You are on page 1of 7

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/220840552

Research Directions in Quantum Cryptography

Conference Paper · April 2007


DOI: 10.1109/ITNG.2007.166 · Source: DBLP

CITATIONS READS

10 2,770

3 authors, including:

Rajni Goel Anteneh Girma


Howard University Robert Morris University
36 PUBLICATIONS   208 CITATIONS    7 PUBLICATIONS   38 CITATIONS   

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Anteneh Girma on 26 September 2014.

The user has requested enhancement of the downloaded file.


Research Directions in Quantum Cryptography

Rajni Goel Moses Garuba, Anteneh Girma


Department of Information Systems & Department of Systems & Computer Science
Decision Sciences Howard University
Howard University 2300 6th Street NW
2600 6th Street, NW Washington, DC 20059
Washington, DC 20059 {moses, agirma}@scs.howard.edu
rgoel@howard.edu

Abstract • Quantum states can make possible new


or improved cryptographic protocols
Quantum Cryptography is an approach to protecting classical information (as with
securing communications by applying the quantum key distribution or
phenomena of quantum physics. Unlike uncloneable encryption).
traditional classical cryptography, which uses • Cryptographic methods can be applied
mathematical techniques to restrict to protect quantum information instead
eavesdroppers, quantum cryptography is focused of classical information. Examples
on the physics of information. Quantum would include quantum secret sharing
cryptography provides secure communication, schemes and quantum authentication
whose security depends only on the validity of protocols.
quantum theory, i.e., it is guarantied directly by
the laws of physics. This is a substantial We investigate the differences between classical
difference from any classical cryptographic cryptographic techniques and quantum
techniques. This article summarizes the current cryptography, as well potential advantages and
state of quantum cryptography and provides applications of each. In section 2, we present
potential extensions of its feasibility as a attributes of classical cryptography and its
mechanism for securing existing communication difference with quantum cryptography and
systems. Section 3 summarizes Quantum Key distribution
and Quantum Entanglement. Section 4 and 5
I. Introduction describes the quantum cryptographic protocols,
eavesdropping, and we conclude with a
discussion on the current progress and quantum
The physics of quantum cryptography
crypto network debuts.
opens a door to tremendously intriguing
possibilities for cryptography, the art and science
of communicating in the presence of adversaries 2. Classical Cryptography
[1,2]. Interesting characteristics of quantum
mechanics include the existence of indivisible Cryptography is the art of rendering a
quanta and of entangled systems, both of which message unintelligible to any unauthorized party.
lie at the root of quantum cryptography (QC). Although confidentiality is the traditional
QC is one of the few commercial applications of application of cryptography, it is used nowadays
quantum physics at the single quantum level. to achieve broader objectives, such as
Other applications of quantum mechanics authentication, digital signatures [10].
to cryptography, which tend to come in three To achieve this goal, an algorithm (also called a
flavors: cryptosystem or cipher) is used to combine a
• Quantum mechanics can be used to message with some additional information
break classical cryptographic protocols (known as the key) and produce a cryptogram.
(as with quantum factoring). The primary application of cryptography is to
send secret messages.

International Conference on Information Technology (ITNG'07)


