See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/220840552

Research Directions in Quantum Cryptography

Conference Paper · April 2007

DOI: 10.1109/ITNG.2007.166 · Source: DBLP

CITATIONS READS

10 2,770

3 authors, including:

Rajni Goel Anteneh Girma

Howard University Robert Morris University
36 PUBLICATIONS   208 CITATIONS    7 PUBLICATIONS   38 CITATIONS   

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Anteneh Girma on 26 September 2014.

The user has requested enhancement of the downloaded file.

 Research Directions in Quantum Cryptography

Rajni Goel Moses Garuba, Anteneh Girma

Department of Information Systems & Department of Systems & Computer Science
Decision Sciences Howard University
Howard University 2300 6th Street NW
2600 6th Street, NW Washington, DC 20059
Washington, DC 20059 {moses, agirma}@scs.howard.edu
rgoel@howard.edu

Abstract • Quantum states can make possible new

or improved cryptographic protocols
Quantum Cryptography is an approach to protecting classical information (as with
securing communications by applying the quantum key distribution or
phenomena of quantum physics. Unlike uncloneable encryption).
traditional classical cryptography, which uses • Cryptographic methods can be applied
mathematical techniques to restrict to protect quantum information instead
eavesdroppers, quantum cryptography is focused of classical information. Examples
on the physics of information. Quantum would include quantum secret sharing
cryptography provides secure communication, schemes and quantum authentication
whose security depends only on the validity of protocols.
quantum theory, i.e., it is guarantied directly by
the laws of physics. This is a substantial We investigate the differences between classical
difference from any classical cryptographic cryptographic techniques and quantum
techniques. This article summarizes the current cryptography, as well potential advantages and
state of quantum cryptography and provides applications of each. In section 2, we present
potential extensions of its feasibility as a attributes of classical cryptography and its
mechanism for securing existing communication difference with quantum cryptography and
systems. Section 3 summarizes Quantum Key distribution
and Quantum Entanglement. Section 4 and 5
I. Introduction describes the quantum cryptographic protocols,
eavesdropping, and we conclude with a
discussion on the current progress and quantum
The physics of quantum cryptography
crypto network debuts.
opens a door to tremendously intriguing
possibilities for cryptography, the art and science
of communicating in the presence of adversaries 2. Classical Cryptography
[1,2]. Interesting characteristics of quantum
mechanics include the existence of indivisible Cryptography is the art of rendering a
quanta and of entangled systems, both of which message unintelligible to any unauthorized party.
lie at the root of quantum cryptography (QC). Although confidentiality is the traditional
QC is one of the few commercial applications of application of cryptography, it is used nowadays
quantum physics at the single quantum level. to achieve broader objectives, such as
Other applications of quantum mechanics authentication, digital signatures [10].
to cryptography, which tend to come in three To achieve this goal, an algorithm (also called a
flavors: cryptosystem or cipher) is used to combine a
• Quantum mechanics can be used to message with some additional information
break classical cryptographic protocols (known as the key) and produce a cryptogram.
(as with quantum factoring). The primary application of cryptography is to
send secret messages.

International Conference on Information Technology (ITNG'07)

