • i.e. continuous variable

34
Quantum Key Distribution
  • Quantum cryptography with Squeezed states(Mark
    Hillery, PRA, 61, 022309)
  • Quantum distribution of Gaussian keys using
    squeezed states(N.J.Cerf et al, PRA, 63, 052311)
  • The non-commuting observables are the quadrature
    operators X and P

35
Quantum Key Distribution
  • Using Squeezed state
  • The non-commuting observables are the quadrature
    operators X and P
  • Reconciliation(sliced)
  • Privacy Amplification

36
Quantum Key Distribution
  • Continuous Variable Quantum Cryptography Using
    Coherent States(F. Grosshans et al, PRL 88,
    057902(2002))
  • The non-commuting observables are the quadrature
    operators X and P
  • The transmitted light contains weak coherent
    pulses(about 100 photons) with a gaussian
    modulation of amplitude and phase
  • The detection is made using shot-noise limited
    homodyne detection

37
Quantum Key Distribution
  • Using Coherent state
  • The non-commuting observables are the quadrature
    operators X and P
  • Reconciliation(sliced)
  • Privacy Amplification

38
Quantum Key Distribution
  • Attack model(Continuous variable)
  • Intercept-resend model (opaque eavesdropping)
  • Error rate
  • Coherent
  • Individual Optimal
  • Collective

39
Quantum Key Distribution
  • Security by Information theory
  • Shannon, von Neumann

40
Quantum Key Distribution
  • Security by Information theory
  • Gaussian distribution

41
Quantum Key Distribution
  • Security by Information theory
  • Gaussian state
  • Information

42
Conclusion
  • One-time pad(QKD)
  • Where is quantum?
  • Measurement(Discrete, Continuous)
  • every measurement perturbs a system
  • No-cloning theorem(Discrete, Continuous)
  • It is impossible to copy an arbitrary quantum
    state chosen among a set of non-orthogonal states
  • Quantum Information theory for Security

43
Acknowledgement
  • Many Thanks..(M.S. Kim, Jingak Jang, Wonmin Son..)

44
Reference
  • Quantum cryptography, N.Gisin et al,
    quant-ph/0101098
Write a Comment
User Comments (0)
About PowerShow.com