0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
Many cryptographic systems are based on
computational assumptions. Decrypting is Secret key cryptography
equivalent to solving some computationally • Requires secure channel for key distribution
difficult problem, one that cannot be answered in • In principle every classical channel can be
polynomial time in some security parameters. monitored passively
The central problem in cryptography is the key • Security is mostly based on complicated non
distribution problem, for which there are proven algorithms
essentially two solutions: one based on
mathematics, classical cryptography, and one
based on Physics (quantum cryptography). While Public key cryptography
classical cryptography relies on the • Security is based on non proven
computational difficulty of factoring large mathematical assumptions
integers, quantum cryptography relies on what (e. g. in RSA cipher, difficulty of
we believe to be the universal laws of quantum factoring large numbers)
mechanics. • Break through renders messages insecure
These classical cryptosystems come in two retroactively.
flavors: symmetric systems, and asymmetric
systems [6]. The security of public key 3. Quantum Cryptography
cryptosystems is based on computational
complexity. The idea is to use mathematical The idea of quantum cryptography was first
objects called one-way functions. So far, no one proposed in the 1970s [14,15], though it is only
has proved the existence of any one-way now that the field is applied to information
function with a trapdoor; so, the existence of security. One aspect of quantum cryptography is
secure asymmetric cryptosystems is not proven. to create cryptographic protocols to protect
This poses a serious threat to these quantum States that do have the property that
cryptosystems. For instance, an overnight they cannot be copied [11,12].
breakthrough in mathematics could make The main advantage of quantum
electronic money instantly worthless. To limit cryptography is that it gives us perfectly secure
such economic and social risks, there is no data transfer. The first successful quantum
alternative but to turn to symmetrical cryptographic device could translate a secret key
cryptosystems. QC has a role to play in such over 30 centimeters using polarized light, calcite
alternative systems. crystal(s), and other electro-optical devices.

2.2. Symmetrical (secret key) cryptosystems

Symmetrical ciphers require the use of a single


key for both encryption and decryption. The
symmetrical cryptosystems in use for routine
applications such as e-commerce employ rather
short keys. Like asymmetrical cryptosystems,
they offer only computational
security. However, for a given key length,
symmetrical systems are more secure than their
asymmetrical counterparts.
In practical implementations, asymmetrical
algorithms are used not so much for encryption,
because of their slowness, but rather for
distribution of session keys for symmetrical
cryptosystems such as DES. Because the security
of those algorithms is not proven, the security of
the whole implementation can be compromised.
If these algorithms were broken by mathematical Figure 3: A Quantum Cryptographic
advances, QC would constitute the only way to communication system for securely transferring
solve the key distribution problem. random key.
2.3 Barriers of Classical cryptography 3.1 Quantum Entanglement

2
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
Entanglement is a kind of quantum generated. No leakage of information occurs,
correlation that is stronger, in a certain sense, since the key is just a random sequence.
than any classical one. If some quantum system, The primary proposed application of QKD
consisting of several subsystems, is in an is to create a secret key, which is then used with
entangled state (even in a pure entangled state) the one-time pad to send unconditionally secure
its individual subsystems cannot be described by messages. We ensure secure communications by
pure quantum states. Entangled states can be using one-time pads in conjunction with
used to serve for quantum key distribution and quantum key distribution. The main drawback
quantum teleportation. for classical one-time pads is the distribution of
Quantum entanglement is a quantum encryption/decryption keys, and this is not a
mechanical phenomenon in which the quantum problem for quantum cryptography as we can
of two or more objects have to be described with transfer key data in a totally secure fashion.
reference to each other, even though the One of the best-known protocols for
individual objects may be spatially separated [3]. quantum key distribution is usually called BB84,
This leads to correlations between observable since it was proposed by Bennett and Brassard in
physical properties of the systems. As a result, 1984 [4]. In BB84, Alice sends Bob a random
measurements performed on one system seem to sequence of quantum bits (or qubits). These
be instantaneously influencing other systems quantum bits are equally likely to be in one of
entangled with it. four possible states, see table 1.

