WO2008140291A2 - Rendu déterministe pour cryptographie quantique pratique - Google Patents

Rendu déterministe pour cryptographie quantique pratique Download PDF

Info

Publication number
WO2008140291A2
WO2008140291A2 PCT/MY2008/000039 MY2008000039W WO2008140291A2 WO 2008140291 A2 WO2008140291 A2 WO 2008140291A2 MY 2008000039 W MY2008000039 W MY 2008000039W WO 2008140291 A2 WO2008140291 A2 WO 2008140291A2
Authority
WO
WIPO (PCT)
Prior art keywords
bits
deterministic
basis
bit
practical
Prior art date
Application number
PCT/MY2008/000039
Other languages
English (en)
Other versions
WO2008140291A3 (fr
Inventor
Mohamed Ridza Wahidin
Jesni Bin Shamsul Shaari
Marco Lucamarni
Stefano Mancini
Original Assignee
Mimos Berhad
International Islamic University Malaysia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad, International Islamic University Malaysia filed Critical Mimos Berhad
Publication of WO2008140291A2 publication Critical patent/WO2008140291A2/fr
Publication of WO2008140291A3 publication Critical patent/WO2008140291A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0858Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding

Definitions

  • the present invention relates to a quantum key distribution (QKD) protocol in order to make it deterministic.
  • QKD quantum key distribution
  • the present invention more particularly relates to a method and system for deterministic quantum key distribution for rendering practical quantum cryptography.
  • QKD quantum key distribution
  • the basic reconciliation implies the average waste of partial of the total quantum resources used for the quantum communication.
  • the basis reconciliation's intrinsic randomness it is not possible to affirm that the final key is distributed from one user to another, but rather that it is generated during the protocol itself in a random way.
  • the usual BB84 is not deterministic. This feature is not necessarily a disadvantage, but it prevents even in principle the possibility of a quantum "direct communication' with the BB84.
  • the present invention relates to a deterministic rendering for practical quantum cryptography for conveying information from one site to another site with security wherein the steps for dete ⁇ ninisting BB84 comprises of:
  • U2 selects a subset of 2N bits that will serve as a check on User 3's
  • the present invention also relates to a deterministic rendering for practical quantum cryptography for a practical deterministic BB84, wherein the steps comprises of:
  • U2 selects a subset of 2N bits of d and 2N bits of b that will serve as a check on U3's interference, and tells Ul the addresses of the selected bits and wherein Ul selects the same addresses from the strings B and D.
  • U2 and Ul announce on the classical channel the v dues of the selected 2N pairs of bits from b and
  • U2 1 ansmits the information about the basis without waiting for Ul's receipt and wherein Ul does not send the receipt in the very moment Ul receives the photon.
  • Figure 1 shows a diagram of a possible Implementation of BB84'
  • Figure 2 shows 4 different graphs shoei inngg a secure rate of BB84' and BB84 optimized for distances between U2 and Ul for 2, ⁇ , 8 and 16 KM.
  • U2 chooses a random (4 + ⁇ c + ⁇ m ) N-bit string d (data string).
  • the factor ⁇ c accounts for the losses of the channel while ⁇ m accounts for the losses of Ul's storage memory.
  • U2 chooses a random (4 + ⁇ c + ⁇ m ) N-bit string b (basis string).
  • U2 encodes each bit of d on the qubits as ⁇ K)>, ll> ⁇ if the corresponding bit of b is 0 (Z basis) or ⁇ l+>, l-> ⁇ if the corresponding bit of b is 1 (X basis).
  • U2 sends the resulting states to Ul. (c) Storage.
  • U2 selects a subset of 2N bits that will servje as a check on User 3's (U3) interference, and tells Ul which bits U2 selected.
  • step c, e and d of the above protocol makes it deterministic, because they let Ul always measure in the right basis. T us would enable the possibility of a direct communication in case of a noiseless and loss less channel between the users.
  • the coefficient in front of the final number of distilled bits is 2 for BB84' while in the BB84 it is 1. This is due to the determinism of the new protocc 1, and entails an increase of the secure-bit-rate, at least on small distances between U2 ind Ul. For long distances the loss-rate becomes important eventually suppressing the advantage given by the determinism.
  • the minimum storage time for the deterministic BB84 with a receipt's transmission is 2T.
  • T is the time for a signal to cover the distance between U2 and Ul: one T is to let Ul 's receipt reach U2, and one T is to let U2 transmit the basis to Ul (we assume for simplicity that U2 and Ul use the same channel, hence the two times are equal in both directions).
  • U2 and Ul measure the time T that an intense light pulse employs to cover the distance between them. Then they use the (authenticated or unjammable) classical channel to declare the measured time T and to established the value of a positive security parameter, ⁇ , used later for security analysis.
  • T 1 U2 acquires the (4 + ⁇ c + ⁇ m ) N basis bits bj, and labels them as Bi.
  • This step is very similar to receiving a normal telephone call.
  • Ul records both the values of the B,'s and their times of arrival T 1 -.
  • BB84 removes the problem of Ul's receipt, relying much more on the classical communication.
  • the main ingredient is a kind of "post-selected" receipt by Ul.
