Showing papers on "BB84 published in 2008"
TL;DR: It is shown that a measurement used in the Bennett-Brassard 1984 (BB84) protocol does allow a squashing description, although the corresponding six-state protocol measurement does not.
Abstract: Measurements with photodetectors are naturally described in the infinite dimensional Fock space of one or several modes. For some measurements, a model has been postulated which describes the full measurement as a composition of a mapping (squashing) of the signal into a small dimensional Hilbert space followed by a specified target measurement. We present a formalism to investigate whether a given measurement pair of full and target measurements can be connected by a squashing model. We show that a measurement used in the Bennett-Brassard 1984 (BB84) protocol does allow a squashing description, although the corresponding six-state protocol measurement does not. As a result, security proofs for the BB84 protocol can be based on the assumption that the eavesdropper forwards at most one photon, while the same does not hold for the six-state protocol.
147 citations
TL;DR: From the perspective of information theory and cryptography, the security of two quantum dialogue protocols and a bidirectional quantum secure direct communication (QSDC) protocol was analyzed, and it was pointed out that the transmitted information would be partly leaked out in them.
Abstract: From the perspective of information theory and cryptography, the security of two quantum dialogue protocols and a bidirectional quantum secure direct communication (QSDC) protocol was analyzed, and it was pointed out that the transmitted information would be partly leaked out in them. That is, any eavesdropper can elicit some information about the secrets from the public annunciations of the legal users. This phenomenon should have been strictly forbidden in a quantum secure communication. In fact, this problem exists in quite a few recent proposals and, therefore, it deserves more research attention in the following related study.
138 citations
TL;DR: This work demonstrated ultra fast BB84 quantum key distribution transmission at 625 MHz clock rate through a 97 km field-installed fiber using practical clock synchronization based on wavelength-division multiplexing (WDM) and succeeded in over-one-hour stable key generation.
Abstract: We demonstrated ultra fast BB84 quantum key distribution (QKD) transmission at 625 MHz clock rate through a 97 km field-installed fiber using practical clock synchronization based on wavelength-division multiplexing (WDM). We succeeded in over-one-hour stable key generation at a high sifted key rate of 2.4 kbps and a low quantum bit error rate (QBER) of 2.9%. The asymptotic secure key rate was estimated to be 0.78–0.82 kbps from the transmission data with the decoy method of average photon numbers 0, 0.15, and 0.4 photons/pulse.
116 citations
TL;DR: The symmetric-side-channel-assisted private capacity of a quantum channel is studied, for which a single-letter formula is provided, and the results demonstrate that collective attacks are strictly stronger than individual attacks.
Abstract: We study the symmetric-side-channel-assisted private capacity of a quantum channel, for which we provide a single-letter formula. This capacity is additive, convex, and, for degradable channels, equal to the unassisted private capacity. While a channel's (unassisted) capacity for private classical communication may be strictly larger than its quantum capacity, we will show that these capacities are equal for degradable channels, thus demonstrating the equivalence of privacy and quantum coherence in this context. We use these ideas to find new bounds on the key rate of quantum key distribution protocols with one-way classical post-processing. For the Bennett-Brassard 1984 protocol, our results demonstrate that collective attacks are strictly stronger than individual attacks.
105 citations
TL;DR: This work presents an asymmetric cryptosystem whose security relies on fundamental principles of quantum physics and maps integer numbers to quantum states of a qubit and its inversion can be infeasible by virtue of the Holevo's theorem.
Abstract: We discuss cryptographic applications of single-qubit rotations from the perspective of trapdoor one-way functions and public-key encryption. In particular, we present an asymmetric cryptosystem whose security relies on fundamental principles of quantum physics. A quantum public key is used for the encryption of messages while decryption is possible by means of a classical private key only. The trapdoor one-way function underlying the proposed cryptosystem maps integer numbers to quantum states of a qubit and its inversion can be infeasible by virtue of the Holevo's theorem.
92 citations
TL;DR: The information capacity of a scheme based on the spatial entanglement of photons from a realistic source is derived, and the standard measures of security known for quadrature-based continuous variable quantum cryptography (CV-QKD) are shown to be inadequate.