3.2 Quantum Key Distribution State Basis Value


|0> Z 0
Quantum mechanics has multiple |1> Z 1
cryptographic applications as well (see [8] for a
|0> + |1> X 0
survey). The best known is quantum key
distribution (QKD) [11], which enables Alice |0> - |1> X 1
and Bob to create a secure classical secret key
despite the potential presence of an Table 1: States of quantum bits
eavesdropper. QKD requires only an insecure
quantum channel and authenticated (but When Bob receives a qubit, he randomly
unencrypted) classical channels, but chooses to measure it either in the Z basis or the
unfortunately requires multiple rounds of back- X basis, and records the results. Then Alice
and-forth communication between Alice and announces which basis the state she sent came
Bob. from (the "Basis" column in the table), but not
QKD is a means of distributing keys from one what the state actually was, and Bob announces
party to another, and detecting eavesdropping. It which basis he measured in. If Bob measured in
allows two parties to establish a common the same basis that Alice used to prepare the
random secret key by taking advantage of the state, he should have gotten the result in the
fact that quantum mechanics does not allow for "Value" column of the table. Alice and Bob keep
distinguishing non-orthogonal states with the results for which they used the same basis
certainty. Within the framework of classical and discard the other bits. In the absence of
physics, information encoded into a property of a errors and eavesdropping, they now have an
classical object, can be acquired without identical string of bits, which can act as their
affecting the state of the object. However, if private key.
information is encoded into a property of a But, note that a clever Eve can adopt many
quantum object, any attempt to discriminate its possible strategies to fool Alice and Bob,
non-orthogonal states inevitably changes the including subtle quantum attacks entangling all
original state with a nonzero probability. And of the particles sent by Alice. Taking all
since eavesdropping is also governed by the laws possibilities into account, along with the effects
of quantum mechanics, these changes cause of realistic imperfections in Alice and Bob's
errors in transmissions and reveal the apparatus and channel, has been difficult. A long
eavesdropper. QKD cannot prevent from series of partial results has appeared over the
eavesdropping, but it enables legitimate users to years, addressing restricted sets of strategies by
discover it. If any eavesdropping is detected, the Eve, [2] but only in the past few years have
key is simply thrown away and a new one is complete proofs appeared.

3
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
One class of proofs, by Dominic Mayers quantum cryptographic protocols has turned out
[3] and subsequently by others, including Eli to be significantly easier than the implementation
Biham and collaborators and Michael Ben-Or, of quantum algorithms. Quantum cryptographic
[4] attacks the problem directly and proves that protocols are designed with the intention that
the standard BB84 protocol is secure. Another their security is guaranteed by the laws of
approach, by (HKL) and H. F. Chau [5]. proves quantum physics. Naturally it is necessary to
the security of a new QKD protocol that uses prove, for any given protocol, that this is indeed
quantum error-correcting codes [6]. The two the case. The most notable result in this area is
approaches have been unified by Peter Shor and Mayers’ proof [3] of the unconditional security
John Preskill, [7], who showed that a quantum of the quantum key distribution protocol “BB84”
error-correcting protocol could be modified to [12]. This proof guarantees the security of BB84
become BB84 without compromising its in the presence of an attacker who can perform
security. any operation allowed by quantum physics;
The proof of the security of QKD is a fine hence the security of the protocol will not be
theoretical result, but it does not mean that a real compromised by future developments in
QKD system would be secure [8]. Some known quantum computing. Mayers’ results, and others
and unknown security loopholes might prove to of the same kind [4,3], are extremely important
be fatal. Apparently minor quirks of a system can contributions to the study of quantum
sometimes provide a lever for an eavesdropper to cryptography.
break the encryption. For instance, instead of However, a mathematical proof of the
producing a single photon, a laser may produce security of a protocol does not in itself guarantee
two; Eve can keep one and give the other to Bob. the security of an implemented system which
She can then learn what polarization Alice sent relies on the protocol. Experience of classical
without revealing her presence. There are various cryptography has shown that, during the
possible solutions to this particular problem; it is progression from an idealized protocol to an
the unanticipated flaws that present the greatest implementation, many security weaknesses can
security hazard. Ultimately, we cannot have arise. For example: the system might not
confidence that a real-life quantum cryptographic correctly implement the desired protocol; there
system is secure until it has withstood attacks might be security flaws which only appear at the
from determined real-life adversaries. implementation level and which are not visible at
Traditionally, breaking cryptographic protocols the level of abstraction used in proofs; problems
has been considered to be as important as can also arise at boundaries between systems and
making them--the protocols that survive are between components which have different
more likely to be truly secure. The same standard execution models or data representations.
will have to be applied to QKD. Quantum cryptographic systems must be
Quantum key distribution is perhaps the analyzed at a level of detail that is closer to a
best-known example of an application of practical implementation. Computer scientists
quantum mechanics to cryptography, but there have developed a range of techniques and tools
are many others. For instance, quantum key for the analysis and verification of
distribution is closely related to a slightly communication systems and protocols. Those
stronger protocol called uncloneable encryption, particularly relevant to security analysis are
which uses quantum states to send an encrypted surveyed by Ryan et al. [7]. This approach has
classical message which cannot be read or even two key features. The first is the use of formal
copied by Eve. languages to precisely specify the behavior of
the system and the properties which it is meant
4. Quantum Cryptographic Protocols to satisfy. The second is the use of automated
software tools to either verify that a system
Recent interest in quantum cryptography has satisfies a specification or to discover flaws.
been stimulated by the fact that quantum There are classical solutions to insecure
algorithms, such as Shor’s algorithms for integer communication all rely on making some sort of
factorization and discrete logarithm [9], threaten assumption, about the computational power of a
the security of classical cryptosystems. A range cheater, about the number of cheaters, or
of quantum cryptographic protocols for key something of this kind. Based on quantum key
distribution, bit commitment, oblivious transfer distribution, one might hope that a quantum
and other problems [10] have been extensively computer might allow us to weaken or remove
studied. Furthermore, the implementation of these assumptions. For instance, it is possible to

