Gsis cist hwa yean lee 2005 2 21
Download
1 / 16

Authenticated QKD protocol using one-time ID - PowerPoint PPT Presentation


  • 95 Views
  • Uploaded on

GSIS / CIST Hwa Yean Lee 2005. 2. 21. Authenticated QKD protocol using one-time ID. Contents. Introduction Authentication with one-time ID Quantum Key distribution Security proof Conclusion. 1. Introduction. QKD (Quantum Key Distribution) protocols Advantage

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Authenticated QKD protocol using one-time ID ' - connor-mcconnell


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Gsis cist hwa yean lee 2005 2 21

GSIS / CIST

Hwa Yean Lee

2005. 2. 21

Authenticated QKD protocol using one-time ID


Contents
Contents

  • Introduction

  • Authentication with one-time ID

  • Quantum Key distribution

  • Security proof

  • Conclusion


1 introduction
1. Introduction

  • QKD (Quantum Key Distribution) protocols

    • Advantage

      : Unconditional security

    • Disadvantage

      : Vulnerability to the Man-in-the middle attack


1 introduction 2
1. Introduction(2)

  • Miloslav Dusek, Ondrej Haderka, Martin Hendrych, and Robert Myska, PRA, 60, 149-156 (1999)

  • Bao-Sen Shi, Jian Li, Jin-Ming Liu, Xiao-Feng Fan, Guang-Can Guo, Physics Letters A 281  83-87 (2001)

  • Guihua Zeng and Weiping Zhan, PRA, 61, 022303 (2000)

  • Daniel Ljunggren, Mohamed Bourennane, and Anders Karlsson, PRA, 62, 022305 (2000)

  • Takashi Mihara, PRA, 65, 052326 (2002)


2 authentication with one time id
2. Authentication with one-time ID

  • Preparation

    • Each user register him to the arbitrator

      : secret user and one-way function

    • One-way authentication key of a user, Alice is

      where is a count.

      • If is 1, then the Hadamard operator is applied, else the identity operator is applied to the ith qubit.

      • If does not have enough length to encode the qubits, then can be used, where .


2 authentication with one time id 2
2. Authentication with one-time ID (2)

  • Procedure of the authentication

    • Alice request a secure communication with Bob to the arbitrator.

    • The arbitrator prepares GHZ tripartite states.

    • He encodes Alice’s and Bob’s particles of GHZ states with and , respectively.

      where is Alice’s authentication key

      and is Bob’s.


2 authentication with one time id 3
2. Authentication with one-time ID (3)

  • Procedure of the authentication(2)

    • The arbitrator sends the encoded qubits to Alice and Bob respectively.

    • Alice and Bob decode their qubits with their authentication key and selects some bits.

    • Alice and Bob measure the bits and compare the results.

    • If the results are same, they can authenticate each other and do the following key distribution procedure. Otherwise they abort the protocol.


2 authentication with one time id 4
2. Authentication with one-time ID (4)

  • Transformation of the GHZ states


3 quantum key distribution
3. Quantum Key distribution

  • Procedure of the key distribution

    • Using the remaining particles after authentication, Alice and Bob randomly make an operation either or on each particles, respectively.

    • Alice sends her particles to the arbitrator and Bob sends his to Alice.

    • The arbitrator perform C-NOT operation, where the control qubit is his and the target qubits is from Alice.

    • The arbitrator measures each qubits(Alice’s and his) and announces the measurement outcomes are same(O) or not(X).


3 quantum key distribution 2
3. Quantum Key distribution (2)

  • Procedure of the key distribution (2)

    • Alice measures the GHZ particles received from Bob.

    • Using the information published by the arbitrator, Alice can find Bob’s sequence of the operations.

    • The Bob’s sequence of the operations can be used as a raw secret key.



4 security proof

The Arbitrator

Alice

Bob

Eve

4. Security proof

  • Man-in-the middle attack

    • In the authentication process

      • Eve introduces errors

        with probability ¼

        for each check bit

        in the authentication

        procedure.

      • On knowing

        the hash function,

        Eve can estimate only

        some bits of hashed value.


4 security proof 2
4. Security proof (2)

  • Intercept-resend attack

    • Intercepts both the qubits heading to Alice or Bob in the authentication and the qubits heading to Alice or the authentication in the key distribution.

      • When Eve intercepts one-side in the key distribution,

        the probability of detection is 3/8.

      • When Eve intercepts both-side in the key distribution,

        the probability of detection is 7/16.

      • But she cannot be aware of the exact key since Alice and Bob’s information of operations are not exposed to Eve.


4 security proof 3
4. Security proof (3)

  • Intercept-resend attack (2)

    • Intercept only the qubits transmitted in the key distribution

      • Eve only can know Alice and Bob use same operation or not.

      • The probability of inferring correct key is .


4 security proof 4
4. Security proof (4)

  • Eve Eavesdrops Alice’s (Bob’s) qubits transmitted to the arbitrator (Alice) after Alice and Bob make operations on decoded GHZ states


5 conclusion
5. Conclusion

  • QKD with authentication using one-time ID is proposed.

  • Authentication with one-time ID can be used on the various fields of quantum cryptography.

  • The neutrality of the arbitrator is important for the security of the proposed scheme.

     More research on this problem are needed.


ad