Abstract: We analyze the distribution of secure keys using quantum cryptography based on the continuous variable degree of freedom of entangled photon pairs. We derive the information capacity of a scheme based on the spatial entanglement of photons from a realistic source, and show that the standard measures of security known for quadrature-based continuous variable quantum cryptography (CV-QKD) are inadequate. A specific simple eavesdropping attack is analyzed to illuminate how secret information may be distilled well beyond the bounds of the usual CV-QKD measures.
89 citations
TL;DR: All security proofs for BB84 protocol based on a virtual qubit entanglement distillation protocol, which was originally proposed by Lo and Chau and by Shor and Preskill, are valid even if Bob's actual apparatus cannot distill a qubit state explicitly.
Abstract: In this paper, we rigorously prove the intuition that in security proofs for the Bennett-Brassard 1984 (BB84) protocol, one may regard an incoming signal to Bob as a qubit state. From this result, it follows that all security proofs for BB84 protocol based on a virtual qubit entanglement distillation protocol, which was originally proposed by Lo and Chau [Science 283, 2050 (1999)] and by Shor and Preskill [Phys. Rev. Lett. 85, 441 (2000)], are all valid even if Bob's actual apparatus cannot distill a qubit state explicitly. As a consequence, especially, the well-known result that a higher bit error rate of 20% can be tolerated for BB84 protocol by using two-way classical communications is still valid even when Bob uses threshold detectors. Using the same technique, we also prove the security of Bennett-Brassard-Mermin 1992 (BBM92) protocol where Alice and Bob both use threshold detectors.
84 citations
TL;DR: It is shown that a conjectured single-letter formula for quantum key distribution, Bennnett-Brassard-84, is false, uncovering a deep ignorance about good private codes and exposing unfortunate complications in the theory of QKD.
Abstract: A central goal in information theory and cryptography is finding simple characterizations of optimal communication rates under various restrictions and security requirements. Ideally, the optimal key rate for a quantum key distribution (QKD) protocol would be given by a single-letter formula involving optimization over a single use of an effective channel. We explore the possibility of such a formula for the simplest and most widely used QKD protocol, Bennnett-Brassard-84 with one-way classical postprocessing. We show that a conjectured single-letter formula is false, uncovering a deep ignorance about good private codes and exposing unfortunate complications in the theory of QKD. These complications are not without benefit—with added complexity comes better key rates than previously thought possible. The threshold for secure key generation improves from a bit error rate of 0.124 to 0.129.
82 citations
TL;DR: In this paper, the authors constructed a practically implementable classical processing for the Bennett-Brassard 1984 (BB84) protocol and the six-state protocol that fully utilizes the accurate channel estimation method, which is also known as the quantum tomography.
Abstract: We construct a practically implementable classical processing for the Bennett-Brassard 1984 (BB84) protocol and the six-state protocol that fully utilizes the accurate channel estimation method, which is also known as the quantum tomography. Our proposed processing yields at least as high a key rate as the standard processing by Shor and Preskill. We show two examples of quantum channels over which the key rate of our proposed processing is strictly higher than the standard processing. In the second example, the BB84 protocol with our proposed processing yields a positive key rate even though the so-called error rate is higher than the 25% limit.
70 citations
TL;DR: In this paper, the authors show how the Singapore protocol for key distribution is optimal from this point of view, due to the fact that it is based on so-called symmetric informationally complete positive-operator-valued measure (SIC POVM) qubit tomography which allows the most accurate full tomographic reconstruction of an unknown density matrix on the basis of a restricted set of experimental data.
Abstract: Tomography of the two-qubit density matrix shared by Alice and Bob is an essential ingredient for guaranteeing an acceptable margin of confidentiality during the establishment of a secure fresh key through the quantum key distribution scheme. We show how the Singapore protocol for key distribution is optimal from this point of view, due to the fact that it is based on so-called symmetric informationally complete positive-operator-valued measure (SIC POVM) qubit tomography which allows the most accurate full tomographic reconstruction of an unknown density matrix on the basis of a restricted set of experimental data. We illustrate with the help of experimental data the deep connections that exist between SIC POVM tomography and discrete Wigner representations. We also emphasize the special role played by Bell states in this approach and propose a protocol for quantum key distribution during which a third party is able to concede or to deny a posteriori to the authorized users the ability to build a fresh cryptographic key.
