Authenticated QKD protocol using one-time ID

Slides:

Advertisements

Similar presentations

Quantum Cryptography Post Tenebras Lux!

Advertisements

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

Quantum Cryptography ( EECS 598 Presentation) by Amit Marathe.

Quantum Key Distribution (QKD) John A Clark Dept. of Computer Science University of York, UK

Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.

Quantum Key Distribution Yet another method of generating a key.

Efficient many-party controlled teleportation of multi-qubit quantum information via entanglement Chui-Ping Yang, Shih-I Chu, Siyuan Han Physical Review.

BB84 Quantum Key Distribution 1.Alice chooses (4+  )n random bitstrings a and b, 2.Alice encodes each bit a i as {|0>,|1>} if b i =0 and as {|+>,|->}

Quantum Cryptography Prafulla Basavaraja CS 265 – Spring 2005.

Lo-Chau Quantum Key Distribution 1.Alice creates 2n EPR pairs in state each in state |  00 >, and picks a random 2n bitstring b, 2.Alice randomly selects.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

EECS 598 Fall ’01 Quantum Cryptography Presentation By George Mathew.

Paraty, Quantum Information School, August 2007 Antonio Acín ICFO-Institut de Ciències Fotòniques (Barcelona) Quantum Cryptography.

CS4600/5600 Biometrics and Cryptography UTC/CSE

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

Paraty, Quantum Information School, August 2007 Antonio Acín ICFO-Institut de Ciències Fotòniques (Barcelona) Quantum Cryptography (III)

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.

Cryptography and Network Security (CS435) Part Eight (Key Management)

CHAPTER 15: Quantum cryptography

Quantum cryptography CS415 Biometrics and Cryptography UTC/CSE.

1 A Randomized Space-Time Transmission Scheme for Secret-Key Agreement Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2 1 Department of Electrical.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Introduction to Quantum Key Distribution

CS555Topic 251 Cryptography CS 555 Topic 25: Quantum Crpytography.

Quantum Cryptography Slides based in part on “A talk on quantum cryptography or how Alice outwits Eve,” by Samuel Lomonaco Jr. and “Quantum Computing”

Quantum Cryptography Antonio Acín

Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:

Presented By, Mohammad Anees SSE, Mukka. Contents Cryptography Photon Polarization Quantum Key Distribution BB84 Protocol Security of Quantum Cryptography.

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

Intrusion Resilience via the Bounded-Storage Model Stefan Dziembowski Warsaw University and CNR Pisa.

-SECRECY ENSURED TECHNOLOGYKEY DISTRIBUTUION CLASSICAL CRYPTOGRAPHY QUANTAM CRYPTOGRAPHY WORKING INTRODUCTION SECURITY CONCLUSION ADVANTAGESLIMITATIONS.

15-853Page 1 COMPSCI 290.2: Computer Security “Quantum Cryptography” Including Quantum Communication Quantum Computing.

CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 14. Digital signature.

Institute of Physics (IOP), Bhubaneswar

Cryptography: an overview

Encryption and Integrity

Key Management Session and Interchange Key Key Exchange

Key Exchange References: Applied Cryptography, Bruce Schneier

J. Miranda University of Ottawa 21 November 2003

COMPSCI 290.2: Computer Security

Network Security.

Cryptography & Security

CS480 Cryptography and Information Security

Weak Value Assisted Quantum Key Distribution

Quantum Cryptography Quantum Computing

with Weak Measurements

Unconditional Security of the Bennett 1992 quantum key-distribution protocol over a lossy and noisy channel Kiyoshi Tamaki * *Perimeter Institute for.

Information Security message M one-way hash fingerprint f = H(M)

Quantum Key Distribution

Seung Hwan An University of Washington October 18, 2016 PHYS 494

Digital Certificate Based Security Payment for QR Code Applications

Strong Password Protocols

Quantum Cryptography Alok.T.J EC 11.

Brandin L Claar CSE 597E 5 December 2001

Richard Cleve DC 2117 Introduction to Quantum Information Processing CS 667 / PH 767 / CO 681 / AM 871 Lecture 22 (2009) Richard.

Quantum Cryptography Scott Roberts CSE /01/2001.

Strong Password Protocols

Cryptography Reference: Network Security

Richard Cleve DC 2117 Introduction to Quantum Information Processing CS 667 / PH 767 / CO 681 / AM 871 Lecture 24 (2009) Richard.

Discrete Math for CS CMPSC 360 LECTURE 14 Last time:

Spin Many quantum experiments are done with photon polarization instead of electron spin Here is the correspondence between the two And the measurement.