4
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
make a quantum digital signature, which is point-to-point links rather than networks that
secure against all attacks allowed by quantum share connections.
mechanics. BBN Technologies, Harvard University and
Boston University researchers have built a six-
Many classical cryptographic protocols work by node quantum cryptography network that
building up the protocol from simpler protocols. operates continuously to provide a way to
Two particularly useful simple protocols are exchange secure keys between BBN and
Authentication of quantum messages [8] and the Harvard, which is about 10 kilometers away [3].
other called bit commitment. Standard classical The researchers will soon move one of the
cryptographic protocols for bit commitment rely network nodes across town to link Boston
on Bob having limited computational power. For University into the network. The network is
a while, it was thought quantum bit resilient because any node in the network can act
commitments protocols existed which were as a relay to connect two other nodes. Because
unconditionally secure. However, it turns out there are multiple connections to and from any
that if Alice and Bob have quantum computers, given node, "failure of a link or node does not
any protocol for which Bob cannot determine the mean that we have lost quantum cryptography.
value of Alice's bit allows Alice to safely change The quantum network uses secure
the bit without Bob finding out. This was a great point-to-point connections between nodes and
disappointment, and later results proved that allows a given node to relay secure
many other quantum cryptographic protocols cryptographic keys between two other nodes.
were also impossible. However, there are still a Because the quantum properties of photons are
number of possible protocols that have not been lost if they are observed, they cannot be copied,
ruled out, including some of considerable but making copies of light signals is the way
interest. Quantum computation may allow us to signals are boosted along ordinary
perform some of these operations more safely telecommunications lines.
than any classical protocol. Quantum repeaters, which are under
development at several research labs around the
world, would instead transfer the quantum state
5. Eavesdropping of one photon to another through interactions
with atoms or through the strange quantum
Eavesdropping is the intercepting and reading phenomenon of entanglement, which allows
of messages and conversations by unintended traits of two or more particles to be linked
recipients. One who participates in regardless of the distance between them.
eavesdropping, i.e. someone who secretly listens The network's photon sources are currently
in on the conversations of others, is called an heavily filtered lasers, which are extremely dim
eavesdropper. The origin of the term is literal, and sometimes emit more than one photon at a
from people who would literally hide out in the time[9].
eaves of houses to listen in on other people's The quantum cryptography network works with
private conversations. Internet protocols including the secure Internet
Protocol (IPsec) and creates a type of virtual
Eavesdropping can also be done over private network, which provides secure
telephone lines, email, instant messages, and any communications over unsecured networks like
other method of communication considered the Internet at large. The idea is that even if an
private. (If a message is publicly broadcast, eavesdropper is able to listen in on a line, he
witnessing it does not count as eavesdropping). would be unable to learn much about the
Messages can be protected against communications traversing it. The network is
eavesdropping by employing a security service ready for practical applications today.
of confidentiality (or privacy). This security
service is usually implemented by encryption. Magiq Technologies is creating a new line
of products that it says could help make quantum
encryption theoretically impossible to crack --
6. Quantum crypto network debuts
more palatable to mainstream customers. The
New York-based company said it has signed a
Quantum cryptography has the potential to deal with Cavium Networks, under which
guarantee perfectly secure communications, but Cavium's network security chips will be included
until now the entire prototype systems have been inside Magiq's servers and networking boards