0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
 Many cryptographic systems are based on
computational assumptions. Decrypting is
equivalent to solving some computationally
difficult problem, one that cannot be answered in
polynomial time in some security parameters.
The central problem in cryptography is the key
distribution problem, for which there are
essentially two solutions: one based on
mathematics, classical cryptography, and one
based on Physics (quantum cryptography). While
classical cryptography relies on the
computational difficulty of factoring large
integers, quantum cryptography relies on what
we believe to be the universal laws of quantum
mechanics.
These classical cryptosystems come in two
flavors: symmetric systems, and asymmetric
systems [6]. The security of public key
cryptosystems is based on computational
complexity. The idea is to use mathematical
objects called one-way functions. So far, no one
has proved the existence of any one-way
function with a trapdoor; so, the existence of
secure asymmetric cryptosystems is not proven.
This poses a serious threat to these
cryptosystems. For instance, an overnight
breakthrough in mathematics could make
electronic money instantly worthless. To limit
such economic and social risks, there is no
alternative but to turn to symmetrical
cryptosystems. QC has a role to play in such
alternative systems.
Secret key cryptography
• Requires secure channel for key distribution
• In principle every classical channel can be
monitored passively
• Security is mostly based on complicated non
proven algorithms
Public key cryptography
• Security is based on non proven
mathematical assumptions
(e. g. in RSA cipher, difficulty of
factoring large numbers)
• Break through renders messages insecure
retroactively.
3. Quantum Cryptography
The idea of quantum cryptography was first
proposed in the 1970s [14,15], though it is only
now that the field is applied to information
security. One aspect of quantum cryptography is
to create cryptographic protocols to protect
quantum States that do have the property that
they cannot be copied [11,12].
The main advantage of quantum
cryptography is that it gives us perfectly secure
data transfer. The first successful quantum
cryptographic device could translate a secret key
over 30 centimeters using polarized light, calcite
crystal(s), and other electro-optical devices.

2.2. Symmetrical (secret key) cryptosystems

Symmetrical ciphers require the use of a single

key for both encryption and decryption. The
symmetrical cryptosystems in use for routine
applications such as e-commerce employ rather
short keys. Like asymmetrical cryptosystems,
they offer only computational
security. However, for a given key length,
symmetrical systems are more secure than their
asymmetrical counterparts.
In practical implementations, asymmetrical
algorithms are used not so much for encryption,
because of their slowness, but rather for
distribution of session keys for symmetrical
cryptosystems such as DES. Because the security
of those algorithms is not proven, the security of
the whole implementation can be compromised.
If these algorithms were broken by mathematical Figure 3: A Quantum Cryptographic
advances, QC would constitute the only way to communication system for securely transferring
solve the key distribution problem. random key.
2.3 Barriers of Classical cryptography 3.1 Quantum Entanglement