67 citations
TL;DR: It is shown how faked states can in principle be constructed for quantum cryptosystems that use a phase-time encoding, the differential phase shift keying (DPSK) and the Ekert protocols.
Abstract: In quantum cryptosystems, variations in detector efficiency can be exploited to stage a successful attack. This happens when the efficiencies of Bob's two detectors are different functions of a control parameter accessible to Eve (e.g., timing of the incoming pulses). It has previously been shown that the Bennett-Brassard 1984 (BB84) protocol is vulnerable to this attack. In this paper, we show that several other protocols and encodings may also be vulnerable. We consider a faked states attack in the case of a partial efficiency mismatch on the Scarani-Acin-Ribordy-Gisin 2004 (SARG04) protocol, and derive the quantum bit error rate as a function of detector efficiencies. Additionally, it is shown how faked states can in principle be constructed for quantum cryptosystems that use a phase-time encoding, the differential phase shift keying (DPSK) and the Ekert protocols.
TL;DR: In this article, a frequency-coded quantum key distribution scheme was proposed, which uses encoded qubits in different frequency of a photon in four kinds of states, which satisfy requirements of BB84 protocol and could be produced with the recent advances in technology.
TL;DR: In this article, a quantum key distribution protocol based on sending entangled $N$-qubit states instead of single qubit ones is presented and analyzed, where the qubits are sent and acknowledged individually, and an eavesdropper is limited to accessing them one by one.
Abstract: We present and analyze a quantum key distribution protocol based on sending entangled $N$-qubit states instead of single-qubit ones as in the trail-blazing scheme by Bennett and Brassard 1984 (BB84). Since the qubits are sent and acknowledged individually, an eavesdropper is limited to accessing them one by one. In an intercept-resend attack, this fundamental restriction allows one to make the eavesdropper's information on the transmitted key vanish if even one of the qubits is not intercepted. The implied upper bound $1∕(2N)$ for this information is further shown not to be the lowest, as the information can be reduced to less than 30% of that in the BB84 scheme in the case $N=2$. In general, the protocol is at least as secure as BB84.
TL;DR: In this paper, a new approach to simulate quantum cryptography protocols using event-based processes is presented, and validated by simulating the BB84 protocol and the Ekert protocol, both without and with the presence of an eavesdropper.
Abstract: We present a new approach to simulate quantum cryptography protocols using event-based processes. The method is validated by simulating the BB84 protocol and the Ekert protocol, both without and with the presence of an eavesdropper.
TL;DR: In this article, the Bennett-Brassard 1984 quantum key distribution protocol over a free-space optical path on an optical table was implemented. But the performance of the system was not evaluated.
Abstract: We report on the implementation of a Bennett-Brassard 1984 quantum key distribution protocol over a free-space optical path on an optical table. Attenuated laser pulses and Pockels cells driven by a pseudorandom number generator are employed to prepare polarization-encoded photons. The sifted key generation rate of 23.6 kbits per second and the quantum bit error rate (QBER) of 3% have been demonstrated at the average photon number per pulse μ = 0.16. This QBER is sufficiently low to extract final secret keys from shared sifted keys via error correction and privacy amplification. We also tested the long-distance capability of our system by adding optical losses to the quantum channel and found that the QBER remains the same regardless of the loss.
TL;DR: This formula provides a family protocol, the private father protocol, under the resource inequality framework that includes private classical communication without secret-key assistance as a child protocol.
Abstract: We prove a regularized formula for the secret-key-assisted capacity region of a quantum channel for transmitting private classical information. This result parallels the work of Devetak et al. (e-print arXiv:quant-ph/0512015) on entanglement-assisted quantum communication capacity . This formula provides a family protocol, the private father protocol, under the resource inequality framework that includes private classical communication without secret-key assistance as a child protocol.
TL;DR: The lower bound shows that one can extract a secret key from the mismatched measurements with certain quantum channels, such as the channel over which the Hadamard matrix is applied to each qubit with high probability.
Abstract: We consider the mismatched measurements in the BB84 quantum key distribution protocol, in which measuring bases are different from transmitting bases. We give a lower bound on the amount of a secret key that can be extracted from the mismatched measurements. Our lower bound shows that we can extract a secret key from the mismatched measurements with certain quantum channels, such as the channel over which the Hadamard matrix is applied to each qubit with high probability. Moreover, the entropic uncertainty principle implies that one cannot extract the secret key from both matched measurements and mismatched ones simultaneously, when we use the standard information reconciliation and privacy amplification procedure.
