1 / 43

Quantum Cryptography Beyond the buzz

Quantum Cryptography Beyond the buzz. Grégoire Ribordy CERN, May 3rd 2006. Outline. Quantum physics and information technology The limits of classical cryptography The principles of quantum cryptography Practical systems and applications Future directions. Moore’s law and quantum physics.

jamesalewis
Download Presentation

Quantum Cryptography Beyond the buzz

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Quantum CryptographyBeyond the buzz Grégoire Ribordy CERN, May 3rd 2006

  2. Outline • Quantum physics and information technology • The limits of classical cryptography • The principles of quantum cryptography • Practical systems and applications • Future directions

  3. Moore’s law and quantum physics

  4. Classical physics … - 1900 Describes the macroscopic world Deterministic Intuitive Quantum physics 1900 - … Description of the microscopic world Probabilistic Central role of the observer Not very intuitive Quantum physics  Novel information processing possibilities  Quantum Information Theory (QIT) Classical and Quantum physics

  5. High bit rate 4 or 16 Mbits/s Continuous monitoring Main OS’s supported Generating random numbers with quantum physics

  6. Outline • Quantum physics and information technology • The limits of classical cryptography • The principles of quantum cryptography • Practical systems and applications • Future directions

  7. Alice Bob Introduction: Classical Cryptography • Secret Key Cryptography • Public Key Cryptography Different keys  Key exchange solved Vulnerabilities!!!

  8. Security of public key cryptography Encryption Decryption (with key) Selected Key Length

  9. Vulnerabilities of public key cryptography Selected Key Length

  10. Vulnerabilities of public key cryptography & Theoretical progress Selected Key Length

  11. Message Message Alice Scrambled Bob Message Å Å Secret Key Secret Key Where does Quantum Cryptography fit in? Secret key exchange by quantum cryptography Quantum Cryptography is a key distribution technique! Quantum Key Distribution is a better name!!!

  12. Outline • Quantum physics and information technology • The limits of classical cryptography • The principles of quantum cryptography • Practical systems and applications • Future directions

  13. Fragile ! Physical implementation of a data channel Classical communication Quantum communication "0" "1" "1" • Security guaranteed by the laws of quantum physics

  14. sk’ |...> Quantum Cryptography: rules of the game Classical channel • Details of the protocole publicly known • Goal: to produce a secret key or nothing  « Eve cannot do better than cutting the line » Alice and Bob: to estimate Eve’s information on key IAE small: Produce a key IAE large: Quantum channel Eve QUANTUM KEY DISTRIBUTION

  15. Polarization of Photons • Direction of oscillation of the electric field associated to a lightwave • Polarization states • What can we do with it ? 50 % 50 %

  16. Irreversibility of Measurements Incoming photon polarized at 90 Incoming photon polarized at 45 50 % 50 % Rotation of polarizer

  17. Quantum communications • Transmitting information with a single-photon • Use a quantum property to carry information Liner States = "0" = |0> = "1" = |1>

  18. 50% 50% Eavesdropping (1) • A single-photon constitutes an elementary quantum system It cannot be split • Semi-transparent mirror

  19. Eavesdropping (2) • Communication interception • Use quantum physics to force spy to introduce errors in the communication Alice Bob |0> |0> Eve

  20. Quantum Cryptography Protocole • BB84 • A better name: Quantum Key Distribution 0 0 0 0

  21. Eavesdropping (3) Alice 50% 50% Eve 50% 50% Bob 50% 50% 50% 50% Ok Error Ok Ok Error

  22. Key Distillation (ideal case) Alice Bob Qubits Transmission Quantum channel Sifted key Basis Reconciliation QBER estimate Reveals rather than prevents eavesdropping A better name: quantum key distribution 0 : no eavesdropping QBER = > 0 : eavesdropping

  23. Key Distillation (realistic case) Alice Bob Qubits Transmission Quantum channel (losses) Raw key Public channel Basis Reconciliation Sifted key QBER estimate Error correction Privacy amplification Key Key