2
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
 Entanglement is a kind of quantum
correlation that is stronger, in a certain sense,
than any classical one. If some quantum system,
consisting of several subsystems, is in an
entangled state (even in a pure entangled state)
its individual subsystems cannot be described by
pure quantum states. Entangled states can be
used to serve for quantum key distribution and
quantum teleportation.
Quantum entanglement is a quantum
mechanical phenomenon in which the quantum
of two or more objects have to be described with
reference to each other, even though the
individual objects may be spatially separated [3].
This leads to correlations between observable
physical properties of the systems. As a result,
measurements performed on one system seem to
be instantaneously influencing other systems
entangled with it.
3.2 Quantum Key Distribution
Quantum mechanics has multiple
cryptographic applications as well (see [8] for a
survey). The best known is quantum key
distribution (QKD) [11], which enables Alice
and Bob to create a secure classical secret key
despite the potential presence of an
eavesdropper. QKD requires only an insecure
quantum channel and authenticated (but
unencrypted) classical channels, but
unfortunately requires multiple rounds of back-
and-forth communication between Alice and
Bob.
QKD is a means of distributing keys from one
party to another, and detecting eavesdropping. It
allows two parties to establish a common
random secret key by taking advantage of the
fact that quantum mechanics does not allow for
distinguishing non-orthogonal states with
certainty. Within the framework of classical
physics, information encoded into a property of a
classical object, can be acquired without
affecting the state of the object. However, if
information is encoded into a property of a
quantum object, any attempt to discriminate its
non-orthogonal states inevitably changes the
original state with a nonzero probability. And
since eavesdropping is also governed by the laws
of quantum mechanics, these changes cause
errors in transmissions and reveal the
eavesdropper. QKD cannot prevent from
eavesdropping, but it enables legitimate users to
discover it. If any eavesdropping is detected, the
key is simply thrown away and a new one is
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007
Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
generated. No leakage of information occurs,
since the key is just a random sequence.
The primary proposed application of QKD
is to create a secret key, which is then used with
the one-time pad to send unconditionally secure
messages. We ensure secure communications by
using one-time pads in conjunction with
quantum key distribution. The main drawback
for classical one-time pads is the distribution of
encryption/decryption keys, and this is not a
problem for quantum cryptography as we can
transfer key data in a totally secure fashion.
One of the best-known protocols for
quantum key distribution is usually called BB84,
since it was proposed by Bennett and Brassard in
1984 [4]. In BB84, Alice sends Bob a random
sequence of quantum bits (or qubits). These
quantum bits are equally likely to be in one of
four possible states, see table 1.
State Basis Value
|0> Z 0
|1> Z 1
|0> + |1> X 0
|0> - |1> X 1
Table 1: States of quantum bits
When Bob receives a qubit, he randomly
chooses to measure it either in the Z basis or the
X basis, and records the results. Then Alice
announces which basis the state she sent came
from (the "Basis" column in the table), but not
what the state actually was, and Bob announces
which basis he measured in. If Bob measured in
the same basis that Alice used to prepare the
state, he should have gotten the result in the
"Value" column of the table. Alice and Bob keep
the results for which they used the same basis
and discard the other bits. In the absence of
errors and eavesdropping, they now have an
identical string of bits, which can act as their
private key.
But, note that a clever Eve can adopt many
possible strategies to fool Alice and Bob,
including subtle quantum attacks entangling all
of the particles sent by Alice. Taking all
possibilities into account, along with the effects
of realistic imperfections in Alice and Bob's
apparatus and channel, has been difficult. A long
series of partial results has appeared over the
years, addressing restricted sets of strategies by
Eve, [2] but only in the past few years have
complete proofs appeared.
3
 One class of proofs, by Dominic Mayers
[3] and subsequently by others, including Eli
Biham and collaborators and Michael Ben-Or,
[4] attacks the problem directly and proves that
the standard BB84 protocol is secure. Another
approach, by (HKL) and H. F. Chau [5]. proves
the security of a new QKD protocol that uses
quantum error-correcting codes [6]. The two
approaches have been unified by Peter Shor and
John Preskill, [7], who showed that a quantum
error-correcting protocol could be modified to
become BB84 without compromising its
security.
The proof of the security of QKD is a fine
theoretical result, but it does not mean that a real
QKD system would be secure [8]. Some known
and unknown security loopholes might prove to
be fatal. Apparently minor quirks of a system can
sometimes provide a lever for an eavesdropper to
break the encryption. For instance, instead of
producing a single photon, a laser may produce
two; Eve can keep one and give the other to Bob.
She can then learn what polarization Alice sent
without revealing her presence. There are various
possible solutions to this particular problem; it is
the unanticipated flaws that present the greatest
security hazard. Ultimately, we cannot have