10 Feb 2008
TL;DR: A quantum network manager is implemented that not only handles the switch and QKD protocol startup operations but also handles multiplexing and synchronization of secret key streams.
Abstract: We have begun to expand the NIST quantum key distribution (QKD) system into a quantum network to support secure cryptography. We are starting with a simple three-node network, one Alice switched between Bob1 and Bob2. To support such a quantum network, we have implemented a quantum network manager that not only handles the switch and QKD protocol startup operations but also handles multiplexing and synchronization of secret key streams. We describe the function, structure and interfaces of this quantum network manager and report on initial switching overhead. We also discuss some steps we plan to take to optimize that overhead as well as hide its latency for certain applications.
TL;DR: The proposed dBB84 protocol is extended to be a deterministic secure quantum communication (DSQC) protocol wherein the sender can securely transmit secret messages to the receiver via quantum channels and the receiver can read out the secret messages only after receiving an additional classical bit for each qubit from the sender.
Abstract: This paper presents a deterministic BB84 (dBB84) protocol that not only inherits the unconditional security of the original BB84 protocol but also enables the receiver to deterministically measure and decode all qubits sent by the sender. The proposed dBB84 protocol is then extended to be a deterministic secure quantum communication (DSQC) protocol wherein the sender can securely transmit secret messages to the receiver via quantum channels and the receiver can read out the secret messages only after receiving an additional classical bit for each qubit from the sender. In contrast to the existing single-photon-based secure communication protocols, which require the sender to either prepare two-qubit photon states or to establish two-way quantum channels with the receiver, the newly proposed protocol requires the sender to prepare single-qubit photon states for message transmissions and only set up one-way quantum channels to the receiver. Therefore, the proposed protocol is very suitable and feasible in practical applications.
TL;DR: In this paper, the authors improved the best known lower bound on the error rate for the 6-state protocol from 14.11% for local randomization alone to at least 14.59%.
Abstract: We study the advantages to be gained in quantum key distribution (QKD) protocols by combining the techniques of local randomization, or noisy preprocessing, and structured (nonrandom) block codes. Extending the results of [Smith, Renes, and Smolin, Physical Review Letters, 100:170502] pertaining to BB84, we improve the best-known lower bound on the error rate for the 6-state protocol from 14.11% for local randomization alone to at least 14.59%. Additionally, we also study the effects of iterating the combined preprocessing scheme and find further improvements to the BB84 protocol already at small block lengths.
13 May 2008
TL;DR: A novel extension of SSL/TLS that significantly facilitates the integration of quantum key distribution (QKD) with the already-existing Internet security infrastructure is presented, called QSSL (quantum SSL).
Abstract: This paper presents a novel extension of SSL/TLS that significantly facilitates the integration of quantum key distribution (QKD) with the already-existing Internet security infrastructure. This extended version of SSL/TLS is called QSSL (quantum SSL). During the development of QSSL, a concentration has been made on the creation of a simple, efficient, general, and flexible architecture that enables the deployment of practical quantum cryptographic-based security applications. Indeed, QSSL efficiently supports unconditionally secure encryption (one-time pad) and/or unconditionally secure authentication (based on universal hashing). A simplified version of QSSL based on BB84 (Bennett-Brassard 1984) QKD protocol has also been implemented and experimentally tested.
TL;DR: The present article proves the existence of a stronger individual attack on QKD protocols with encrypted error correction, for which tight bounds are shown, and clarifies why the claims of the news feature incorrectly suggest a contradiction with the established “old-style” theory of BB84 individual attacks.