  24. 1.0 0.8 IAE Secret key rate Opt. indiv. attack 0.6 Shannon Information 0.4 0.2 0.0 0.0 0.1 0.2 0.3 0.4 QBER Information curves

  25. The Principles of Quantum Cryptography: Summary Conventional Symmetric Cryptography Key Use Integrity Verification Key Distillation Quantum Cryptography Quantum Communication Raw key exchange Future-proof key exchange with security guaranteed by the laws of physics Point-to-point optical link

  26. Outline • Quantum physics and information technology • The limits of classical cryptography • The principles of quantum cryptography • Practical systems and applications • Future directions

  27. Building a Quantum Key Distibution System • Necessary components • “System approach” Channel Single-Photon Source Single-Photon Detector

  28. Polarization Coding • Typical system

  29. Interferences

  30. Interferometer • Classical interference

  31. Compatible: Alice fA  Di Bob Di  fA Incompatible: Alice and Bob ?? Bases (fA-fB = np) (fA-fB = p/2) Phase encoding • Quantum optics: single-photon Base 1: fA = 0; p Base 2: fA = p/2; 3 p/2 Basis choice: fB = 0; p/2

  32. 80 CL + LC 60 LL CC 40 20 0 Time (ns) -3 -2 -1 0 1 2 3 Phase encoding (2) • Stability of such system ??? • In practice 10 km 10 km ± l/10 (100 nm) +

  33. Auto-compensated set-up • Time multiplexing

  34. Signal, Noise psignal pnoise Distance Practical requirements • Distance limitation < 100 km Current range is sufficient for a vast majority of MAN/SAN applications • Point-to-point dark fiber • Amplifiers • Opto-electro-opto conversion perturbation of the quantum state of the photon

  35. Link Encryptors with QKD • Network Appliance • Point-to-point link encryption • Layer 2 device • Network protocole independent • Compatible with higher layer encryption • Specifications • - Encryption: AES (128, 192, 256 bits) • Key rate as high as 100 keys / s • Distance < 100 km (60 miles) • Pair of dark fiber • Target Applications • MAN or SAN encryption

  36. « Swiss Quantum » Pilot Site

  37. Outline • Quantum physics and information technology • The limits of classical cryptography • The principles of quantum cryptography • Practical systems and applications • Future directions

  38. Extending the key distribution distance • Chaining links • Better components • Free space links to low-earth-orbit (LEO) satellites • Quantum relays and repeaters Tokyo Geneva

  39. Compatibility with conventional optical networks • Optical switching • WDM Links

  40. Thank you very much for your attention id Quantique SA Chemin de la Marbrerie, 3 CH-1227 Carouge Switzerland Ph: +41 22 301 83 71 Fax: +41 22 301 83 79 info@idquantique.com www.idquantique.com

  41. Optical Taps • Optical taps are cheap and simple to use « Tapping a fibre-optic cable without being detected, and making sense of the information you collect isn’t trivial but has certainly been done by intelligence agencies for the past seven or eight years. These days, it is within the range of a well funded attacker, probably even a really curious college physics major with access to a fibre optics lab and lots of time on his hands. » John Pescatore, former NSA Analyst The submarine « USS Carter » worth $4.1 bn will be able to tap and eavesdrop undersea cables.

  42. Key use • The key produced by a quantum cryptography system is used with conventional symmetric encryption algorithms • One-time pad  « unconditional security » • Other symmetric algorithms (AES, Tripe-DES, etc.)  enhanced security by frequent key change • Why is Quantum Cryptography not used to transmit data? • Quantum Cryptography cannot guarantee that one particular bit will actually be received. With a random key, it is not a problem. With data, it is. 2) Quantum Cryptography does not prevent eavesdropping, but reveals it a posteriori. Sending a key and verifying its secrecy allows to prevent information leakage.

  43. Device Authentication Initial key Authentication key n Session n Quantum Cryptography Session n: key material Authentication key refreshed Encryption/decryption key Authentication key

More Related