confidence that a real-life quantum cryptographic
system is secure until it has withstood attacks
from determined real-life adversaries.
Traditionally, breaking cryptographic protocols
has been considered to be as important as
making them--the protocols that survive are
more likely to be truly secure. The same standard
will have to be applied to QKD.
Quantum key distribution is perhaps the
best-known example of an application of
quantum mechanics to cryptography, but there
are many others. For instance, quantum key
distribution is closely related to a slightly
stronger protocol called uncloneable encryption,
which uses quantum states to send an encrypted
classical message which cannot be read or even
copied by Eve.
4. Quantum Cryptographic Protocols
Recent interest in quantum cryptography has
been stimulated by the fact that quantum
algorithms, such as Shor’s algorithms for integer
factorization and discrete logarithm [9], threaten
the security of classical cryptosystems. A range
of quantum cryptographic protocols for key
distribution, bit commitment, oblivious transfer
and other problems [10] have been extensively
studied. Furthermore, the implementation of
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007
Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
quantum cryptographic protocols has turned out
to be significantly easier than the implementation
of quantum algorithms. Quantum cryptographic
protocols are designed with the intention that
their security is guaranteed by the laws of
quantum physics. Naturally it is necessary to
prove, for any given protocol, that this is indeed
the case. The most notable result in this area is
Mayers’ proof [3] of the unconditional security
of the quantum key distribution protocol “BB84”
[12]. This proof guarantees the security of BB84
in the presence of an attacker who can perform
any operation allowed by quantum physics;
hence the security of the protocol will not be
compromised by future developments in
quantum computing. Mayers’ results, and others
of the same kind [4,3], are extremely important
contributions to the study of quantum
cryptography.
However, a mathematical proof of the
security of a protocol does not in itself guarantee
the security of an implemented system which
relies on the protocol. Experience of classical
cryptography has shown that, during the
progression from an idealized protocol to an
implementation, many security weaknesses can
arise. For example: the system might not
correctly implement the desired protocol; there
might be security flaws which only appear at the
implementation level and which are not visible at
the level of abstraction used in proofs; problems
can also arise at boundaries between systems and
between components which have different
execution models or data representations.
Quantum cryptographic systems must be
analyzed at a level of detail that is closer to a
practical implementation. Computer scientists
have developed a range of techniques and tools
for the analysis and verification of
communication systems and protocols. Those
particularly relevant to security analysis are
surveyed by Ryan et al. [7]. This approach has
two key features. The first is the use of formal
languages to precisely specify the behavior of
the system and the properties which it is meant
to satisfy. The second is the use of automated
software tools to either verify that a system
satisfies a specification or to discover flaws.
There are classical solutions to insecure
communication all rely on making some sort of
assumption, about the computational power of a
cheater, about the number of cheaters, or
something of this kind. Based on quantum key
distribution, one might hope that a quantum
computer might allow us to weaken or remove
these assumptions. For instance, it is possible to
4
 make a quantum digital signature, which is
secure against all attacks allowed by quantum
mechanics.
Many classical cryptographic protocols work by
building up the protocol from simpler protocols.
Two particularly useful simple protocols are
Authentication of quantum messages [8] and the
other called bit commitment. Standard classical
cryptographic protocols for bit commitment rely
on Bob having limited computational power. For
a while, it was thought quantum bit
commitments protocols existed which were
unconditionally secure. However, it turns out
that if Alice and Bob have quantum computers,
any protocol for which Bob cannot determine the
value of Alice's bit allows Alice to safely change
the bit without Bob finding out. This was a great
disappointment, and later results proved that
many other quantum cryptographic protocols
were also impossible. However, there are still a
number of possible protocols that have not been
ruled out, including some of considerable
interest. Quantum computation may allow us to
perform some of these operations more safely
than any classical protocol.
5. Eavesdropping
Eavesdropping is the intercepting and reading
of messages and conversations by unintended
recipients. One who participates in
eavesdropping, i.e. someone who secretly listens
in on the conversations of others, is called an
eavesdropper. The origin of the term is literal,
from people who would literally hide out in the
eaves of houses to listen in on other people's
private conversations.
Eavesdropping can also be done over
telephone lines, email, instant messages, and any
other method of communication considered
private. (If a message is publicly broadcast,
witnessing it does not count as eavesdropping).
Messages can be protected against
eavesdropping by employing a security service
of confidentiality (or privacy). This security
service is usually implemented by encryption.