Abstract: Some MIT researchers [Phys. Rev. A 75, 042327 (2007)] have recently claimed that their implementation of the Slutsky-Brandt attack [Phys. Rev. A 57, 2383 (1998); Phys. Rev. A 71, 042312 (2005)] to the BB84 quantum-key-distribution (QKD) protocol puts the security of this protocol “to the test” by simulating “the most powerful individual-photon attack” [Phys. Rev. A 73, 012315 (2006)]. A related unfortunate news feature by a scientific journal [G. Brumfiel, Quantum cryptography is hacked, News @ Nature (april 2007); Nature 447, 372 (2007)] has spurred some concern in the QKD community and among the general public by misinterpreting the implications of this work. The present article proves the existence of a stronger individual attack on QKD protocols with encrypted error correction, for which tight bounds are shown, and clarifies why the claims of the news feature incorrectly suggest a contradiction with the established “old-style” theory of BB84 individual attacks. The full implementation of a quantum cryptographic protocol includes a reconciliation and a privacy-amplification stage, whose choice alters in general both the maximum extractable secret and the optimal eavesdropping attack. The authors of [Phys. Rev. A 75, 042327 (2007)] are concerned only with the error-free part of the so-called sifted string, and do not consider faulty bits, which, in the version of their protocol, are discarded. When using the provably superior reconciliation approach of encrypted error correction (instead of error discard), the Slutsky-Brandt attack is no more optimal and does not “threaten” the security bound derived by Lutkenhaus [Phys. Rev. A 59, 3301 (1999)]. It is shown that the method of Slutsky and collaborators [Phys. Rev. A 57, 2383 (1998)] can be adapted to reconciliation with error correction, and that the optimal entangling probe can be explicitly found. Moreover, this attack fills Lutkenhaus bound, proving that it is tight (a fact which was not previously known).
Posted Content•
TL;DR: Wesuggest a powerful attack that can be used in systems with detector efficiency mismatch, even if the detector assignments are chosen randomly by Bob, in the presence of bit and basis dependent detector flaws.
Abstract: We consider the security of the Bennett-Brassard 1984 (BB84) protocol for Quantum Key Distribution (QKD), in the presence of bit and basis dependent detector flaws. We suggest a powerful attack that can be used in systems with detector efficiency mismatch, even if the detector assignments are chosen randomly by Bob. A security proof is provided, valid for any basis dependent, possibly lossy, linear optical imperfections in the channel/receiver/detectors. The proof does not assume the so-called squashing detector model.
TL;DR: A simple way for an eavesdropper to eavesdrop freely the secret message in the experimental realization of quantum communication protocol proposed by Beige et al is presented.
Abstract: This paper presents a simple way for an eavesdropper to eavesdrop freely the secret message in the experimental realization of quantum communication protocol proposed by Beige et al (2002 Acta Phys. Pol. A 101 357). Moreover, it introduces an efficient quantum secure communication protocol based on a publicly known key with decoy photons and two biased bases by modifying the original protocol. The total efficiency of this new protocol is double that of the original one. With a low noise quantum channel, this protocol can be used for transmitting a secret message. At present, this protocol is good for generating a private key efficiently.
TL;DR: It is proved that it is possible to transfer proofs of zero-knowledge protocols using QTPD's and a fair contract signing protocol is presented where there is no communication with Judge during the exchange phase (which is impossible classically).
Abstract: We show how quantum tamper-proof devices (QTPD's) can be used to attack and to develop security protocols. On one hand, we prove that it is possible to transfer proofs of zero-knowledge protocols using QTPD's. This attack can be extended to other security schemes where privacy is important. On the other hand, we present a fair contract signing protocol using QTPD's where there is no communication with Judge during the exchange phase (which is impossible classically). In the latter case, we make use of decoherence in the quantum state of the QTPD to implement a global clock over the asynchronous network. QTPD's seem to be possible to implement with existing quantum hardware, due to the fact that it is hard to isolate quantum memory from interference. These theoretical results contribute to justify the implementation of QTPD's.
TL;DR: Two 1-out-of-2 quantum oblivious transfer (QOT21) protocols are proposed, which require the coherent states to be prepared by the receiver and by the sender, and which utilization of quantum states is very efficient.
Abstract: On the basis of the modified four-coherent-state post-selection quantum key distribution protocol (Namiki and Hirano 2006 Preprint quant-ph/0608144v1), two 1-out-of-2 quantum oblivious transfer (QOT21) protocols are proposed. The first proposed protocol (called the receiver-based QOT21 protocol) requires the coherent states to be prepared by the receiver, whereas the second protocol (called the sender-based QOT21 protocol) allows the coherent states to be generated by the sender. The main advantages of the proposed protocols are that (i) no quantum bit commitment schemes and the assumption of quantum memory are needed; (ii) less communication cost between participants is required, i.e. the receiver-based QOT21 protocol requires only one quantum communication and one classical communication and the sender-based QOT21 protocol requires only one quantum communication between participants during protocol execution; and (iii) the utilization of quantum states is very efficient, wherein the receiver-based and the sender-based QOT21 protocols use only two coherent pulses and one coherent pulse respectively for sending the sender's two messages.
