1 / 16

Authenticated QKD protocol using one-time ID

GSIS / CIST Hwa Yean Lee 2005. 2. 21. Authenticated QKD protocol using one-time ID. Contents. Introduction Authentication with one-time ID Quantum Key distribution Security proof Conclusion. 1. Introduction. QKD (Quantum Key Distribution) protocols Advantage

connor-mcconnell
Download Presentation

Authenticated QKD protocol using one-time ID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GSIS / CIST Hwa Yean Lee 2005. 2. 21 Authenticated QKD protocol using one-time ID

  2. Contents • Introduction • Authentication with one-time ID • Quantum Key distribution • Security proof • Conclusion

  3. 1. Introduction • QKD (Quantum Key Distribution) protocols • Advantage : Unconditional security • Disadvantage : Vulnerability to the Man-in-the middle attack

  4. 1. Introduction(2) • Miloslav Dusek, Ondrej Haderka, Martin Hendrych, and Robert Myska, PRA, 60, 149-156 (1999) • Bao-Sen Shi, Jian Li, Jin-Ming Liu, Xiao-Feng Fan, Guang-Can Guo, Physics Letters A 281  83-87 (2001) • Guihua Zeng and Weiping Zhan, PRA, 61, 022303 (2000) • Daniel Ljunggren, Mohamed Bourennane, and Anders Karlsson, PRA, 62, 022305 (2000) • Takashi Mihara, PRA, 65, 052326 (2002)

  5. 2. Authentication with one-time ID • Preparation • Each user register him to the arbitrator : secret user and one-way function • One-way authentication key of a user, Alice is where is a count. • If is 1, then the Hadamard operator is applied, else the identity operator is applied to the ith qubit. • If does not have enough length to encode the qubits, then can be used, where .

  6. 2. Authentication with one-time ID (2) • Procedure of the authentication • Alice request a secure communication with Bob to the arbitrator. • The arbitrator prepares GHZ tripartite states. • He encodes Alice’s and Bob’s particles of GHZ states with and , respectively. where is Alice’s authentication key and is Bob’s.

  7. 2. Authentication with one-time ID (3) • Procedure of the authentication(2) • The arbitrator sends the encoded qubits to Alice and Bob respectively. • Alice and Bob decode their qubits with their authentication key and selects some bits. • Alice and Bob measure the bits and compare the results. • If the results are same, they can authenticate each other and do the following key distribution procedure. Otherwise they abort the protocol.

  8. 2. Authentication with one-time ID (4) • Transformation of the GHZ states

  9. 3. Quantum Key distribution • Procedure of the key distribution • Using the remaining particles after authentication, Alice and Bob randomly make an operation either or on each particles, respectively. • Alice sends her particles to the arbitrator and Bob sends his to Alice. • The arbitrator perform C-NOT operation, where the control qubit is his and the target qubits is from Alice. • The arbitrator measures each qubits(Alice’s and his) and announces the measurement outcomes are same(O) or not(X).

  10. 3. Quantum Key distribution (2) • Procedure of the key distribution (2) • Alice measures the GHZ particles received from Bob. • Using the information published by the arbitrator, Alice can find Bob’s sequence of the operations. • The Bob’s sequence of the operations can be used as a raw secret key.

  11. 3. Quantum Key distribution (3)

  12. The Arbitrator Alice Bob Eve 4. Security proof • Man-in-the middle attack • In the authentication process • Eve introduces errors with probability ¼ for each check bit in the authentication procedure. • On knowing the hash function, Eve can estimate only some bits of hashed value.

  13. 4. Security proof (2) • Intercept-resend attack • Intercepts both the qubits heading to Alice or Bob in the authentication and the qubits heading to Alice or the authentication in the key distribution. • When Eve intercepts one-side in the key distribution, the probability of detection is 3/8. • When Eve intercepts both-side in the key distribution, the probability of detection is 7/16. • But she cannot be aware of the exact key since Alice and Bob’s information of operations are not exposed to Eve.

  14. 4. Security proof (3) • Intercept-resend attack (2) • Intercept only the qubits transmitted in the key distribution • Eve only can know Alice and Bob use same operation or not. • The probability of inferring correct key is .

  15. 4. Security proof (4) • Eve Eavesdrops Alice’s (Bob’s) qubits transmitted to the arbitrator (Alice) after Alice and Bob make operations on decoded GHZ states

  16. 5. Conclusion • QKD with authentication using one-time ID is proposed. • Authentication with one-time ID can be used on the various fields of quantum cryptography. • The neutrality of the arbitrator is important for the security of the proposed scheme.  More research on this problem are needed.

More Related