Elementary Introduction to

furiouserectΤεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 3 χρόνια και 4 μήνες)

62 εμφανίσεις

Elementary Introduction to
Quantum Cryptography

RJ Irwin

Syracuse University

To be presented…


A little Cryptography (Crypto)



A little Quantum Mechanics (QM)



Application of QM of polarized light to crypto:


Bennett/Brassard’s 1984 key distr. protocol (BB84)



Mathematics mostly avoided

Basic Crypto Scenario












Alice

Eve

Bob

Eve wants to eavesdrop undetected

Cryptography


Goal is to
encode

sender’s message so that
only receiver can
decode

it



Encoding/decoding process depends on one
or two
keys



Two classical approaches to to cryptography:


Symmetric

(or
secret
)
key


(one key)


Asymmetric

(or
public
)
key

(two keys)

Symmetric Key Cryptography


Alice and Bob use same key
k

for encoding
plaintext

p

into
ciphertext

c

and decoding
c

back into
p
:
E
k
(
p
) =
c
,
D
k
(
c
) =
p



If Eve learns
k
, then there is no security



How can Alice and Bob share the single key
k

without Eve intercepting it?



Asymmetric Key Cryptography


Alice and Bob each have two keys:


A
u
,

A
r


(Alice’s public, private keys)


B
u
,

B
r


(Bob’s public, private keys)



Public keys may be openly communicated
(e.g., they may be posted to a public website)



Private keys never shared by their owners

Asymmetric Key Cryptography


Sender uses receiver’s public key, receiver
uses own private key:


E
Bu
(
p
) =
c
, D
Br
(
c
) =
p

(Alice to Bob)


E
Au
(
p
) =
c
, D
Ar
(
c
) =
p

(Bob to Alice)



Rivest
-
Shamir
-
Adleman (1977) developed the
best
-
known, most popular public key system
(“RSA”)


Security of Crypto Schemes


Symmetric crypto using short keys exposes
ciphertext to
cryptanalytic attack

(e.g., DES)



Asymmetric crypto schemes in current use
depend on
unproven
assumptions


RSA scheme assumes that prime factorization of
integers is computationally intractable



Only
provably secure

scheme is
one
-
time pad
,
as shown by Claude E. Shannon in the 1940s

One
-
Time Pad


A symmetric key system, also called the
Vernam

cipher

(Gilbert
Vernam

at AT&T, 1918)



Key is a stream of random bits as long as the
plaintext to be encoded (key itself called the
“one
-
time pad” because it
is
used only once
)



The big problem, as usual with symmetric
systems, is how to share the key securely



BB84 Quantum Key Distribution


Charles Bennett (IBM) and Gilles Brassard
(
U.Montreal
), “Quantum Cryptography: Public
Key Distribution and Coin Tossing”, Int. Conf. on
Computers, Systems & Signal Processing,
Bangalore India, 1984



Showed how to use the quantum mechanical
nature of polarized light for distributing a one
-
time pad with a high degree of security



Eavesdropping detectable with high probability

Polarized Light

100% of light

50% of light

50% of light

Diagonal Basis (45º and 135º orthogonal basis members)

Light is composed of photons, 50% light = ½ of photons

Polarized Light

100% of light

50% of light

Diagonal Basis (45º and 135º orthogonal basis members)

no light

Polarized Light

100% of light

50% of light

50% of light

Rectilinear Basis (horiz. and vert. orthogonal basis members)

Polarized Light

Rectilinear Basis (horiz. and vert. orthogonal basis members)

100% of light

50% of light

no light

Polarized Light

Adding another filter can yield counter
-
intuitive results

100% of light

50% of light

25% of light

12.5% of light

Quantum Mechanics


States
,
Operations

and
Measurements

(Observations) as
Vectors in Hilbert Space
,
Unitary Operators

and
Self
-
adjoint Projection
Operators
, respectively



State of an
n
-
level system is a unit
-
length
vector in an
n
-
dimensional Hilbert Space,
H
n
,
called the
state space

Quantum Mechanics


Choice of orthonormal basis {|
x
1
›,…,|
x
n
›}
yields a
physical observable

that can have any
of these
n

values (basis can be chosen freely)



In general, a state of
H
n

(when not observed)
is a
superposition

of basis states:



α
1
|
x
1
›+
. . .

+
α
n
|
x
n


where basis state |
x
i
› is observed with
probability |
α
i
|
2

and ∑|
α
i
|
2

= 1 (
α
i

complex)

Polarized Light

R basis

D basis

R basis

R = Rectilinear

D = Diagonal

Choice of basis (type of measurement) determines possible outcomes

Thus, observation of state (measurement) can alter state

Heisenberg Uncertainty Principle of Quantum Mechanics

BB84 Quantum Key Distribution


Alice and Bob use two channels:


A quantum channel


A classical channel



Quantum channel used first, to transmit a train of
polarized photons; eavesdropping (observing)
disturbs long trains with high probability



Classical channel used to complete derivation of
one
-
time pad from photon train; need not be
secured against
passive

eavesdropping

0

1

1

0

1

1

0

0

1

0

1

1

0

0

1

D

R

D

R

R

R

R

R

D

D

R

D

D

D

R

R

D

D

R

R

D

D

R

D

R

D

D

D

D

R

1

1

1

0

0

0

1

1

1

0

1

Alice’s random bits......

Random

send bases….

Photons Alice

sends….

Random

recv

bases…..

Bits Bob receives……….

BB84 Protocol


R

D

R

D

D

R

R

D

D

D

R

x

x

x

x

x

x

1

1

0

1

0

1

1

0

x

x

Bob

reports bases……..

䅬Ac攺

correct bases…..

Presumed

s
hared

info

Bob

shows some bits..

Alice

confirms them….

QUANTUM

CLASSICAL

1

0

1

1


ONE
-
TIME

PAD