Posted Content•
TL;DR: In this article, Zhou et al. investigated the long-standing gap of quantum key rate between the weak co-herent Pulse (WCP) and Heralded Single Photon Sources (HSPS) implementation of quantum cryp-tographical protocol.
Abstract: 1 Key Laboratory of Quantum Information, University of Science and Technology of China (CAS), Hefei 230026, China2 Zheng Zhou Information and Technology Institute, Zhengzhou, Henan 450004, China(Dated: July 11, 2008)In this paper, we investigate the long-standing gap of quantum key rate between the Weak Co-herent Pulse (WCP) and Heralded Single Photon Sources(HSPS) implementation of quantum cryp-tographical protocol We prove that, by utilizing the Heralded Pair Coherent State (HPCS) photonsources, such a gap can be actually filled in both BB84 and SARG quantum key distribution Thus,a universal photon source which achieves the up-to-date optimal key rate for each transmissiondistance is obtained
Posted Content•
TL;DR: In this article, an experimental setup for the reproduction of a simple model of the atmosphere is used to evaluate the quantum bit error rate in a BB84 protocol and the results represent the first step toward the realization of an optical bench experiment where atmospheric effects are simulated and controlled for reproducing the effects on a quantum channel in different meteorological situations.
Abstract: The quantum bit error rate is a key quantity in quantum communications. If the quantum channel is the atmosphere, the information is usually encoded in the polarization of a photon. A link budget is required, which takes into account the depolarization of the photon after its interaction with the atmosphere as well as absorption, scattering and atmospheric emissions. An experimental setup for the reproduction of a simple model of the atmosphere is used to evaluate the quantum bit error rate in a BB84 protocol and the results are presented. This result represents a first step toward the realization of an optical bench experiment where atmospheric effects are simulated and controlled for reproducing the effects on a quantum channel in different meteorological situations.
07 Apr 2008
TL;DR: A technique is presented to recover some of the unused qubits which result in an increase in the gain of the QKD protocols, and it was found that for the BB84 the recovered qubits can be as much as 11% of the initial key bits.
Abstract: Practical quantum key distribution gain is usually less than the theoretical limit, this is due to the imperfection of physical devices, quantum channels, and the lost qubits due to test carried out for for the identification of the presence of an eavesdropper and the consequence reduction of obtained knowledge. In this paper a technique is presented to recover some of the unused qubits which result in an increase in the gain of the QKD protocols, in this research it was found that for the BB84 the recovered qubits can be as much as 11% of the initial key bits. This technique is based on discovering the relationship between the initial key bits and the original random bits which will aid in the recovery process of the unused qubits ( unused qubits are the bits which are assumed to be lost at the start of the process due to the random process and for BB84 it is assumed to be around 50% of the generated key bits).
Journal Article•
TL;DR: A simulation project based on previously proposed Quantum Key Distribution protocols BB84 and B92, will be explained and a comparison of quantum bit error rates and detection rates of eavesdropping according to protocols, is done and results are obtained.
Abstract: Even though there have been various proposed and wideley used ciphering techniques in cryptography, main improvements in this field came out with the idea of “super computing”. Till now, popular methods like DES, AES and RSA which can be mathematically cracked in a duration of universe’s age, have been proposed. But all of these methods’s future is at risk because of the studies in production of “Quantum Computer”s of which computation speed is estimated to be very high so that no other existing super computers compete with them. At this stage, by using quantum mechanics a new method called “Quantum Key Distribution” and its protocols for the process of building cipher key, are proposed instead of determining new mathematical solutions for securing the data. In this study, a simulation project based on previously proposed Quantum Key Distribution protocols BB84 and B92, will be explained. At the end of the project by using BB84 and B92 protocols, a comparison of quantum bit error rates and detection rates of eavesdropping according to protocols, is done and results are obtained.