Quantum Cryptography Quantum Computing

Biometrics-based RSA Cryptosystem for Securing Real-Time Communication

Chapter 8 roadmap 8.1 What is network security?

Secure Diffie-Hellman Algorithm

Key Exchange, Man-in-the-Middle Attack

Presentation transcript:

Authenticated QKD protocol using one-time ID GSIS / CIST Hwa Yean Lee 2005. 2. 21

Contents Introduction Authentication with one-time ID Quantum Key distribution Security proof Conclusion

1. Introduction QKD (Quantum Key Distribution) protocols Advantage : Unconditional security Disadvantage : Vulnerability to the Man-in-the middle attack

1. Introduction(2) Miloslav Dusek, Ondrej Haderka, Martin Hendrych, and Robert Myska, PRA, 60, 149-156 (1999) Bao-Sen Shi, Jian Li, Jin-Ming Liu, Xiao-Feng Fan, Guang-Can Guo, Physics Letters A 281 83-87 (2001) Guihua Zeng and Weiping Zhan, PRA, 61, 022303 (2000) Daniel Ljunggren, Mohamed Bourennane, and Anders Karlsson, PRA, 62, 022305 (2000) Takashi Mihara, PRA, 65, 052326 (2002)

2. Authentication with one-time ID Preparation Each user register him to the arbitrator : secret user and one-way function One-way authentication key of a user, Alice is where is a count. If is 1, then the Hadamard operator is applied, else the identity operator is applied to the ith qubit. If does not have enough length to encode the qubits, then can be used, where .

2. Authentication with one-time ID (2) Procedure of the authentication Alice request a secure communication with Bob to the arbitrator. The arbitrator prepares GHZ tripartite states. He encodes Alice’s and Bob’s particles of GHZ states with and , respectively. where is Alice’s authentication key and is Bob’s.

2. Authentication with one-time ID (3) Procedure of the authentication(2) The arbitrator sends the encoded qubits to Alice and Bob respectively. Alice and Bob decode their qubits with their authentication key and selects some bits. Alice and Bob measure the bits and compare the results. If the results are same, they can authenticate each other and do the following key distribution procedure. Otherwise they abort the protocol.

2. Authentication with one-time ID (4) Transformation of the GHZ states

3. Quantum Key distribution Procedure of the key distribution Using the remaining particles after authentication, Alice and Bob randomly make an operation either or on each particles, respectively. Alice sends her particles to the arbitrator and Bob sends his to Alice. The arbitrator perform C-NOT operation, where the control qubit is his and the target qubits is from Alice. The arbitrator measures each qubits(Alice’s and his) and announces the measurement outcomes are same(O) or not(X).

3. Quantum Key distribution (2) Procedure of the key distribution (2) Alice measures the GHZ particles received from Bob. Using the information published by the arbitrator, Alice can find Bob’s sequence of the operations. The Bob’s sequence of the operations can be used as a raw secret key.

3. Quantum Key distribution (3) Operation Transformation of GHZ states C-NOT operation Opened info. MO of Bob’s qubit Alice Bob O X 1

4. Security proof Man-in-the middle attack In the authentication process Eve introduces errors with probability ¼ for each check bit in the authentication procedure. On knowing the hash function, Eve can estimate only some bits of hashed value. The Arbitrator Alice Bob Eve

4. Security proof (2) Intercept-resend attack Intercepts both the qubits heading to Alice or Bob in the authentication and the qubits heading to Alice or the authentication in the key distribution. When Eve intercepts one-side in the key distribution, the probability of detection is 3/8. When Eve intercepts both-side in the key distribution, the probability of detection is 7/16. But she cannot be aware of the exact key since Alice and Bob’s information of operations are not exposed to Eve.

4. Security proof (3) Intercept-resend attack (2) Intercept only the qubits transmitted in the key distribution Eve only can know Alice and Bob use same operation or not. The probability of inferring correct key is .

Transmitted GHZ states 4. Security proof (4) Eve Eavesdrops Alice’s (Bob’s) qubits transmitted to the arbitrator (Alice) after Alice and Bob make operations on decoded GHZ states Operation Transmitted GHZ states Eve’ MO Changed state CNOT op. Opend info Alice Bob 0(0) 1(1) O X 0(1) 1(0)

5. Conclusion QKD with authentication using one-time ID is proposed. Authentication with one-time ID can be used on the various fields of quantum cryptography. The neutrality of the arbitrator is important for the security of the proposed scheme.  More research on this problem are needed.