5
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007

Authorized licensed use limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.
Magiq and Cavium will also create reference
designs for networking boards and cards, with all As this quantum cryptography is a new science
of the necessary silicon to create a quantum in a cryptosystem technology and many
encryption system. researchers from around the world are
Quantum properties other than polarization can discovering a way of incorporating some new
encode the value of a bit for the quantum key, devices and have already made a breakthrough, it
says Gregoire Ribordy, CEO of Swiss start-up looks quantum cryptography will be an advanced
Swiss start-up ID Quantique His company code- making technology which is theoretically
introduced the first commercial quantum- uncrackable. This is because of the laws of
cryptography products in 2002: single-photon quantum physics that dictate an eavesdropper
detectors and random-number generators, two could not measure the properties of a single
essential components for quantum-cryptography photon without the risk of altering those
systems. In 2003, the company partnered with properties. In other words, even if an
two electronic-security firms to develop a eavesdropper is able to listen in on a line, he/she
commercial system. could be unable to learn much about the
communications traversing it.
7. Conclusion
[9] Brassard, G., 1988, Modern Cryptology: A
8. References Tutorial, Lecture Notes in Computer Science,
Vol. 325 (Springer, New York).
[1] Bennett, C. H., and Brassard, G. Quantum
public key distribution reinvented. Sigact News [10] Shannon, C. E., 1949, ‘‘Communication
18(4) (1987), 51–53. theory of secrecy systems, ’’ Bell Syst. Tech. J.
28, 656–715.
[2] Bennett, C. H., Brassard, G., and Ekert, A. K.
Quantum cryptography. Sci. Am. 267, 4 (Oct. [11] Stallings, W., 1999, Cryptography and
1992), 50. Network

[3] Bennett, C. H., and DiVincenzo, D. P. [12] Wiesner, S., 1983, ‘‘Conjugate coding,’’
Quantum information and computation. Nature SIGACT News, 15,78–88
404 (2000), 247–55.
[13] Bennett, C. H., and G. Brassard, 1984, in
[4] Bennett, C. H., and Shor, P. W. Quantum Proceedings of the IEEE International
information theory. IEEE Transactions on Conference on Computers, Systems and Signal
Information Theory 44, 6 (1998), 2724–42. Processing, Bangalore, India, (IEEE, New
York), pp.175–179.
[5] Brassard, G. Cryptology column — 25 years
of quantum cryptography. Sigact News 27(3) [14] Bennett, C. H., and G. Brassard, 1985,
(1996), 13–24. ‘‘Quantum public key distribution system,’’ IBM
Tech. Discl. Bull. 28, 3153–3163.
[6] Gottesman, D., and Lo, H.-K. From quantum
cheating to quantum security. Physics Today 53, [15] W. K. Wootters and W. H. Zurek, “A single
11 (Nov. 2000), 22. quantum cannot be cloned,” Nature 299, 802
(1982).
[7] Lo, H.-K. Quantum Cryptology. World
Scientific, 1998.

[8] Singh, S., 1999, The Code Book: The Science


of Secrecy from Ancient Egypt to Quantum
Cryptography (Fourth Estate, London).

6
International Conference on Information Technology (ITNG'07)
0-7695-2776-0/07 $20.00 © 2007

Authorized licensed
View publication statsuse limited to: INDIAN INSTITUTE OF TECHNOLOGY MADRAS. Downloaded on February 9, 2009 at 00:16 from IEEE Xplore. Restrictions apply.