  • U2 transmits the information about the basis without waiting for Ul's receipt. Ul does not send the receipt in the very moment Ul receives the photon. Yet Ul final measurement will reveal whether the photon was there at the expected time. Thus the main problem of a QND measurement is removed at the roots.
  • BB84 is entirely equivalent to the first protocol we described in this work, which, in turn, has been shown to be secure and equivalent to the original BB84.
  • the security analysis as in the present invention is aimed at showing the security of BB84" against attacks based on the potential weakness created by the Ul's receipt removal. It can also be seen as a new security argument in the frame of "sequential" QKD protocols. For the moment it is consider Ul's measuring apparatus is ideal, and we do not include in the proof the experimental parameters ⁇ , ⁇ ' and ⁇ .
  • the attackable point of our protocol is the lack of a qubit receipt from Ul to U2.
  • the risk is that U3 uses the disclosed basis bit to measure the qubit without perturbing it. Any other kind of eavesdropping is tantamount to U3 attacking a qubit just as she would do against a normal BB84 system. To do that U3 can either delay the qubit until the basis is disclosed or delay both the qubit and the basis. Any delay of the basis bits is detected during the check of the arrival times performed at point of (i), thus ruling out the latter strategy.
  • the former attack is instead slightly more subtle and is analyzed below.
  • U3 can not alter the values of the bases decided by U2 in a kind of v man-in-the-middle' attack, because they are declared at point of (i).
  • the crucial quantity is the parameter ⁇ : how big should it be to maintain the security of the protocol?
  • the quantity ⁇ represents a kind of experimental error in determining the exact time of arrival of the photons at Ul's site.
  • e is the time window of Ul 1 S "gated mode" detectors (Le. detectors which are open only when a photon is expected to be there); otherwise, when the photons are generated through the spontaneous parametric down conversion, ⁇ is the time window of the coincidence counts. In both cases typical values of e are less than 10 ns.
  • the quantum channel is a pulsed attenuated laser at the wavelength ⁇ f 1500 ran
  • the trigger is a pulsed bright laser at the wavelength of 1300 nm, which is used to synchronize the whole optical acquisition
  • the classical channel is the Internet, which is employed to transfer the information about the bases and about error correction and privacy amplification.
  • the start pulse from the computer drives the two laser sources (Ll @ 1500 nm, the quantum signal, and L2@1300 nm, the trigger) and the phase modulator which encodes the information in the relative pha ⁇ of the pulses generated by Ll and split in two time bins by U2's interferometer.
  • the random number generator (RNG) is drawn as detached fro n the computer for simplicity.
  • the phase encoded on the pulses is determined by the suim of the values of the basis (0 or ⁇ /2) and that of the state (0 or ⁇ ).
  • the important feature is that the basis is also written on the bright pulse @ 1300 nm, which now has a twofold role: time reference for U2 and carrier of the basis information.
  • a delay line represented by a number of fiber loops, of length L • ⁇ ⁇ .
  • L TcM
  • ⁇ c/n, with n the refractive index of the fiber and c the speed of light in vacuum.
  • the WDM selects the bright pulse, which is directed at a PIN photodiode detector.
  • This acts as a trigger for the gate of the avalanche photodiode detectors APDl and APD2.
  • the value read by the detector acts as an input to the electro-optical phase modulator represented by ⁇ B in the figure, thus allowing the deterministic measurement by Ul.
  • the path followed by the quantum carrier photon from laser Ll is the same. The only difference is the delay on Ul's site, which is equal to the one at U2's. This delay represents the simplest quantum memory and allows Ul to wait for the information about the basis before Ul's final measurement, making it deterministic. So in the whole, with respect to the usual BB84, no additional material other than some electronics is required for the implementation of BB84".
  • P ⁇ is the probability Ul gets a dark count in bis detectors
  • P ⁇ " 1 is the probability that Ul's detector fires because of a photon emitted by U2's source. This probability decreases with the distance between the users according to the formula:-
  • ⁇ B is the quantum efficiency of Ul's detectors
  • is the average number of photons per pulse
  • ⁇ T is the transmission probability of the channel, given by:
  • ⁇ T i ⁇ - ( ⁇ t+ ⁇ )/10 (6)
  • is the absorption coefficient of the fiber
  • L 0 is the loss rate at receiver's station
  • L is the distance between the users, as shown in Figure 1.
  • Equation. (3) ⁇ is defined as:
  • the rate of distilled secure bits is one of the figures of merit of a QKD setup, and it is not a trivial task to increase it.
  • the rate of transmission in any fiber-based setup is currently limited by the low efficiency of detectors, and in particular by their dead times, which are of the order of microseconds for a standard APD detector. This is a technological limitation that can be surpassed only by improving the detection mechanism.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Optical Communication System (AREA)