6. Quantum crypto network debuts
Quantum cryptography has the potential to
guarantee perfectly secure communications, but
until now the entire prototype systems have been
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007
Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
point-to-point links rather than networks that
share connections.
BBN Technologies, Harvard University and
Boston University researchers have built a six-
node quantum cryptography network that
operates continuously to provide a way to
exchange secure keys between BBN and
Harvard, which is about 10 kilometers away [3].
The researchers will soon move one of the
network nodes across town to link Boston
University into the network. The network is
resilient because any node in the network can act
as a relay to connect two other nodes. Because
there are multiple connections to and from any
given node, "failure of a link or node does not
mean that we have lost quantum cryptography.
The quantum network uses secure
point-to-point connections between nodes and
allows a given node to relay secure
cryptographic keys between two other nodes.
Because the quantum properties of photons are
lost if they are observed, they cannot be copied,
but making copies of light signals is the way
signals are boosted along ordinary
telecommunications lines.
Quantum repeaters, which are under
development at several research labs around the
world, would instead transfer the quantum state
of one photon to another through interactions
with atoms or through the strange quantum
phenomenon of entanglement, which allows
traits of two or more particles to be linked
regardless of the distance between them.
The network's photon sources are currently
heavily filtered lasers, which are extremely dim
and sometimes emit more than one photon at a
time[9].
The quantum cryptography network works with
Internet protocols including the secure Internet
Protocol (IPsec) and creates a type of virtual
private network, which provides secure
communications over unsecured networks like
the Internet at large. The idea is that even if an
eavesdropper is able to listen in on a line, he
would be unable to learn much about the
communications traversing it. The network is
ready for practical applications today.
Magiq Technologies is creating a new line
of products that it says could help make quantum
encryption theoretically impossible to crack --
more palatable to mainstream customers. The
New York-based company said it has signed a
deal with Cavium Networks, under which
Cavium's network security chips will be included
inside Magiq's servers and networking boards
5
 Magiq and Cavium will also create reference
designs for networking boards and cards, with all
of the necessary silicon to create a quantum
encryption system.
Quantum properties other than polarization can
encode the value of a bit for the quantum key,
says Gregoire Ribordy, CEO of Swiss start-up
Swiss start-up ID Quantique His company
introduced the first commercial quantum-
cryptography products in 2002: single-photon
detectors and random-number generators, two
essential components for quantum-cryptography
systems. In 2003, the company partnered with
two electronic-security firms to develop a
commercial system.
7. Conclusion
8. References
[1] Bennett, C. H., and Brassard, G. Quantum
public key distribution reinvented. Sigact News
18(4) (1987), 51–53.
[2] Bennett, C. H., Brassard, G., and Ekert, A. K.
Quantum cryptography. Sci. Am. 267, 4 (Oct.
1992), 50.
[3] Bennett, C. H., and DiVincenzo, D. P.
Quantum information and computation. Nature
404 (2000), 247–55.
[4] Bennett, C. H., and Shor, P. W. Quantum
information theory. IEEE Transactions on
Information Theory 44, 6 (1998), 2724–42.
[5] Brassard, G. Cryptology column — 25 years
of quantum cryptography. Sigact News 27(3)
(1996), 13–24.
[6] Gottesman, D., and Lo, H.-K. From quantum
cheating to quantum security. Physics Today 53,
11 (Nov. 2000), 22.
[7] Lo, H.-K. Quantum Cryptology. World
Scientific, 1998.
[8] Singh, S., 1999, The Code Book: The Science
of Secrecy from Ancient Egypt to Quantum
Cryptography (Fourth Estate, London).
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007
Authorized licensed
View publication statsuse limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
As this quantum cryptography is a new science
in a cryptosystem technology and many
researchers from around the world are
discovering a way of incorporating some new
devices and have already made a breakthrough, it
looks quantum cryptography will be an advanced
code- making technology which is theoretically
uncrackable. This is because of the laws of
quantum physics that dictate an eavesdropper
could not measure the properties of a single
photon without the risk of altering those
properties. In other words, even if an
eavesdropper is able to listen in on a line, he/she
could be unable to learn much about the
communications traversing it.
[9] Brassard, G., 1988, Modern Cryptology: A
Tutorial, Lecture Notes in Computer Science,
Vol. 325 (Springer, New York).
[10] Shannon, C. E., 1949, ‘‘Communication
theory of secrecy systems, ’’ Bell Syst. Tech. J.
28, 656–715.
[11] Stallings, W., 1999, Cryptography and
Network
[12] Wiesner, S., 1983, ‘‘Conjugate coding,’’
SIGACT News, 15,78–88
[13] Bennett, C. H., and G. Brassard, 1984, in
Proceedings of the IEEE International
Conference on Computers, Systems and Signal
Processing, Bangalore, India, (IEEE, New
York), pp.175–179.
[14] Bennett, C. H., and G. Brassard, 1985,
‘‘Quantum public key distribution system,’’ IBM
Tech. Discl. Bull. 28, 3153–3163.
[15] W. K. Wootters and W. H. Zurek, “A single
quantum cannot be cloned,” Nature 299, 802
(1982).
6