Abstract

La présente invention concerne un protocole de distribution de clé quantique (QDK) permettant d'obtenir un rendu déterministe. La présente invention concerne plus particulièrement un procédé et un système de distribution de clé quantique déterministe pour rendu de cryptographie quantique pratique.
PCT/MY2008/000039 2007-05-11 2008-05-09 Rendu déterministe pour cryptographie quantique pratique WO2008140291A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI20070735 2007-05-11
MYPI20070735 2007-05-11

Publications (2)

Publication Number Publication Date
WO2008140291A2 true WO2008140291A2 (fr) 2008-11-20
WO2008140291A3 WO2008140291A3 (fr) 2009-03-12

Family

ID=40002765

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2008/000039 WO2008140291A2 (fr) 2007-05-11 2008-05-09 Rendu déterministe pour cryptographie quantique pratique

Country Status (1)

Country Link
WO (1) WO2008140291A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2503045A (en) * 2012-06-13 2013-12-18 Toshiba Res Europ Ltd Quantum cryptography system with error correction and privacy amplification

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6438234B1 (en) * 1996-09-05 2002-08-20 Swisscom Ag Quantum cryptography device and method
US20040078421A1 (en) * 2002-08-10 2004-04-22 Routt Thomas J. Methods for transmitting data across quantum interfaces and quantum gates using same
JP2005268958A (ja) * 2004-03-16 2005-09-29 Nippon Telegr & Teleph Corp <Ntt> 量子暗号通信装置
US7178277B2 (en) * 2003-10-10 2007-02-20 Nec Corporation Quantum cryptography communication system and quantum cryptography key distributing method used in the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6438234B1 (en) * 1996-09-05 2002-08-20 Swisscom Ag Quantum cryptography device and method
US20040078421A1 (en) * 2002-08-10 2004-04-22 Routt Thomas J. Methods for transmitting data across quantum interfaces and quantum gates using same
US7178277B2 (en) * 2003-10-10 2007-02-20 Nec Corporation Quantum cryptography communication system and quantum cryptography key distributing method used in the same
JP2005268958A (ja) * 2004-03-16 2005-09-29 Nippon Telegr & Teleph Corp <Ntt> 量子暗号通信装置

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
M. LUCAMARINI ET AL.: ' Deterministic Rendering of BB84 for Practical Quantum Cryptography', [Online] 26 July 2007, pages 1 - 9 eprint ARXIV :0707.3913v1 Retrieved from the Internet: <URL:http://arxiv.org/abs/0707.3913> *
ZENG-BING CHEN ET AL.: 'Deterministic and efficient quantum cryptography based on Bell's theorem' PHYSICAL REVIEW A 73,050302 05 May 2006, THE AMERICAN PHYSICAL SOCIETY, pages 1 - 4 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2503045A (en) * 2012-06-13 2013-12-18 Toshiba Res Europ Ltd Quantum cryptography system with error correction and privacy amplification
GB2503045B (en) * 2012-06-13 2014-05-28 Toshiba Res Europ Ltd A quantum communication method and system

Also Published As

Publication number Publication date
WO2008140291A3 (fr) 2009-03-12

Similar Documents

Publication Publication Date Title
Vagniluca et al. Efficient time-bin encoding for practical high-dimensional quantum key distribution
Rosenberg et al. Practical long-distance quantum key distribution system using decoy levels
Takesue et al. Differential phase shift quantum key distribution experiment over 105 km fibre
US8675876B2 (en) Differential phase shift keying quantum key distribution
US7346166B2 (en) Quantum key distribution system and method using regulated single-photon source
JP4462806B2 (ja) 量子暗号鍵配布システム
EP3043507A1 (fr) Cryptographie quantique pratique avec une sécurité eternelle
JP4555979B2 (ja) 量子鍵配送方式及び通信方法
US20100239092A1 (en) Methods and systems for communicating over a quantum channel
US20060093143A1 (en) Method and system for generating shared information
WO2013037062A1 (fr) Système et procédé de cryptographie quantique
US11290192B2 (en) Quantum communication methods and systems for mitigating the detector dead time of photon detectors
Han et al. Enhancing data and privacy security in mobile cloud computing through quantum cryptography
CN105763313A (zh) 一种基于混沌信号动态同步的密钥分配方法及系统
CN108683462A (zh) 一种自由空间光通信数据的加密方法与系统
US20220303130A1 (en) Discrete variable quantum key distribution using conjugate homodyne detection
Hughes et al. Secure communications using quantum cryptography
Molotkov Relativistic quantum cryptography for open space without clock synchronization on the receiver and transmitter sides
WO2008140291A2 (fr) Rendu déterministe pour cryptographie quantique pratique
Khodr Evaluations of quantum bit error rate using the three stage multiphoton protocol
Liu et al. Experimental unconditionally secure covert communication in dense wavelength-division multiplexing networks
Rumyantsev et al. Modeling of quantum key distribution system for secure information transfer
Pljonkin Synchronization Safety Problem in Quantum Key Distribution System
CN100365973C (zh) 基于相位调制的量子身份认证系统
Zhong et al. Photon-efficient quantum cryptography with pulse-position modulation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08753728

Country of ref document: EP

Kind code of ref document: A2

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08753728

Country of ref document: EP

Kind code of ref document: A2